Malpedia Library

Click here to download all references as Bib-File.•

2025-03-12 ⋅ CISA ⋅ CISA, FBI, MS-ISAC
Medusa Ransomware

2025-02-20 ⋅ Group-IB ⋅ Dmitrii Yankelevich, Dmitry Pisarev, Pavel Naumov
Fingerprint Heists: How your browser fingerprint can be stolen and used by fraudsters
ScreamedJungle

2025-02-19 ⋅ CISA ⋅ CISA
#StopRansomware: Ghost (Cring) Ransomware
Cring

2025-01-30 ⋅ CISA ⋅ CISA
Contec CMS8000 Contains a Backdoor
CMS8000 Backdoor

2025-01-29 ⋅ Google ⋅ Conor Quigley, Luke Jenkins, Nino Isakovic
ScatterBrain: Unmasking the Shadow of PoisonPlug's Obfuscator
POISONPLUG ShadowPad SNAPPYBEE

2024-12-17 ⋅ SOCRadar ⋅ SOCRadar
Dark Peep #17: Dark Web Manifesto, Hacker Forums, and Ransomware Misadventures
INDOHAXSEC TEAM

2024-10-16 ⋅ CISA ⋅ CISA
Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations

2024-07-30 ⋅ Spamhaus ⋅ Spamhaus Team
Too big to care? - Our disappointment with Cloudflare’s anti-abuse posture

2024-07-29 ⋅ Mandiant ⋅ Ashley Pearson, Jake Nicastro, Joseph Pisano, Josh Murchie, Joshua Shilko, Raymond Leong
UNC4393 Goes Gently into the SILENTNIGHT
Black Basta QakBot sRDI SystemBC Zloader UNC3973 UNC4393

2024-07-26 ⋅ Darktrace ⋅ DarkTrace
Disarming the WarmCookie Backdoor: Darktrace’s Oven-Ready Solution
WarmCookie

2024-07-16 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
MirrorFace Attack against Japanese Organisations
LODEINFO NOOPDOOR

2024-05-10 ⋅ CISA ⋅ CISA
AA24-131A: #StopRansomware: Black Basta
Black Basta Black Basta

2024-04-10 ⋅ 0ffset Blog ⋅ Daniel Bunce
Resolving Stack Strings with Capstone Disassembler & Unicorn in Python
Conti

2024-04-04 ⋅ Mandiant ⋅ Ashley Pearson, Austin Larsen, Billy Wong, John Wolfram, Joseph Pisano, Josh Murchie, Lukasz Lamparski, Matt Lin, Ron Craft, Ryan Hall, Shawn Chew, Tyler McLellan
Cutting Edge, Part 4: Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
TONERJAM

2024-03-29 ⋅ CISA ⋅ CISA
Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094
xzbot

2024-03-20 ⋅ CISA ⋅ Cyber Safety Review Board
Review of the Summer 2023 Microsoft Exchange Online Intrusion
Storm-0558

2024-02-07 ⋅ CISA ⋅ CISA
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
ScanLine

2024-02-07 ⋅ CISA ⋅ CISA
MAR-10448362-1.v1 Volt Typhoon
ScanLine

2024-01-15 ⋅ Russian Panda Research Blog ⋅ RussianPanda
From Russia With Code: Disarming Atomic Stealer
AMOS

2023-12-30 ⋅ Rewterz Information Security ⋅ Rewterz Information Security
Rewterz Threat Alert – Widely Abused MSIX App Installer Disabled by Microsoft – Active IOCs
EugenLoader POWERTRASH BATLOADER DarkGate FlawedGrace NetSupportManager RAT SectopRAT Storm-0506