Folder Path

/vx/APTs/2024/

291 directories 0 files
List Grid
Name
Size Modified
Up
2024.01.05 - Turkish espionage campaigns in the Netherlands/
2024.01.10 - Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN/
2024.01.11 - Clearing the Fog of War – A critical analysis of recent energy sector cyberattacks in Denmark and Ukraine/
2024.01.11 - Volt Typhoon Compromises 30 percent of Cisco RV320 and 325 Devices in 37 Days/
2024.01.12 - Cutting Edge: Suspected APT Targets Ivanti Connect Secure VPN in New Zero-Day Exploitation/
2024.01.15 - Ivanti Connect Secure VPN Exploitation Goes Global/
2024.01.17 - New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs/
2024.01.18 - Ivanti Connect Secure VPN Exploitation: New Observations/
2024.01.18 - Russian threat group COLDRIVER expands its targeting of Western officials to include the use of malware/
2024.01.19 - Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021/
2024.01.19 - Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard/
2024.01.22 - ScarCruft - Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals/
2024.01.29 - Analysis of FalseFont Backdoor used by Peach-Sandstorm Threat Actor/
2024.01.29 - Blackwood APT Group Has a New DLL Loader/
2024.01.29 - Compromised routers are still leveraged as malicious infrastructure to target government organizations in Europe and Caucasus/
2024.01.29 - KrustyLoader - Rust malware linked to Ivanti ConnectSecure compromises/
2024.01.30 - The Bear and The Shell: New Campaign Against Russian Opposition/
2024.01.31 - Cutting Edge, Part 2: Investigating Ivanti Connect Secure VPN Zero-Day Exploitation/
2024.02.01 - Qianxin 2023 APT Report/
2024.02.01 - VajraSpy: A Patchwork of espionage apps/
2024.02.05 - Annual Threat Assessment of the US Intelligence Community 2024/
2024.02.06 - BSI - Active APT groups in Germany/
2024.02.06 - German Federal Office for Information Security - Active APT groups in Germany/
2024.02.06 - Iran accelerates cyber ops against Israel from chaotic start/
2024.02.07 - Iran surges cyber-enabled influence operations in support of Hamas/
2024.02.07 - PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure/
2024.02.08 - New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization/
2024.02.09 - Ministry of Defence of the Netherlands uncovers COATHANGER, a stealthy Chinese FortiGate RAT/
2024.02.09 - SugarGh0st RAT attacks Kazakhstan – State Technical Service/
2024.02.12 - China’s Cyber Revenge - Why the PRC Fails to Back Its Claims of Western Espionage/
2024.02.13 - CharmingCypress - Innovating Persistence/
2024.02.14 - CVE-2024-21412 -Water Hydra Targets Traders With Microsoft Defender SmartScreen Zero-Day/
2024.02.14 - Hamas-linked SameCoin campaign malware analysis/
2024.02.14 - Staying ahead of threat actors in the age of AI/
2024.02.15 - Lithuania National Threat Assessment 2024/
2024.02.15 - TinyTurla Next Generation - Turla APT spies on Polish NGOs/
2024.02.16 - Russia-Aligned TAG-70 Targets European Government and Military Mail Servers in New Espionage Campaign/
2024.02.18 - I-S00N GitHub leaks/
2024.02.19 - BfV and NIS warning of North Korean cyber threats targeting the Defense Sector/
2024.02.19 - Pelmeni Wrapper - New Wrapper of Kazuar (Turla Backdoor)/
2024.02.19 - VOLTZITE Espionage Operations Targeting U.S. Critical Systems/
2024.02.20 - Earth Preta Campaign Uses DOPLUGS to Target Asia/
2024.02.21 - Operation Texonto - Information operation targeting Ukrainian speakers in the context of the war/
2024.02.22 - Doppelgänger - Russia-Aligned Influence Operation Targets Germany/
2024.02.22 - Lessons from the iSOON Leaks/
2024.02.22 - New Leak Shows Business Side of China’s APT Menace/
2024.02.22 - To Russia With Love - Assessing a KONNI-Backdoored Suspected Russian Consular Software Installer/
2024.02.23 - Data From Chinese Security Services Company i-Soon Linked to Previous Chinese APT Campaigns/
2024.02.23 - SVR cyber actors adapt tactics for initial cloud access/
