|
Up
|
|
|
|
|
2020.01.01 - APT SideWinder/
|
— |
|
|
|
2020.01.06 - CVE-2019-2215 - Linked to SideWinder APT Group/
|
— |
|
|
|
2020.01.07 - Destructive Attack DUSTMAN/
|
— |
|
|
|
2020.01.07 - Iranian Cyber Response to Death of IRGC Head Would Likely Use Reported TTPs and Previous Access/
|
— |
|
|
|
2020.01.08 - Operation AppleJeus Sequel/
|
— |
|
|
|
2020.01.09 - NA EL Threat Perspective 2019/
|
— |
|
|
|
2020.01.13 - APT27 ZXShell RootKit/
|
— |
|
|
|
2020.01.13 - Reviving MuddyC3/
|
— |
|
|
|
2020.01.16 - JhoneRAT - Cloud based python RAT targeting Middle Easterncountries/
|
— |
|
|
|
2020.01.31 - Winnti Group targeting universities in Hong Kong/
|
— |
|
|
|
2020.02.03 - Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations/
|
— |
|
|
|
2020.02.10 - Outlaw Updates/
|
— |
|
|
|
2020.02.13 - Pierogi Backdoor/
|
— |
|
|
|
2020.02.17 - CLAMBLING Dropbox Backdoor/
|
— |
|
|
|
2020.02.17 - Fox Kitten Campaign/
|
— |
|
|
|
2020.02.17 - Gamaredon Espionage Campaign/
|
— |
|
|
|
2020.02.18 - Operation DRB Control/
|
— |
|
|
|
2020.02.19 - The Lazarus Constellation/
|
— |
|
|
|
2020.02.21 - MyKings Botnet/
|
— |
|
|
|
2020.02.22 - Weaponizing a Lazarus Group Implant/
|
— |
|
|
|
2020.02.25 - Cloud Snooper/
|
— |
|
|
|
2020.02.28 - Nortrom Lion APT/
|
— |
|
|
|
2020.03.02 - APT34 attacks Lebanon government entities with MailDropper implants/
|
— |
|
|
|
2020.03.03 - The North Korean Kimsuky APT keeps threatening South Korea evolving its TTPs/
|
— |
|
|
|
2020.03.05 - Dissecting Geost - Exposing the Anatomy of the Android Trojan Targeting Russian Banks/
|
— |
|
|
|
2020.03.05 - Guildma - The Devil drives electric/
|
— |
|
|
|
2020.03.10 - njRat - Indicators of Compromise/
|
— |
|
|
|
2020.03.11 - Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit/
|
— |
|
|
|
2020.03.12 - Tracking Turla - New backdoor delivered via Armenian watering holes/
|
— |
|
|
|
2020.03.12 - Two Tailed Scorpion/
|
— |
|
|
|
2020.03.12 - Vicious Panda - The COVID Campaign/
|
— |
|
|
|
2020.03.15 - APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT/
|
— |
|
|
|
2020.03.19 - Probing Pawn Storm/
|
— |
|
|
|
2020.03.24 - Operation Poisoned News - Hong Kong Users Targeted With Mobile Malware via Local News Links/
|
— |
|
|
|
2020.03.24 - WildPressure targets industrial-related entities in the Middle East/
|
— |
|
|
|
2020.03.25 - APT41 Initiates Global Intrusion Campaign Using Multiple Exploits/
|
— |
|
|
|
2020.03.26 - Light Spy Two Sail Junk APT/
|
— |
|
|
|
2020.03.30 - Operation Spy Cloud carries out the APT attack disguising the evidence of North Korean defection/
|
— |
|
|
|
2020.04.07 - Decade of the RATs/
|
— |
|
|
|
2020.04.07 - How advanced persistent threats use the coronavirus as a lure/
|
— |
|
|
|
2020.04.07 - New Ursnif campaign/
|
— |
|
|
|
2020.04.15 - Chimera APT/
|
— |
|
|
|
2020.04.15 - Covid-19 lures Syrians/
|
— |
|
|
|
2020.04.16 - Exposing Modular Adware/
|
— |
|
|
|
2020.04.16 - Icebucket TV Bot Attack/
|
— |
|
|
|
2020.04.17 - Gamaredon APT Group/
|
— |
|
|
|
2020.04.20 - WINNTI GROUP - Insights From the Past/
|
— |
|
|
|
2020.04.21 - Evil Eye Threat Actor/
|
— |
|
|
|
2020.04.24 - Posh C2 APT/
|
— |
|
|
|
2020.04.28 - Grandoreiro - How engorged can an EXE get/
|
— |
|
|
|
2020.04.28 - Outlaw is Back, a New Crypto-Botnet Targets European Organizations/
