Malpedia Library

Click here to download all references as Bib-File.•

2022-07-13 ⋅ Check Point ⋅ Check Point Research
A Hit is made: Suspected India-based Sidewinder APT successfully cyber attacks Pakistan military focused targets
Unidentified 093 (Sidewinder)

2022-07-13 ⋅ Trellix ⋅ Mohsin Dalla, Sushant Kumar Arya
Targeted Attack on Government Agencies
AsyncRAT LimeRAT

2022-07-13 ⋅ Malwarebytes Labs ⋅ Hossein Jazi, Roberto Santos
Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign
Cobalt Strike

2022-07-12 ⋅ Team Cymru ⋅ Team Cymru
An Analysis of Infrastructure linked to the Hagga Threat Actor
Hagga

2022-07-12 ⋅ Microsoft ⋅ Microsoft 365 Defender Research Team, Microsoft Threat Intelligence Center (MSTIC)
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

2022-07-12 ⋅ Team Cymru ⋅ Kyle Krejci
An Analysis of Infrastructure linked to the Hagga Threat Actor
Agent Tesla

2022-07-12 ⋅ Artik Blue ⋅ Artik Blue
Malware analysis with IDA/Radare2 - Multiple unpacking (Ramnit worm)
Ramnit

2022-07-12 ⋅ Zscaler ⋅ Aditya Sharma, Tarun Dewan
Rise in Qakbot attacks traced to evolving threat techniques
QakBot

2022-07-11 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0056 attack on Ukrainian state organizations using Cobalt Strike Beacon (CERT-UA#4941)
Cobalt Strike

2022-07-11 ⋅ BBC ⋅ Joe Tidy
Predatory Sparrow: Who are the hackers who say they started a fire in Iran?
Predatory Sparrow

2022-07-11 ⋅ Soc Investigation ⋅ BalaGanesh
Threat Actors Delivers New Rozena backdoor with Follina Bug – Detection & Response
Rozena

2022-07-11 ⋅ Security Affairs ⋅ Pierluigi Paganini
Anubis Networks is back with new C2 server
Anubis

2022-07-10 ⋅ Seguranca Informatica ⋅ Pedro Tavares
Anubis Network is back with new C2 server

2022-07-10 ⋅ Minerva Labs ⋅ Natalie Zargarov
Lockbit 3.0 AKA Lockbit Black is here, with a new icon, new ransom note, new wallpaper, but less evasiveness?
LockBit

2022-07-09 ⋅ Artik Blue ⋅ Artik Blue
Malware analysis with IDA/Radare2 - Basic Unpacking (Dridex first stage)
Dridex

2022-07-08 ⋅ Twitter (@billyleonard) ⋅ Billy Leonard
Twiiter thread about some recent Turla activity spoofing the Azov Regiment ... but targeting Android users.

2022-07-07 ⋅ SOCRadar ⋅ SOCRadar
Brute Ratel Utilized By Threat Actors In New Ransomware Operations
Brute Ratel C4

2022-07-07 ⋅ IBM ⋅ Charlotte Hammond, Kat Weinberger, Ole Villadsen
Unprecedented Shift: The Trickbot Group is Systematically Attacking Ukraine
AnchorMail BumbleBee Cobalt Strike IcedID Meterpreter

2022-07-07 ⋅ Sentinel LABS ⋅ Tom Hegel
Targets of Interest - Russian Organizations Increasingly Under Attack By Chinese APTs
8.t Dropper Korlia Tonto Team

2022-07-06 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0056 cyberattack on Ukrainian state organizations using Cobalt Strike Beacon (CERT-UA#4914)
Cobalt Strike