2024.02.23 - TrollAgent That Infects Systems Upon Security Program Installation Process (Kimsuky Group)/
2024.02.26 - Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections/
2024.02.27 - European diplomats targeted by SPIKEDWINE with WINELOADER/
2024.02.27 - Russian Cyber Actors Use Compromised Routers to Facilitate Cyber Operations/
2024.02.27 - When Cats Fly - Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors/
2024.02.28 - GTPDOOR - A novel backdoor tailored for covert access over the roaming exchange/
2024.02.28 - New Malicious PyPI Packages used by Lazarus/
2024.03.01 - APT37's ROKRAT HWP Object Linking and Embedding/
2024.03.04 - NIS Press Release - cyber attacks targeting domestic semiconductor equipment companies/
2024.03.05 - TODDLERSHARK - ScreenConnect Vulnerability Exploited to Deploy BABYSHARK Variant/
2024.03.07 - Evasive Panda leverages Monlam Festival to target Tibetans/
2024.03.08 - Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard/
2024.03.20 - Blind Eagle's North American Journey/
2024.03.20 - Review of the Summer 2023 Microsoft Exchange Online Intrusion/
2024.03.21 - AcidPour - New Embedded Wiper Variant of AcidRain Appears in Ukraine/
2024.03.21 - Analysis of New DEEP#GOSU Attack Campaign Likely Associated with North Korean Kimsuky Targeting Victims with Stealthy Malware/
2024.03.21 - China-linked Threats to Operational Technology/
2024.03.21 - New details on TinyTurla’s post-compromise activity reveal full kill chain/
2024.03.21 - TA450 (MuddyWater) uses embedded links in PDF attachments in latest campaign/
2024.03.22 - APT29 Uses WINELOADER to Target German Political Parties/
2024.03.24 - DinodasRAT Linux implant targeting entities worldwide/
2024.03.25 - Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians/
2024.03.25 - Treasury Sanctions China-Linked Hackers for Targeting U.S. Critical Infrastructure/
2024.03.25 - UK holds China state-affiliated organisations and individuals (APT31) responsible for malicious cyber activity/
2024.03.26 - Investigation into hacking of Finnish Parliament's information systems has been ongoing/
2024.03.26 - Malware Disguised as Installer from Korean Public Institution (Kimsuky Group)/
2024.03.26 - New Zealand accuses China of hacking parliament, condemns activity/
2024.03.28 - BITTER APT Targets Chinese Government Agency/
2024.03.29 - New MuddyWater Campaigns After Operation Swords of Iron/
2024.03.31 - Malware Spotlight - Linodas aka DinodasRAT for Linux/
2024.04.02 - APT and financial attacks on industrial organizations in H2 2023/
2024.04.02 - Earth Freybug Uses UNAPIMON for Unhooking Critical APIs/
2024.04.10 - eXotic Visit campaign - Tracing the footprints of Virtual Invaders/
2024.04.10 - Turla APT Targets Albania With Backdooor in Ongoing Campaign to Breach European Organizations/
2024.04.11 - Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear/
2024.04.11 - LightSpy Returns - Renewed Espionage Campaign Targets Southern Asia, Possibly India/
2024.04.12 - Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400/
2024.04.12 - XZ backdoor story - Initial analysis/
2024.04.12 - Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)/
2024.04.15 - Volt Typhoon - A Conspiratorial Swindling Campaign targets with U.S. Congress and Taxpayers conducted by U.S. Intelligence Community/
2024.04.15 - Volt Typhoon false narrative a collusion among US politicians, intelligence community and companies to cheat funding, defame China/
2024.04.16 - Analysis of the APT31 indictment/
2024.04.18 - Annual report MIVD 2023/
2024.04.18 - DuneQuixote campaign targets Middle Eastern entities with CR4T malware/
2024.04.19 - UAC-0133 (Sandworm) plans for cyber sabotage on almost 20 objects of critical infrastructure of Ukraine/
2024.04.20 - APT44 - Unearthing Sandworm/
2024.04.22 - Analyzing Forest Blizzard's custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials/
2024.04.22 - MuddyWater campaign abusing Atera Agents/
2024.04.22 - ToddyCat is making holes in your infrastructure/
