Malpedia Library

Click here to download all references as Bib-File.•

2021-11-10 ⋅ Cisco Talos ⋅ Asheer Malhotra, Jungsoo An, Kendall McKay
North Korean attackers use malicious blogs to deliver malware to high-profile South Korean targets
GoldDragon

2021-11-09 ⋅ Cisco Talos ⋅ Claudio Bozzato, Lilith Wyatt
Cisco Talos finds 10 vulnerabilities in Azure Sphere’s Linux kernel, Security Monitor and Pluton

2021-11-03 ⋅ Cisco Talos ⋅ Caitlin Huey, Chetan Raghuprasad, Vanja Svajcer
Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk
Babuk CHINACHOPPER

2021-10-26 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Mariano Graziano, Nick Mavis
SQUIRRELWAFFLE Leverages malspam to deliver Qakbot, Cobalt Strike
Cobalt Strike QakBot Squirrelwaffle

2021-10-19 ⋅ Cisco Talos ⋅ Asheer Malhotra
Malicious campaign uses a barrage of commodity RATs to target Afghanistan and India
DCRat Quasar RAT

2021-10-19 ⋅ Cisco ⋅ Artsiom Holub
STRRAT, ZLoader, and HoneyGain
STRRAT Zloader

2021-10-18 ⋅ NortonLifeLock ⋅ Norton Labs
Operation Exorcist - 7 Years of Targeted Attacks against the Roman Catholic Church
NewBounce PlugX Zupdax

2021-10-18 ⋅ CISA ⋅ US-CERT
Alert (AA21-291A): BlackMatter Ransomware
BlackMatter BlackMatter

2021-10-14 ⋅ CISA ⋅ US-CERT
Alert (AA21-287A) Ongoing Cyber Threats to U.S. Water and Wastewater Systems

2021-10-07 ⋅ Kaspersky ⋅ Fedor Sinitsyn, Yanis Zinchenko
Ransomware in the CIS
Cryakl Dharma Hakbit Phobos Void

2021-10-04 ⋅ Cisco ⋅ Tiago Pereira
Threat hunting in large datasets by clustering security events
BazarBackdoor TrickBot

2021-09-30 ⋅ Cisco ⋅ Arnaud Zobec, Vitor Ventura
A wolf in sheep's clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus

2021-09-22 ⋅ CISA ⋅ US-CERT
Alert (AA21-265A) Conti Ransomware
Cobalt Strike Conti

2021-09-16 ⋅ Cisco ⋅ Tiago Pereira, Vitor Ventura
Operation Layover: How we tracked an attack on the aviation industry to five years of compromise
AsyncRAT Houdini NjRAT

2021-09-16 ⋅ CISA ⋅ US-CERT
APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus

2021-08-31 ⋅ Cisco Talos ⋅ Edmund Brumaghin, Vitor Ventura
Attracting flies with Honey(gain): Adversarial abuse of proxyware

2021-08-12 ⋅ Cisco Talos ⋅ Vanja Svajcer
Signed MSI files, Raccoon and Amadey are used for installing ServHelper RAT
Amadey Raccoon ServHelper

2021-07-28 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), CISA, FBI, NCSC UK
Top Routinely Exploited Vulnerabilities

2021-07-21 ⋅ CISA ⋅ US-CERT
Malware Targeting Pulse Secure Devices

2021-07-20 ⋅ CISA ⋅ US-CERT
Alert (AA21-201A): Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013