|
— |
|
|
|
2020.04.29 - Chinese Influence Operations Evolve in Campaigns Targeting Taiwanese Elections, Hong Kong Protests/
|
— |
|
|
|
2020.05.05 - Nazar - Spirits of the Past/
|
— |
|
|
|
2020.05.06 - Leery Turtle Threat Report/
|
— |
|
|
|
2020.05.06 - Phantom in the Command Shell/
|
— |
|
|
|
2020.05.07 - Introducing Blue Mockingbird/
|
— |
|
|
|
2020.05.07 - Naikon APT Reloaded/
|
— |
|
|
|
2020.05.11 - JsOutProx RAT - Attack on Indian Government, Financial Institutions/
|
— |
|
|
|
2020.05.11 - Updated BackConfig Malware Targeting Government and Military Organizations in South Asia/
|
— |
|
|
|
2020.05.12 - Tropic Trooper’s Back USB ferry Attack Targets Air-gapped Environments/
|
— |
|
|
|
2020.05.13 - Ramsay A cyber‑espionage toolkit tailored for air‑gapped networks/
|
— |
|
|
|
2020.05.14 - APT Group Planted Backdoors Targeting High Profile Networks in Central Asia/
|
— |
|
|
|
2020.05.14 - COMpfun Authors Spoof Visa Application/
|
— |
|
|
|
2020.05.14 - LOLSnif – Tracking Another Ursnif-Based Targeted Campaign/
|
— |
|
|
|
2020.05.14 - Mikroceen Spying backdoor leveraged in high‑profile networks in Central Asia/
|
— |
|
|
|
2020.05.14 - RATicate - an attacker’s waves of information-stealing malware/
|
— |
|
|
|
2020.05.14 - Vendetta new threat actor from Europe/
|
— |
|
|
|
2020.05.18 - APT-C-23/
|
— |
|
|
|
2020.05.19 - Sophisticated Espionage Group Turns Attention to Telecom Providers in South Asia/
|
— |
|
|
|
2020.05.21 - Iranian Chafer APT/
|
— |
|
|
|
2020.05.21 - No Game over for the Winnti Group/
|
— |
|
|
|
2020.05.21 - The Evolution of APT15’s Codebase 2020/
|
— |
|
|
|
2020.05.26 - ComRAT/
|
— |
|
|
|
2020.05.28 - The zero-day exploits of Operation WizardOpium/
|
— |
|
|
|
2020.05.29 - Russian Cyber Attack Campaigns and Actors/
|
— |
|
|
|
2020.06.03 - Cycldek - Bridging the (air) gap/
|
— |
|
|
|
2020.06.03 - New LNK attack tied to Higaisa APT discovered/
|
— |
|
|
|
2020.06.08 - GuLoader No, CloudEyE/
|
— |
|
|
|
2020.06.08 - The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware/
|
— |
|
|
|
2020.06.09 - APT and Cybercriminal Targeting of HCS/
|
— |
|
|
|
2020.06.11 - Gamaredon group grows its game/
|
— |
|
|
|
2020.06.11 - New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa/
|
— |
|
|
|
2020.06.15 - Coordinated Spyware Operation/
|
— |
|
|
|
2020.06.16 - Cobalt - tactics and tools update/
|
— |
|
|
|
2020.06.17 - AcidBox - Rare Malware Repurposing Turla Group Exploit Targeted Russian Organizations/
|
— |
|
|
|
2020.06.17 - Multi-stage APT attack drops Cobalt Strike using Malleable/
|
— |
|
|
|
2020.06.17 - Operation Interception/
|
— |
|
|
|
2020.06.18 - InvisiMole/
|
— |
|
|
|
2020.06.19 - Targeted Attack Leverages India-China Border Dispute/
|
— |
|
|
|
2020.06.23 - Wasted Locker Evil Corp Group/
|
— |
|
|
|
2020.06.24 - BRONZE VINEWOOD Targets Supply Chains/
|
— |
|
|
|
2020.06.25 - A close look at the advanced techniques used in an APT campaign/
|
— |
|
|
|
2020.06.26 - WastedLocker - Symantec Identifies Wave of Attacks Against U.S. Organizations/
|
— |
|
|
|
2020.06.29 - PROMETHIUM extends global reach with StrongPity3 APT/
|
— |
|
|
|
2020.06.30 - StrongPity APT/
|
— |
|
|
|
2020.07.01 - Mobile APT Surveillance Campaigns Targeting Uyghurs/
|
— |
|
|
|