2024.04.24 - ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices/
2024.04.24 - Assessing the Y, and How, of the XZ Utils incident/
2024.04.24 - Pakistani APTs Escalate Attacks on Indian Government/
2024.04.25 - LightSpy Malware Variant Targeting macOS/
2024.04.29 - A Cunning Operator - Muddling Meerkat and China's Great Firewall/
2024.05.01 - Analysis of ArcaneDoor Threat Infrastructure Suggests Potential Ties to Chinese-based Actor/
2024.05.01 - Router Roulette - Cybercriminals and Nation-States Sharing Compromised Networks/
2024.05.02 - North Korean Actors Exploit Weak DMARC Security Policies to Mask Spearphishing Efforts/
2024.05.03 - Expanding APT42 Intelligence/
2024.05.03 - German Government - Attribution of a Russian cyber campaign/
2024.05.03 - SSSCIP Russian Cyber Operations H2 2023/
2024.05.03 - Statement by the North Atlantic Council concerning malicious cyber activities against Germany and Czechia/
2024.05.03 - Statement of the MFA on the Cyberattacks Carried by Russian Actor APT28 on Czechia/
2024.05.04 - Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign/
2024.05.06 - Six Australian MPs Confirm They were Targeted by China's APT31 Hackers/
2024.05.07 - LNK File Disguised as Certificate Distributing RokRAT Malware/
2024.05.08 - APT28 campaign targeting Polish government institutions/
2024.05.08 - Iran-Aligned Emerald Divide Influence Campaign Evolves to Exploit Israel-Hamas Conflict/
2024.05.09 - Kaspersky Securelist APT trends report Q1 2024/
2024.05.10 - Recruitment Trap for Blockchain Practitioners - Analysis of Suspected Lazarus (APT-Q-1) Secret Stealing Operation/
2024.05.14 - ESET APT Activity Report Q4 2023 - Q1 2024/
2024.05.15 - To the Moon and back(doors) - Lunar landing in diplomatic missions/
2024.05.16 - Springtail (Kimsuky) - New Linux Backdoor Added to Toolkit/
2024.05.16 - Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024/
2024.05.20 - Bad Karma, No Justice - Void Manticore Destructive Activities in Israel/
2024.05.22 - Deep Dive into the Unfading Sea Haze/
2024.05.22 - Transparent Tribe Targets Indian Government, Defense, and Aerospace Sectors Leveraging Cross-Platform Programming Languages/
2024.05.23 - Hellhounds - Operation Lahat. Part 2/
2024.05.23 - Malware Transmutation! - Unveiling the Hidden Traces of BloodAlchemy/
2024.05.23 - Operation Diplomatic Specter - An Active Chinese Cyberespionage Campaign targeting Governmental Entities in the Middle East, Africa and Asia/
2024.05.23 - Tracking APT SideWinder Domains/
2024.05.24 - Unraveling the snake tangle - following the attacks of Shedding Zmiy/
2024.05.28 - Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks/
2024.05.29 - APT41's Reconnaissance Techniques and Toolkit/
2024.05.29 - LightSpy Implant for macOS/
2024.05.29 - Putin's hackers gained full access to Hungary's foreign ministry networks/
2024.05.29 - Tracking Threat Actors Using Images and Artifacts/
2024.05.30 - Analysis of APT Attack Cases Using Dora RAT Against Korean Companies (Andariel Group)/
2024.05.30 - Disrupting FlyingYeti's (UAC-0149) campaign targeting Ukraine/
2024.05.30 - GRU's BlueDelta (APT28) Targets Key Networks in Europe with Multi-Phase Espionage Campaigns/
2024.05.30 - LilacSquid - The stealthy trilogy of PurpleInk, InkBox and InkLoader/
2024.06.01 - From Vegas to Chengdu - Hacking Contests, Bug Bounties,and China's Offensive Cyber Ecosystem/
2024.06.04 - Hurdling Over Hazards - Multifaceted Threats to the Paris Olympics/
2024.06.04 - Operation Veles - Decade-Long Espionage Targeting the Global Research and Education Sector/
2024.06.05 - Operation Crimson Palace - Sophos threat hunting unveils multiple clusters of Chinese state-sponsored activity targeting Southeast Asian government/
2024.06.05 - Phishing for Gold - Cyber Threats Facing the 2024 Paris Olympics/
2024.06.05 - UAC-0020 (Vermin) attacks the Defense Forces of Ukraine using the SPECTR WPS in tandem with a legitimate SyncThing/
2024.06.06 - Howling at the Inbox - Sticky Werewolf's Latest Malicious Aviation Attacks/
