Malpedia Library

Click here to download all references as Bib-File.•

2023-03-01 ⋅ Zscaler ⋅ Meghraj Nandanwar, Shatak Jain
OneNote: A Growing Threat for Malware Distribution
AsyncRAT Cobalt Strike IcedID QakBot RedLine Stealer

2023-03-01 ⋅ Trend Micro ⋅ Daniel Lunghi
Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting
HyperSSL HyperSSL

2023-02-28 ⋅ sysdig ⋅ Alberto Pellitteri
SCARLETEEL: Operation leveraging Terraform, Kubernetes, and AWS for data theft
SCARLETEEL

2023-02-28 ⋅ Uptycs ⋅ Uptycs Threat Research
Cryptocurrency Entities at Risk: Threat Actor Uses Parallax RAT for Infiltration
Parallax RAT

2023-02-27 ⋅ Sekoia ⋅ Quentin Bourgue, Threat & Detection Research Team
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity – Part 2
Stealc

2023-02-27 ⋅ PRODAFT Threat Intelligence ⋅ PRODAFT
RIG Exploit Kit: In-Depth Analysis
Dridex IcedID ISFB PureCrypter Raccoon RecordBreaker RedLine Stealer Royal Ransom Silence SmokeLoader Zloader

2023-02-26 ⋅ OALabs ⋅ Sergei Frankoff
PikaBot Tiny loader that seems very familiar
Pikabot

2023-02-24 ⋅ ESET Research ⋅ ESET Research
A year of wiper attacks in Ukraine

2023-02-24 ⋅ Twitter (@Sebdraven) ⋅ Sébastien Larinier
Tweet on IOCTL manipulation in TDL4 and HermeticWiper
Alureon HermeticWiper

2023-02-24 ⋅ Trend Micro ⋅ Buddy Tancio, Catherine Loveria, Jed Valderama
Investigating the PlugX Trojan Disguised as a Legitimate Windows Debugger Tool
PlugX

2023-02-24 ⋅ Medium walmartglobaltech ⋅ Jason Reaves, Jonathan Mccay, Joshua Platt, Kirk Sayre
Qbot testing malvertising campaigns?
QakBot

2023-02-23 ⋅ Symantec ⋅ Threat Hunter Team
Clasiopa: New Group Targets Materials Research
Atharvan HazyLoad Lilith

2023-02-23 ⋅ Bitdefender ⋅ Bitdefender Team, Martin Zugec
Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966
Cobalt Strike DarkComet QuiteRAT RATel

2023-02-23 ⋅ Andrea Fortuna's Blog ⋅ Andrea Fortuna
How to detect Brute Ratel activities
Brute Ratel C4

2023-02-23 ⋅ Jamf Blog ⋅ Ferdous Saljooki, Jaron Bradley, Matt Benyo
Evasive cryptojacking malware targeting macOS found lurking in pirated applications

2023-02-23 ⋅ Arctic Wolf ⋅ Markus Neis, Ross Phillips, Seth Battles, Steven Campbell
Getting Dumped: A Trust Relationship Destroyed by Lorenz
Lorenz

2023-02-22 ⋅ SOC Prime ⋅ Daryna Olyniychuk
New Phishing Attack Detection Attributed to the UAC-0050 and UAC-0096 Groups Spreading Remcos Spyware
Remcos UAC-0050

2023-02-22 ⋅ Symantec ⋅ Symantec Threat Hunter Team
Hydrochasma: Previously Unknown Group Targets Medical and Shipping Organizations in Asia
Cobalt Strike

2023-02-21 ⋅ Sekoia ⋅ Livia Tibirna, Maxime A, Sekoia TDR
One Year After: The Cyber Implications of the Russo-Ukrainian War
Callisto

2023-02-21 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyber attack of the group UAC-0050 (UAC-0096) using the Remcos program (CERT-UA#6011)
Remcos UAC-0050