Malpedia Library

Click here to download all references as Bib-File.•

2023-07-26 ⋅ Sophos
Into the tank with Nitrogen
Nitrogen Loader

2023-07-26 ⋅ DataBreaches.net ⋅ Dissent
Major Malaysian water utilities company hit by hackers; Ranhill offline; hackers claim databases and backups deleted
Desorden Group

2023-07-26 ⋅ Talos ⋅ Nicole Hoffman
Incident Response trends Q2 2023: Data theft extortion rises, while healthcare is still most-targeted vertical
BianLian Clop LockBit Royal Ransom LockBit 8Base BianLian Clop LockBit Money Message Royal Ransom

2023-07-26 ⋅ SPUR ⋅ Riley Kilmer
Christmas in July: A finely wrapped Malware Proxy Service
AVrecon

2023-07-26 ⋅ cocomelonc ⋅ cocomelonc
Malware development trick - part 35: Store payload in alternate data streams. Simple C++ example.
Valak POWERSOURCE Gazer PowerDuke

2023-07-26 ⋅ ⋅ Weixin ⋅ Anheng Threat Intelligence Center
APT29 recently faked the German embassy and issued a malicious PDF file
BEATDROP Unidentified 107 (APT29)

2023-07-26 ⋅ Arctic Wolf ⋅ Akshay Suthar, Connor Belfiore, Steven Campbell
Conti and Akira: Chained Together
Akira Conti

2023-07-25 ⋅ K7 Security ⋅ Vigneshwaran P
Akira’s Play with Linux
Akira

2023-07-25 ⋅ Zscaler ⋅ Meghraj Nandanwar, Pradeep Mahato, Satyam Singh
Hibernating Qakbot: A Comprehensive Study and In-depth Campaign Analysis
QakBot

2023-07-25 ⋅ KrebsOnSecurity ⋅ Brian Krebs
Who and What is Behind the Malware Proxy Service SocksEscort?
AVrecon

2023-07-25 ⋅ Avertium ⋅ Avertium
EVOLUTION OF RUSSIAN APT29 – NEW ATTACKS AND TECHNIQUES UNCOVERED
GraphDrop

2023-07-25 ⋅ VirusTotal
Virustotal Page for the sample
Unidentified 106

2023-07-25 ⋅ splunk ⋅ Splunk Threat Research Team
Amadey Threat Analysis and Detections
Amadey

2023-07-24 ⋅ M4lcode ⋅ Mostafa Farghaly
Deep Analysis of Vidar Stealer
Arkei Stealer Vidar

2023-07-24 ⋅ AhnLab ⋅ ASEC
Lazarus Threat Group Attacking Windows Servers to Use as Malware Distribution Points

2023-07-24 ⋅ Mandiant ⋅ Conor Quigley, Daniel Kapellmann Zafra, David Mainor, Ryan Serabian
Pro-PRC HaiEnergy Campaign Exploits U.S. News Outlets via Newswire Services to Target U.S. Audiences; Evidence of Commissioned Protests in Washington, D.C.

2023-07-24 ⋅ Mandiant ⋅ Austin Larsen, Dan Kelly, Joseph Pisano, Mark Golembiewski, Matt Williams, Paige Godvin
North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack
FULLHOUSE STRATOFEAR TraderTraitor

2023-07-24 ⋅ Reuters ⋅ Gwladys Fouche, Louise Rasmussen, Terje Solsvik
Norway government ministries hit by cyber attack

2023-07-23 ⋅ Medium infoSec Write-ups ⋅ mov_eax_27
Unpacking an Emotet Trojan
Emotet

2023-07-23 ⋅ forensicitguy ⋅ Tony Lambert
Malware via VHD Files, an Excellent Choice