2020.07.06 - North Korean hackers are skimming US and European shoppers/
|
— |
|
|
|
2020.07.08 - APT36 Targets Defense Organizations in India/
|
— |
|
|
|
2020.07.08 - Copy cat of APT Sidewinder/
|
— |
|
|
|
2020.07.08 - TA410 - The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware/
|
— |
|
|
|
2020.07.09 - Cosmic Lynx/
|
— |
|
|
|
2020.07.09 - Evilnum Toolset/
|
— |
|
|
|
2020.07.12 - SideWinder/
|
— |
|
|
|
2020.07.14 - Molerats/
|
— |
|
|
|
2020.07.14 - Turla Venomous Bear/
|
— |
|
|
|
2020.07.15 - The Fake Cisco/
|
— |
|
|
|
2020.07.16 - APT-29 targets COVID-19 vaccine development/
|
— |
|
|
|
2020.07.17 - DRIDEX - Origins and Uses/
|
— |
|
|
|
2020.07.20 - APT attacks on state institutions in Kazakhstan and Kyrgyzstan/
|
— |
|
|
|
2020.07.22 - MATA - Multi-platform targeted malware framework/
|
— |
|
|
|
2020.07.22 - OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory/
|
— |
|
|
|
2020.07.28 - Group-IB Exposes Financial Crime Network of Online Pirates In Developing Countries/
|
— |
|
|
|
2020.07.29 - Operation North Star - A Job Offer That’s Too Good to be True/
|
— |
|
|
|
2020.08.03 - Chinese Remote Access Trojan - TAIDOOR/
|
— |
|
|
|
2020.08.10 - Gorgon APT targeting MSME sector in India/
|
— |
|
|
|
2020.08.12 - Internet Explorer and Windows zero-day exploits used in Operation PowerFall/
|
— |
|
|
|
2020.08.13 - CactusPete APT group’s updated Bisonal backdoor/
|
— |
|
|
|
2020.08.13 - Operation Dream Job - Widespread North Korean Espionage Campaign/
|
— |
|
|
|
2020.08.13 - Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware/
|
— |
|
|
|
2020.08.18 - Lazarus Group Targeting Cryptocurrency/
|
— |
|
|
|
2020.08.20 - APT Hackers for Hire/
|
— |
|
|
|
2020.08.20 - TA505 Activity/
|
— |
|
|
|
2020.08.24 - Lifting the veil on DeathStalker, a mercenary triumvirate/
|
— |
|
|
|
2020.08.27 - The Kittens Are Back in Town 3/
|
— |
|
|
|
2020.08.28 - Transparent Tribe - Evolution analysis, part 2/
|
— |
|
|
|
2020.09.01 - Chinese APT TA413/
|
— |
|
|
|
2020.09.03 - Evilnum IOCs/
|
— |
|
|
|
2020.09.08 - TeamTNT activity targets Weave Scope deployments/
|
— |
|
|
|
2020.09.11 - The art and science of detecting Cobalt Strike/
|
— |
|
|
|
2020.09.16 - Partners in Crime/
|
— |
|
|
|
2020.09.17 - Operation Tibbar/
|
— |
|
|
|
2020.09.18 - c404_indictment/
|
— |
|
|
|
2020.09.22 - APT28 Delivers Zebrocy Malware Campaign using NATO Theme as Lure/
|
— |
|
|
|
2020.09.23 - Operation SideCopy/
|
— |
|
|
|
2020.09.24 - Empires in the Cloud/
|
— |
|
|
|
2020.09.25 - APT-C-43 - steals Venezuelan military secrets to provide intelligence support for the reactionaries — HpReact campaign/
|
— |
|
|
|
2020.09.25 - German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed/
|
— |
|
|
|
2020.09.29 - New Activity From Winnti Group/
|
— |
|
|
|
2020.09.29 - Palmerworm Espionage Gang Targets the Media, Finance, and Other Sectors/
|
— |
|
|
|
2020.09.30 - APT‑C‑23/
|
— |
|
|
|
2020.10.05 - MosaicRegressor - Lurking in the Shadows of UEFI/
|
— |
|
|
|
2020.10.06 - Release the Kraken - Fileless APT attack abuses Windows Error Reporting service/
|
— |
|
|
|
2020.10.07 - Bahamut Hack-for-Hire Masters of Phishing, Fake News, and Fake Apps/
|
— |
|
|
|
2020.10.13 - Operation Rubia Cordifolia/
|
— |
|
|
|
2020.10.14 - Silent Librarian APT right on schedule for 2021 academic year/
