Malpedia Library

2022-05-06 ⋅ Twitter (@MsftSecIntel) ⋅ Microsoft Security Intelligence
Twitter Thread on initial infeciton of SocGholish/ FAKEUPDATES campaigns lead to BLISTER Loader, CobaltStrike, Lockbit and followed by Hands On Keyboard activity
FAKEUPDATES Blister Cobalt Strike LockBit

2022-05-04 ⋅ Twitter (@felixw3000) ⋅ Felix
Twitter Thread with info on infection chain with IcedId, Cobalt Strike, and Hidden VNC.
Cobalt Strike IcedID PhotoLoader

2022-05-04 ⋅ Twitter (@ESETresearch) ⋅ Twitter (@ESETresearch)
Twitter thread on code similarity analysis, focussing on IsaacWiper and recent Cluster25 publication
IsaacWiper

2022-04-28 ⋅ Twitter (@vinopaljiri) ⋅ Jiří Vinopal
#ONYX Ransomware is based on #Chaos Ransomware Builderv4
Chaos

2022-04-28 ⋅ vx-underground ⋅ Twitter (@vxunderground)
Tweet on leaked Prynt Stealer source code and similarity to AyncRAT
AsyncRAT Prynt Stealer

2022-04-19 ⋅ Twitter (@Cryptolaemus1) ⋅ Cryptolaemus
#Emotet Update: 64 bit upgrade of Epoch 5
Emotet

2022-04-14 ⋅ Twitter (@silascutler) ⋅ Silas Cutler
Tweet on sample discovery for potential INCONTROLLER
INCONTROLLER

2022-04-12 ⋅ Twitter (@silascutler) ⋅ Silas Cutler
Tweet on analysis of CADDYWIPER used alongside with INDUSTROYER2
CaddyWiper INDUSTROYER2

2022-04-12 ⋅ Twitter (@apt773) ⋅ Section 773
Tween on Lapsus$ (UNC3661) Attack chain of compromise via Sitel (Okta subprocessor)'s systems

2022-04-11 ⋅ Twitter (@3xp0rtblog) ⋅ 3xp0rt
Tweet on Safire Miner

2022-04-07 ⋅ Twitter (@ChicagoCyber) ⋅ Joshua Miller
Tweet on TA455 (Iranian threat actor) IoCs

2022-04-01 ⋅ Twitter (@3xp0rtblog) ⋅ 3xp0rt
Tweet on 000stealer, written in GO and its panel
000Stealer

2022-03-31 ⋅ Twitter (@3xp0rtblog) ⋅ 3xp0rt
Tweet on Eternity stealer
Eternity Stealer

2022-03-31 ⋅ Twitter (@LukasStefanko) ⋅ Lukáš Štefanko
Tweet on VajraSpy
VajraSpy

2022-03-30 ⋅ Twitter (@hpsecurity) ⋅ HP Wolf Security
Tweet on recent Mekotio Banker campaign
Mekotio

2022-03-24 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on PipeMon variants by Winnti Group
PipeMon

2022-03-24 ⋅ Twitter (@struppigel) ⋅ Karsten Hahn
Tweet on Ginzo Stealer
Ginzo Stealer

2022-03-15 ⋅ Twitter (@HackNPatch) ⋅ HackNPatch
Tweet on Exploring CaddyWiper API resolution
CaddyWiper

2022-03-14 ⋅ Twitter (@ESETresearch) ⋅ ESET Research
Tweet on CaddyWiper as 3rd destructive wiper found deployed against Ukraine
CaddyWiper Sunglow Blizzard

2022-03-12 ⋅ Twitter (@ET_Labs) ⋅ ET Labs
A quick thread examining the network artifacts of the HermeticWizard spreading
HermeticWizard