Malpedia Library

Click here to download all references as Bib-File.•

2025-03-12 ⋅ Mandiant ⋅ Frank Tse, Jakub Jozwiak, Logeswaran Nadarajan, Lukasz Lamparski, Mathew Potaczek, Mustafa Nasser, Nick Harbour, Punsaen Boonyakarn, Shawn Chew
Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers
tsh

2025-02-18 ⋅ inversecos ⋅ Lina Lau
An inside look at NSA (Equation Group) TTPs from China’s lense
SECONDDATE

2024-10-10 ⋅ US Department of Defense ⋅ CNMF, NCSC UK, NSA, US Department of Justice
Update on SVR Cyber Operations and Vulnerability Exploitation

2024-09-18 ⋅ ASD, CNMF, CSE Canada, FBI, GCSB, NCSC UK, NSA
People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations
Nosedive

2023-04-28 ⋅ WithSecure ⋅ Markus Tuominen, Mehmet Mert Surmeli
Unleashing the Power of Shimcache with Chainsaw

2023-04-18 ⋅ NCSC UK ⋅ CISA, FBI, NCSC UK, NSA
APT28 exploits known vulnerability to carry out reconnaissance and deploy malware on Cisco routers

2023-02-09 ⋅ CISA, DSA, FBI, HHS, NSA, ROK
#StopRansomware: Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities
Dtrack MagicRAT Maui Ransomware SiennaBlue SiennaPurple Tiger RAT YamaBot

2022-10-31 ⋅ Twitter (@CryptoInsane) ⋅ CryptoInsane
Tweet about Yanluowang Leaks
Yanluowang

2022-10-06 ⋅ CISA ⋅ FBI, NSA, US-CERT
Alert (AA22-279A) Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

2022-09-22 ⋅ CISA ⋅ NSA, US-CERT
Alert (AA22-265A) Control System Defense: Know the Opponent

2022-09-14 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), CSE Canada, FBI, NCSC UK, NSA, U.S. Cyber Command, U.S. Department of the Treasury, US-CERT
Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

2022-08-05 ⋅ ⋅ 360 netlab ⋅ Daji, suqitian
The DGA family Orchard continues to change, and the new version generates DGA domain names using Bitcoin transaction information
Orchard

2022-08-05 ⋅ 360 netlab ⋅ 360 Netlab
A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
Orchard

2022-07-14 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0100 - Online fraud using the subject of "monetary compensation" (CERT-UA#4964)

2022-04-27 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), CISA, FBI, New Zealand National Cyber Security Centre (NZ NCSC), NSA, United Kingdom’s National Cyber Security Centre (NCSC-UK)
Alert (AA22-117A) 2021 Top Routinely Exploited Vulnerabilities

2022-04-26 ⋅ cocomelonc ⋅ cocomelonc
Malware development: persistence - part 2. Screensaver hijack. C++ example.
Gazer

2022-04-20 ⋅ CISA ⋅ Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), CISA, FBI, Government Communications Security Bureau, National Crime Agency (NCA), NCSC UK, NSA
AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader

2022-04-13 ⋅ CISA, Department of Energy (DOE), FBI, NSA
APT Cyber Tools Targeting ICS/SCADA Devices

2022-03-22 ⋅ ⋅ 360 Threat Intelligence Center ⋅ 360 Threat Intelligence Center
Quantum Attack System – NSA "APT-C-40" Hacking Organization High-end Cyber Attack Weapon Technical Analysis Report (I)

2022-03-03 ⋅ NSA ⋅ NSA
Network Infrastructure Security Guidance