2024.06.10 - Another battlefield - Telegram as a digital front in Russia’s war against Ukraine/
2024.06.10 - APT and financial attacks on industrial organizations in Q1 2024/
2024.06.10 - MIVD Ongoing state cyber espionage campaign via vulnerable edge devices/
2024.06.11 - APT Attacks Using Cloud Storage/
2024.06.11 - Noodle RAT - Reviewing the Backdoor Used by Chinese-Speaking Groups/
2024.06.11 - SmallTiger Malware Used in Attacks Against South Korean Businesses (Kimsuky and Andariel)/
2024.06.13 - Arid Viper poisons Android apps with AridSpy/
2024.06.13 - DISGOMOJI Malware Used to Target Indian Government/
2024.06.13 - Operation Celestial Force employs mobile and desktop malware to target Indian entities/
2024.06.16 - China-Nexus Threat Group ‘Velvet Ant’ Abuses F5 Load Balancers for Persistence/
2024.06.18 - Cloaked and Covert - Uncovering UNC3886 Espionage Operations/
2024.06.19 - CERT-FR Malicious activities linked to the Nobelium intrusion set/
2024.06.19 - New North-Korean based backdoor packs a punch/
2024.06.20 - Sustained Campaign Using Chinese Espionage Tools Targets Telcos/
2024.06.21 - Analysis of PHANTOM#SPIKE - Attackers Leveraging CHM Files to Run Custom CSharp Backdoors Likely Targeting Victims Associated with Pakistan/
2024.06.21 - SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques/
2024.06.21 - Unveiling SpiceRAT - SneakyChef's latest tool targeting EMEA and Asia/
2024.06.24 - Armageddon is more than a Grammy-nominated album/
2024.06.24 - Chinese State-Sponsored RedJuliett Intensifies Taiwanese Cyber Espionage via Network Perimeter Exploitation/
2024.06.24 - Russia-Linked CopyCop Expands to Cover US Elections, Target Political Leaders/
2024.06.26 - ChamelGang & Friends - Cyberespionage Groups Attacking Critical Infrastructure with Ransomware/
2024.06.26 - Russian National (Amin Timovich Stigal) Charged for Conspiring with Russian Military Intelligence to Destroy Ukrainian Government Computer Systems and Data/
2024.06.27 - Kimsuky deploys TRANSLATEXT to target South Korean academia/
2024.06.28 - TeamViewer links corporate cyberattack to Russian state hackers/
2024.07.01 - CapraTube Remix - Transparent Tribe’s Android Spyware Targeting Gamers, Weapons Enthusiasts/
2024.07.01 - Xctdoor Malware Used in Attacks Against Korean Companies (Andariel)/
2024.07.05 - Turla - A Master’s Art of Evasion/
2024.07.08 - CloudSorcerer – A new APT targeting Russian government entities/
2024.07.08 - Volt Typhoon II - A secret Disinformation Campaign targeting U.S. Congress and Taxpayers conducted by U.S. Government agencies/
2024.07.09 - APT40 Advisory - PRC MSS tradecraft in action/
2024.07.09 - Italian government agencies and companies in the target of a Chinese APT17/
2024.07.09 - OceanLotus uses social security topics as bait to conduct APT attacks/
2024.07.10 - DodgeBox - A deep dive into the updated arsenal of APT41 Part 1/
2024.07.11 - MoonWalk - A deep dive into the updated arsenal of APT41 Part 2/
2024.07.15 - New BugSleep Backdoor Deployed in Recent MuddyWater Campaigns/
2024.07.16 - AG-100 Uses Open-Source Tools in Suspected Global Espionage Campaign, Compromising Two Asia-Pacific Intergovernmental Bodies/
2024.07.18 - APT41 Has Arisen From the DUST/
2024.07.18 - The Patchwork group has updated its arsenal, launching attacks for the first time using Brute Ratel C4 and an enhanced version of PGoShell/
2024.07.23 - Daggerfly - Espionage Group Makes Major Update to Toolset/
2024.07.23 - KnowBe4 - How a North Korean Fake IT Worker Tried to Infiltrate Us/
2024.07.23 - Transparent Tribe targets recent Election Results/
2024.07.24 - FrostyGoop Intel Brief/
2024.07.24 - Russia-nexus actor targets Ukraine/
2024.07.24 - Spot burst of activity UAC-0057 (CERT-UA10340)/
2024.07.25 - APT45 - North Korea’s Digital Military Machine/
2024.07.25 - How APT groups operate in Southeast Asia/
2024.07.25 - Mid-year Doppelgänger information operations in Europe and the US/
