Click here to download all references as Bib-File.•
| 2022-06-02
⋅
Microsoft
⋅
Exposing POLONIUM activity and infrastructure targeting Israeli organizations POLONIUM |
| 2022-06-01
⋅
Qianxin Threat Intelligence Center
⋅
Analysis of the attack activities of the Maha grass group using the documents of relevant government agencies in Pakistan as bait BadNews QUILTED TIGER |
| 2022-05-18
⋅
⋅
Weixin
⋅
filesyncshell.dll hijacked? APT-C-24 Sidewinder Briefing on the Latest Attack Activity |
| 2022-05-09
⋅
Microsoft Security
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself Griffon BazarBackdoor BlackCat BlackMatter Blister Gozi LockBit Pandora Rook SystemBC TrickBot |
| 2022-05-09
⋅
⋅
Qianxin Threat Intelligence Center
⋅
Operation EviLoong: An electronic party of "borderless" hackers ZXShell |
| 2022-05-09
⋅
Microsoft
⋅
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself AnchorDNS BlackCat BlackMatter Conti DarkSide HelloKitty Hive LockBit REvil FAKEUPDATES Griffon ATOMSILO BazarBackdoor BlackCat BlackMatter Blister Cobalt Strike Conti DarkSide Emotet FiveHands Gozi HelloKitty Hive IcedID ISFB JSSLoader LockBit LockFile Maze NightSky Pandora Phobos Phoenix Locker PhotoLoader QakBot REvil Rook Ryuk SystemBC TrickBot WastedLocker BRONZE STARLIGHT |
| 2022-04-12
⋅
⋅
360 Threat Intelligence Center
⋅
Recent attacks by Bahamut group revealed Bahamut |
| 2022-04-11
⋅
⋅
Qianxin Threat Intelligence Center
⋅
Snow Abuse: Analysis of the Suspected Lazarus Attack Activities against South Korean Companies |
| 2022-04-02
⋅
⋅
institute for advanced threats
⋅
WAVES LURKING IN THE CALM OF THE WIND AND WAVES: A DYNAMIC ANALYSIS OF THE ATTACK ACTIVITIES OF THE APT-C-00 (SEALOTUS) ORGANIZATION |
| 2022-03-22
⋅
Microsoft
⋅
DEV-0537 (UNC3661) criminal actor targeting organizations for data exfiltration and destruction RedLine Stealer LAPSUS |
| 2022-03-22
⋅
⋅
360 Threat Intelligence Center
⋅
Quantum Attack System – NSA "APT-C-40" Hacking Organization High-end Cyber Attack Weapon Technical Analysis Report (I) |
| 2022-03-17
⋅
Sophos
⋅
The Ransomware Threat Intelligence Center ATOMSILO Avaddon AvosLocker BlackKingdom Ransomware BlackMatter Conti Cring DarkSide dearcry Dharma Egregor Entropy Epsilon Red Gandcrab Karma LockBit LockFile Mailto Maze Nefilim RagnarLocker Ragnarok REvil RobinHood Ryuk SamSam Snatch WannaCryptor WastedLocker |
| 2022-03-16
⋅
Microsoft
⋅
Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure TrickBot |
| 2022-02-23
⋅
⋅
Weixin
⋅
APT-C-58 (Gorgon Group) attack warning Agent Tesla |
| 2022-02-04
⋅
Microsoft
⋅
ACTINIUM targets Ukrainian organizations Pteranodon Gamaredon Group |
| 2022-02-04
⋅
Microsoft
⋅
ACTINIUM targets Ukrainian organizations DilongTrash DinoTrain Pteranodon QuietSieve Gamaredon Group |
| 2021-12-11
⋅
Microsoft
⋅
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability Khonsari NightSky BRONZE STARLIGHT |
| 2021-12-06
⋅
Microsoft
⋅
NICKEL targeting government organizations across Latin America and Europe MimiKatz |
| 2021-12-06
⋅
Mandiant
⋅
Suspected Russian Activity Targeting Government and Business Entities Around the Globe (UNC2452) Cobalt Strike CryptBot |
| 2021-11-29
⋅
⋅
Qianxin Threat Intelligence Center
⋅
APT-Q-12: An intelligence espionage campaign targeting the trade industry Unidentified 100 (APT-Q-12) APT-C-60 |