Malpedia Library

Click here to download all references as Bib-File.•

2023-02-23 ⋅ Bitdefender ⋅ Bitdefender Team, Martin Zugec
Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966
Cobalt Strike DarkComet QuiteRAT RATel

2023-02-23 ⋅ Andrea Fortuna's Blog ⋅ Andrea Fortuna
How to detect Brute Ratel activities
Brute Ratel C4

2023-02-23 ⋅ Jamf Blog ⋅ Ferdous Saljooki, Jaron Bradley, Matt Benyo
Evasive cryptojacking malware targeting macOS found lurking in pirated applications

2023-02-23 ⋅ Arctic Wolf ⋅ Markus Neis, Ross Phillips, Seth Battles, Steven Campbell
Getting Dumped: A Trust Relationship Destroyed by Lorenz
Lorenz

2023-02-22 ⋅ SOC Prime ⋅ Daryna Olyniychuk
New Phishing Attack Detection Attributed to the UAC-0050 and UAC-0096 Groups Spreading Remcos Spyware
Remcos UAC-0050

2023-02-22 ⋅ Symantec ⋅ Symantec Threat Hunter Team
Hydrochasma: Previously Unknown Group Targets Medical and Shipping Organizations in Asia
Cobalt Strike

2023-02-21 ⋅ Sekoia ⋅ Livia Tibirna, Maxime A, Sekoia TDR
One Year After: The Cyber Implications of the Russo-Ukrainian War
Callisto

2023-02-21 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyber attack of the group UAC-0050 (UAC-0096) using the Remcos program (CERT-UA#6011)
Remcos UAC-0050

2023-02-21 ⋅ Zscaler ⋅ Nikolaos Pantazopoulos, Sarthak Misraa
Technical Analysis of Rhadamanthys Obfuscation Techniques
Rhadamanthys

2023-02-21 ⋅ SecurityIntelligence ⋅ Ruben Boonen
Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
FudModule

2023-02-20 ⋅ Sekoia ⋅ Pierre Le Bourhis, Quentin Bourgue, Threat & Detection Research Team
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part 1
Stealc

2023-02-20 ⋅ Trendmicro ⋅ Byron Gelera, Ivan Nicole Chavez, Nathaniel Morales
Royal Ransomware Expands Attacks by Targeting Linux ESXi Servers
Royal Ransom Royal Ransom

2023-02-19 ⋅ Medium System Weakness ⋅ Lena (LambdaMamba)
Investigating a Fake KDDI Smishing Campaign that abuses Duck DNS
Roaming Mantis

2023-02-18 ⋅ secrss ⋅ Qianxin Virus Response Center
Don’t follow in the footsteps of the 4 billion data leak incident! Early warning for attacks in the financial and securities industries
ValleyRAT

2023-02-18 ⋅ malware.love ⋅ Robert Giczewski
TrueBot Analysis Part II - Static unpacker
Silence

2023-02-17 ⋅ Trend Micro ⋅ Jaromír Hořejší, Joseph C Chen
Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack
WhiskerSpy Earth Kitsune

2023-02-17 ⋅ cyble ⋅ Cyble
The Many Faces of Qakbot Malware: A Look at Its Diverse Distribution Methods
QakBot

2023-02-16 ⋅ ThreatMon ⋅ Seyit Sigirci (@h3xecute), ThreatMon Malware Research Team
APT SideCopy Targeting Indian Government Entities - Analysis of the new version of ReverseRAT
Unidentified 005 (Sidecopy) ReverseRAT

2023-02-16 ⋅ SentinelOne ⋅ Aleksandar Milenkoski, Collin Farr, Joey Chen, QGroup
WIP26 Espionage | Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks

2023-02-16 ⋅ ThreatZero ⋅ Raphael Mendonça
Mass Attack buhtiRansom - CVE-2022–47986