2024.07.25 - Onyx Sleet uses array of malware to gather intelligence for North Korea/
2024.07.25 - SideWinder Utilizes New Infrastructure to Target Ports and Maritime Facilities in the Mediterranean Sea/
2024.07.31 - Cyberattack on the Federal Office of Cartography and Geodesy can be attributed to Chinese state attackers/
2024.08.01 - APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike/
2024.08.01 - BfV CYBER INSIGHT - The i-Soon-Leaks - Industrialization of Cyber Espionage - Part 1 Organization and methods/
2024.08.01 - BITS and Bytes - Analyzing BITSLOTH, a newly identified backdoor/
2024.08.02 - Fighting Ursa Luring Targets With Car for Sale/
2024.08.02 - StormBamboo Compromises ISP to Abuse Insecure Software Update Mechanisms/
2024.08.08 - Iran Targeting 2024 US Election/
2024.08.08 - The i-Soon-Leaks - Industrialization of Cyber Espionage - Part 2/
2024.08.09 - A Dive into Earth Baku's Latest Campaign/
2024.08.12 - South Koreas Pseudo Hunter APT organization uses multiple domestic software vulnerabilities to attack China/
2024.08.13 - Kaspersky APT trends report Q2 2024/
2024.08.14 - Cyclops - a likely replacement for BellaCiao/
2024.08.14 - EastWind campaign - new CloudSorcerer attacks on government organizations in Russia/
2024.08.14 - Iranian backed group steps up phishing campaigns against Israel, U.S/
2024.08.14 - Rivers of Phish - Sophisticated Phishing Targets Russias Perceived Enemies Around the Globe/
2024.08.15 - The i-Soon-Leaks - Industrialization of Cyber Espionage - Part 3/
2024.08.17 - Sidewinder APT – Phishing on Pakistan/
2024.08.19 - BlindEagle flying high in Latin America/
2024.08.20 - GreenCharlie Infrastructure Targeting US Political Entities with Advanced Phishing and Malware/
2024.08.20 - New Backdoor Targeting Taiwan Employs Stealthy Communications/
2024.08.21 - MoonPeak malware from North Korean actors unveils new details on attacker infrastructure/
2024.08.22 - China-Nexus Threat Group Velvet Ant Leverages a Zero-Day to Deploy Malware on Cisco Nexus Switches/
2024.08.22 - The i-Soon-Leaks - Industrialization of Cyber Espionage - Part 4/
2024.08.23 - Analysis of New Variants and Subsequent Components of Patchwork(APT-Q-36) Spyder Downloader/
2024.08.26 - Operation DevilTiger - 0day vulnerability techniques and tactics used by APT-Q-12 disclosed/
2024.08.27 - Doppelgaenger - Details on a Russian disinformation campaign/
2024.08.28 - Advanced Persistent Threat (OceanLotus) Targeting Vietnamese Human Rights Defenders/
2024.08.28 - Analysis of two arbitrary code execution vulnerabilities affecting WPS Office/
2024.08.28 - I Spy With My Little Eye - Uncovering an Iranian Counterintelligence Operation/
2024.08.28 - Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations/
2024.08.28 - Operation Oxidový - Sophisticated Malware Campaign Targets Czech Officials Using NATO-Themed Decoys/
2024.08.28 - Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations/
2024.08.29 - State-backed attackers and commercial surveillance vendors repeatedly use the same exploits/
2024.08.29 - The Malware That Must Not Be Named - Suspected Espionage Campaign Delivers Voldemort/
2024.08.30 - North Korean threat actor Citrine Sleet exploiting Chromium zero-day/
2024.09.03 - A deep dive into the most interesting incident response cases of last year/
2024.09.03 - DeFied Expectations - Examining Web3 Heists/
2024.09.04 - APT Lazarus - Eager Crypto Beavers, Video calls and Games/
2024.09.04 - Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion/
2024.09.04 - Reconnaissance Scanning Tools Used by Chinese Threat Actors and Those Available in Open Source/
2024.09.05 - GRU 29155 Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure/
2024.09.05 - Tropic Trooper spies on government entities in the Middle East/
2024.09.06 - Chinese APT Abuses VSCode to Target Government in Asia/
2024.09.06 - Disjointed Cyber Warfare - Internal Conflicts among Russian Intelligence Agencies/
2024.09.06 - TIDRONE Targets Military and Satellite Industries in Taiwan/
