Malpedia Library

Click here to download all references as Bib-File.•

2025-02-13 ⋅ Volexity ⋅ Charlie Gardner, Steven Adair, Tom Lancaster
Multiple Russian Threat Actors Targeting Microsoft Device Code Authentication

2025-02-13 ⋅ Recorded Future ⋅ Insikt Group
RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers
GhostEmperor

2025-02-12 ⋅ Hunt.io ⋅ Hunt.io
Tracking Pyramid C2: Identifying Post-Exploitation Servers in Hunt
Pyramid

2025-02-12 ⋅ ⋅ Donga ⋅ Shin Gyu-jin
Suspected North Korean hacker hacks a large number of data from a government document system developer

2025-02-12 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation
LocalOlive

2025-02-12 ⋅ Bleeping Computer ⋅ Bill Toulas
Surge in attacks exploiting old ThinkPHP and ownCloud flaws

2025-02-12 ⋅ The Hacker News ⋅ Ravie Lakshmanan
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack

2025-02-11 ⋅ Sekoia ⋅ Pierre Le Bourhis
RATatouille: Cooking Up Chaos in the I2P Kitchen
Unidentified 118

2025-02-11 ⋅ EclecticIQ ⋅ Arda Büyükkaya
Sandworm APT Targets Ukrainian Users with Trojanized Microsoft KMS Activation Tools in Cyber Espionage Campaigns
Kalambur BACKORDER DCRat

2025-02-11 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Threat Intelligence
Twitter Thread on a new Kimsuky tactic inciting admins to paste powershell

2025-02-10 ⋅ HarfangLab ⋅ HarfangLab CTR
Further insights into Ivanti CSA 4.6 vulnerabilities exploitation
Godzilla Webshell Behinder

2025-02-06 ⋅ Microsoft ⋅ Microsoft Threat Intelligence
Code injection attacks using publicly disclosed ASP.NET machine keys

2025-02-05 ⋅ cyble ⋅ Cyble
Stealthy Attack: Dual Injection Undermines Chrome’s App-Bound Encryption

2025-02-05 ⋅ Bitdefender ⋅ Alina Bizga, Andrei ANTON-AANEI
Lazarus Group Targets Organizations with Sophisticated LinkedIn Recruiting Scam
tsunami

2025-02-04 ⋅ Trend Micro ⋅ Peter Girnus
CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks
SmokeLoader

2025-02-02 ⋅ Team82 ⋅ Team82
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated…
CMS8000 Backdoor

2025-02-01 ⋅ ⋅ Youtube (greenplan) ⋅ greenplan
[BINARY REFINERY] (Emmenhtal) - Deobfuscation of AES encryption and writing of a Unit (PART 2)
Emmenhtal

2025-01-31 ⋅ ConnectWise ⋅ Blake Eakin
Attackers Leveraging Microsoft Teams Defaults and Quick Assist for Social Engineering Attacks
Black Basta Black Basta ReedBed

2025-01-30 ⋅ eSentire ⋅ eSentire
Ongoing Email Bombing Campaigns leading to Remote Access and Post-Exploitation
Black Basta ReedBed UNC4393

2025-01-30 ⋅ Bitdefender ⋅ Martin Zugec
UAC-0063: Cyber Espionage Operation Expanding from Central Asia
HATVIBE