Malpedia Library

Click here to download all references as Bib-File.•

2025-04-22 ⋅ Volexity ⋅ Charlie Gardner, Josh Duke, Matthew Meltzer, Sean Koessel, Steven Adair, Tom Lancaster
Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows
UTA0352 UTA0355

2025-01-25 ⋅ Sophos ⋅ Anthony Bradshaw, Colin Cowie, Daniel Souter, Hunter Neal, Mark Parsons, Sean Baird, Sean Gallagher
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”
ReedBed STAC5143 UNC4393

2024-11-22 ⋅ Volexity ⋅ Sean Koessel, Steven Adair, Tom Lancaster
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
APT28

2024-11-06 ⋅ Sophos ⋅ Asha Castle, Hikaru Koike, Sean Gallagher, Trang Tang
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign
GootLoader

2024-03-26 ⋅ Palo Alto Networks Unit 42 ⋅ Unit 42
ASEAN Entities in the Spotlight: Chinese APT Group Targeting
PUBLOAD

2024-02-22 ⋅ SPUR ⋅ Sean S.
CloudRouter: 911 Proxy Resurrected

2024-01-18 ⋅ Kroll ⋅ Sean Straw
Open the DARKGATE – Brute Forcing DARKGATE Encodings
DarkGate

2024-01-10 ⋅ Volexity ⋅ Matthew Meltzer, Robert Jan Mora, Sean Koessel, Steven Adair, Thomas Lancaster
Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN
UTA0178

2024-01-03 ⋅ CISO Series ⋅ Sean Kelly
Cybersecurity News: Google $5B suit settled, Orbit Chain loses $80M, FDA cyber agreement
IRLeaks

2023-09-19 ⋅ Cisco Talos ⋅ Arnaud Zobec, Asheer Malhotra, Caitlin Huey, Sean Taylor, Vitor Ventura
New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants
HTTPSnoop PipeSnoop LightBasin ShroudedSnooper

2023-05-03 ⋅ unpac.me ⋅ Sean Wilson
UnpacMe Weekly: New Version of IcedId Loader
IcedID PhotoLoader

2022-12-27 ⋅ Palo Alto Networks Unit 42 ⋅ Bob Jung, Daniel Raygoza, Esmid Idrizovic, Sean Hughes
Navigating the Vast Ocean of Sandbox Evasions
TrickBot Zebrocy

2022-12-16 ⋅ Elastic ⋅ Andrew Pease, Daniel Stepanic, Devon Kerr, Salim Bitam, Samir Bousseaden, Seth Goodwin
SiestaGraph: New implant uncovered in ASEAN member foreign ministry
DoorMe SiestaGraph

2022-10-17 ⋅ SPUR ⋅ Sean S.
I Don’t Like Big Gateways (and I Cannot Lie) - How IP Reputation Gets Large Gateways Wrong

2022-08-18 ⋅ Sophos ⋅ Sean Gallagher
Cookie stealing: the new perimeter bypass
Cobalt Strike Meterpreter MimiKatz Phoenix Keylogger Quasar RAT

2022-06-02 ⋅ Kroll ⋅ Sean Straw
ModPipe POS Malware: New Hooking Targets Extract Card Data
ModPipe

2022-03-02 ⋅ Youtube (OALabs) ⋅ Sean Wilson, Sergei Frankoff
Botleggers Exposed - Analysis of The Conti Leaks Malware
Conti

2022-02-28 ⋅ Sophos ⋅ Sean Gallagher
Conti and Karma actors attack healthcare provider at same time through ProxyShell exploits
Conti Karma

2022-02-02 ⋅ CNN ⋅ Sean Lyngaas
US officials prepare for potential Russian cyberattacks as Ukraine standoff continues

2022-02-01 ⋅ Sophos ⋅ Gabor Szappanos, Sean Gallagher
SolarMarker campaign used novel registry changes to establish persistence
solarmarker