Malpedia Library

Click here to download all references as Bib-File.•

2022-11-17 ⋅ Cisco Talos ⋅ Chris Neal
Get a Loda This: LodaRAT meets new friends
Loda Kasablanka

2022-11-09 ⋅ Cisco Talos ⋅ Edmund Brumaghin
Threat Spotlight: Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns
Agent Tesla

2022-11-02 ⋅ CySecurity News ⋅ CySecurity News
Missile Supplier MBDA Breach Disclosed by CloudSEK
Adrastea

2022-10-27 ⋅ vmware ⋅ Takahiro Haruyama
Threat Analysis: Active C2 Discovery Using Protocol Emulation Part3 (ShadowPad)
ShadowPad

2022-10-24 ⋅ Medium s2wlab ⋅ Lee Sebin, Shin Yeongjae
Unveil the evolution of Kimsuky targeting Android devices with newly discovered mobile malware
FastFire FastSpy

2022-10-07 ⋅ ISC ⋅ Xavier Mertens
Powershell Backdoor with DGA Capability
FTCODE

2022-09-08 ⋅ Cisco Talos ⋅ Asheer Malhotra, Jung soo An, Vitor Ventura
Lazarus and the tale of three RATs
MagicRAT MimiKatz VSingle YamaBot

2022-09-07 ⋅ Cisco Talos ⋅ Asheer Malhotra, Jung soo An, Vitor Ventura
MagicRAT: Lazarus’ latest gateway into victim networks
MagicRAT Tiger RAT

2022-08-30 ⋅ eSentire ⋅ eSentire Threat Response Unit (TRU)
Hacker Infrastructure Used in Cisco Breach Discovered Attacking a Top Workforce Management Corporation & an Affiliate of Russia’s Evil Corp Gang Suspected, Reports eSentire
Cobalt Strike FiveHands UNC2447

2022-08-30 ⋅ Cisco ⋅ Vanja Svajcer
ModernLoader delivers multiple stealers, cryptominers and RATs
Coinminer DCRat ModernLoader RedLine Stealer SapphireMiner SystemBC

2022-08-19 ⋅ SANS ISC ⋅ Brad Duncan
Brazil malspam pushes Astaroth (Guildma) malware
Astaroth

2022-08-19 ⋅ Uptycs ⋅ Nischay Hedge, Siddharth Sharma
Is Tox The New C&C Method For Coinminers?
Unidentified ELF 006 (Tox Backdoor)

2022-08-12 ⋅ SANS ISC ⋅ Brad Duncan
Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike
Cobalt Strike DarkVNC IcedID

2022-08-10 ⋅ Cisco ⋅ Nick Biasini
Cisco Talos shares insights related to recent cyber attack on Cisco
Yanluowang UNC2447

2022-08-09 ⋅ Cisco ⋅ Onur Mustafa Erdogan
Raspberry Robin: Highly Evasive Worm Spreads over External Disks
Raspberry Robin

2022-08-04 ⋅ Cisco Talos ⋅ Arnaud Zobec, Azim Khodjibaev, Edmund Brumaghin, Matt Thaxton
Attackers leveraging Dark Utilities "C2aaS" platform in malware campaigns

2022-08-02 ⋅ Cisco Talos ⋅ Asheer Malhotra, Vitor Ventura
Manjusaka: A Chinese sibling of Sliver and Cobalt Strike
Manjusaka Cobalt Strike Manjusaka

2022-07-28 ⋅ Kaspersky Labs ⋅ Igor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data
Lofy

2022-07-28 ⋅ Kaspersky ⋅ Igor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data

2022-07-27 ⋅ SANS ISC ⋅ Brad Duncan
IcedID (Bokbot) with Dark VNC and Cobalt Strike
DarkVNC IcedID