2024.09.09 - Earth Preta Evolves its Attacks with New Malware and Strategies/
2024.09.09 - North Korean Threat Groups/
2024.09.10 - Crimson Palace returns - New Tools, Tactics, and Targets/
2024.09.11 - Targeted Iranian Attacks Against Iraqi Government Infrastructure/
2024.09.15 - Kimsuky A Gift That Keeps on Giving/
2024.09.15 - Shining a Light in the Dark – Uncovering an APT Lurking in Shadows of IT/
2024.09.17 - An Offer You Can Refuse - UNC2970 Backdoor Deployment Using Trojanized PDF Reader/
2024.09.17 - Analysis of Fox Kitten Infrastructure Reveals Unique Host Patterns and Potentially New IOCs/
2024.09.18 - Code of Conduct - DPRKs Python-fueled intrusions into secured networks/
2024.09.18 - Derailing the Raptor Train/
2024.09.18 - Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors/
2024.09.19 - COLDWASTREL of space/
2024.09.19 - Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC/
2024.09.19 - The Iranian Cyber Capability/
2024.09.19 - UNC1860 and the Temple of Oats - Irans Hidden Hand in Middle Eastern Networks/
2024.09.23 - Analysis of APT-C-00 (OceanLotus) Dual Loader and Homologous VMP Loader/
2024.09.24 - Analyzing the Newest Turla Backdoor/
2024.09.25 - Unraveling SloppyLemmings Operations Across South Asia/
2024.09.26 - Cyberespionage the Gamaredon way - Analysis of toolset used to spy on Ukraine in 2022 and 2023/
2024.09.26 - Unraveling Sparkling Piscess Tool Set - KLogEXE and FPSpy/
2024.09.27 - North Koreas hackers target Diehl Defence/
2024.09.30 - A phishing campaign by the state attack group APT42 against academics/
2024.09.30 - The Lies Russia Tells Itself/
2024.10.01 - Evil Corps deep ties with Russia and NATO member attacks exposed/
2024.10.01 - Zimperium Coverage on COLDRIVER Phishing Campaign/
2024.10.02 - Separating the bee from the panda - CeranaKeeper making a beeline for Thailand/
2024.10.02 - Stonefly - Extortion Attacks Continue Against U.S. Targets/
2024.10.03 - SHROUDED SLEEP - A Deep Dive into North Korea’s Ongoing Campaign Against Southeast Asia/
2024.10.05 - U.S. Wiretap Systems Targeted in China-Linked Hack/
2024.10.07 - Awaken Likho is awake - new techniques of an APT group/
2024.10.07 - Mind the (air) gap - GoldenJackal gooses government guardrails/
2024.10.09 - Contagious Interview - DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware/
2024.10.09 - Operation MiddleFloor - Disinformation campaign targets Moldova ahead of presidential elections and EU membership referendum/
2024.10.10 - Analysis of attack activities of APT-C-20 (APT28) using compound attack tactics/
2024.10.10 - Unmasking Adversary Infrastructure - How Certificates and Redirects Exposed Earth Baxia and PlugX Activity/
2024.10.10 - Update on SVR Cyber Operations and Vulnerability Exploitation/
2024.10.11 - Burning Zero Days - Suspected Nation-State Adversary Targets Ivanti CSA/
2024.10.11 - GRU military unit 29155/
2024.10.13 - FASTCash for Linux/
2024.10.13 - OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf/
2024.10.14 - Volt Typhoon III - Unraveling Cyberespionage and Disinformation Operations Conducted by U.S. Government Agencies/
2024.10.15 - Beyond the Surface - the evolution and expansion of the SideWinder APT group/
2024.10.15 - Volt Typhoon - Part 2 Leveraging ExoneraTor to Unmask the Threat Actor/
2024.10.16 - Chinas Influence Ops - Twisting Tales of Volt Typhoon at Home and Abroad/
2024.10.16 - Fraudulent North Korean IT Worker Schemes - From Insider Threats to Extortion/
2024.10.16 - Frequent vulnerabilities and high failure rates should be used to troubleshoot Intel product network security risks/
2024.10.16 - IcePeony with the 996 work culture/
2024.10.16 - Iranian Cyber Actors Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations/
2024.10.16 - Operation Code on Toast/
2024.10.16 - Suspected Mysterious Elephant group uses CHM files to attack multiple countries in South Asia/
2024.10.16 - Unmasking CVE-2024-38178 - The Silent Threat of Windows Scripting Engine/