|
— |
|
|
|
2020.10.15 - Muddywater Offensive Attack Against Israeli Organizations/
|
— |
|
|
|
2020.10.19 - Operation Earth Kitsune Tracking SLUB’s Current Operations/
|
— |
|
|
|
2020.10.22 - Bitter CHM APT/
|
— |
|
|
|
2020.10.23 - APT C 44/
|
— |
|
|
|
2020.10.26 - Study of the ShadowPad APT backdoor and its relation to PlugX/
|
— |
|
|
|
2020.10.27 - North Korean Advanced Persistent Threat Focus - Kimsuky/
|
— |
|
|
|
2020.11.01 - A look into APT36 Transparent Tribe tradecraft/
|
— |
|
|
|
2020.11.02 - An Overview of UNC1945/
|
— |
|
|
|
2020.11.04 - KillSomeOne DLL APT/
|
— |
|
|
|
2020.11.06 - OceanLotus - Extending Cyber Espionage Operations Through Fake Websites/
|
— |
|
|
|
2020.11.10 - APT-32/
|
— |
|
|
|
2020.11.12 - CRAT wants to plunder your endpoints/
|
— |
|
|
|
2020.11.12 - Hungry for data, ModPipe backdoor hits POS software used in hospitality sector/
|
— |
|
|
|
2020.11.12 - Jupyter Infostealer/
|
— |
|
|
|
2020.11.12 - The CostaRicto Campaign - Cyber-Espionage Outsourced/
|
— |
|
|
|
2020.11.16 - Dissecting a Chinese APT Targeting South Eastern Asian Government Institutions/
|
— |
|
|
|
2020.11.16 - TA505 - A Brief History Of Their Time/
|
— |
|
|
|
2020.11.17 - IOCs for Chaes Malware Targeting Latin American E-Commerce/
|
— |
|
|
|
2020.11.17 - Japan-Linked Organizations Targeted in Long-Running and Sophisticated Attack Campaign/
|
— |
|
|
|
2020.11.18 - Bookcodes C2/
|
— |
|
|
|
2020.11.19 - Cybereason vs. MedusaLocker Ransomware/
|
— |
|
|
|
2020.11.23 - Clop Ransomware suspiciously related to the Recent Incident/
|
— |
|
|
|
2020.11.26 - Bandook - Signed & Delivered/
|
— |
|
|
|
2020.11.27 - Investigation with a twist - an accidental APT attack and averted data destruction/
|
— |
|
|
|
2020.11.30 - Shadows From the Past Threaten Italian Enterprises/
|
— |
|
|
|
2020.11.30 - Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them/
|
— |
|
|
|
2020.12.01 - AA20-336A APT Actors Targeting US ThinkTanks/
|
— |
|
|
|
2020.12.01 - Red Kangaroo Docker Hub Analysis/
|
— |
|
|
|
2020.12.02 - Turla Crutch - Keeping the back door open/
|
— |
|
|
|
2020.12.03 - Adversary Tracking Report/
|
— |
|
|
|
2020.12.07 - The footprints of Raccoon - a story about operators of JS-sniffer FakeSecurity distributing Raccoon stealer/
|
— |
|
|
|
2020.12.09 - SideWinder Uses South Asian Issues for Spear Phishing, Mobile/
|
— |
|
|
|
2020.12.13 - Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor/
|
— |
|
|
|
2020.12.15 - APT C-47/
|
— |
|
|
|
2020.12.15 - Greetings from Lazarus/
|
— |
|
|
|
2020.12.16 - Mapping out AridViper Infrastructure Using Augury’s Malware Module/
|
— |
|
|
|
2020.12.17 - Operation SignSight Supply-chain attack against a certification authority in Southeast Asia/
|
— |
|
|
|
2020.12.17 - Pay2Kitten - A New Campaign by Fox Kitten/
|
— |
|
|
|
2020.12.19 - Analyzing new malware of China Panda hacker group used to attack supply chain against Vietnam Government Certification Authority - Part 1/
|
— |
|
|
|
2020.12.22 - Collaboration between FIN7 and the RYUK group, a Truesec Investigation/
|
— |
|
|
|
2020.12.23 - Lazarus covets COVID-19-related intelligence/
|
— |
|
|
|
2020.12.29 - Revenge RAT targeting users in South America/
|
— |
|
|
|
2020.12.30 - SolarWinds Attribution/
|
— |
|
|