Click here to download all references as Bib-File.•
2024-05-22
⋅
Mandiant
⋅
IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders |
2023-08-29
⋅
Mandiant
⋅
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868) GhostEmperor |
2023-03-30
⋅
Proofpoint
⋅
Exploitation is a Dish Best Served Cold: Winter Vivern Uses Known Zimbra Vulnerability to Target Webmail Portals of NATO-Aligned Governments in Europe Winter Vivern |
2022-08-30
⋅
Proofpoint
⋅
Rising Tide: Chasing the Currents of Espionage in the South China Sea scanbox Meterpreter APT40 |
2022-07-14
⋅
Proofpoint
⋅
Above the Fold and in Your Inbox: Tracing State-Aligned Activity Targeting Journalists, Media Chinoxy APT31 Lazarus Group TA482 |
2022-03-07
⋅
Proofpoint
⋅
The Good, the Bad, and the Web Bug: TA416 Increases Operational Tempo Against European Governments as Conflict in Ukraine Escalates PlugX MUSTANG PANDA |
2022-03-01
⋅
Proofpoint
⋅
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement SunSeed |
2021-12-01
⋅
Proofpoint
⋅
Injection is the New Black: Novel RTF Template Inject Technique Poised for Widespread Adoption Beyond APT Actors |
2021-11-11
⋅
Twitter (@aRtAGGI)
⋅
Tweet on APT31 using compromised PakEdge Rk1&RE2 router IPs as exit nodes in reconnaissance phishing campaigns |
2021-07-28
⋅
Proofpoint
⋅
I Knew You Were Trouble: TA456 Targets Defense Contractor with Alluring Social Media Persona Liderc SysKit |
2021-02-25
⋅
Proofpoint
⋅
TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations scanbox Sepulcher Lucky Cat |
2020-06-08
⋅
Proofpoint
⋅
TA410: The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware FlowCloud Lookback APT10 TA410 |
2020-03-11
⋅
Virus Bulletin
⋅
Attribution is in the object: using RTF object dimensions to track APT phishing weaponizers 8.t Dropper |
2019-09-22
⋅
Proofpoint
⋅
LookBack Forges Ahead: Continued Targeting of the United States’ Utilities Sector Reveals Additional Adversary TTPs Lookback TA410 |
2019-08-01
⋅
Proofpoint
⋅
LookBack Malware Targets the United States Utilities Sector with Phishing Attacks Impersonating Engineering Licensing Boards GUP Proxy Tool Lookback TA410 |
2019-07-23
⋅
Proofpoint
⋅
Chinese APT “Operation LagTime IT” Targets Government Information Technology Agencies in Eastern Asia 8.t Dropper Cotx RAT Poison Ivy TA428 |