Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-10-30QianxinThreat Intelligence Center
@online{center:20201030:donot:5f3e428, author = {Threat Intelligence Center}, title = {{攻击武器再升级:Donot组织利用伪造签名样本的攻击活动分析}}, date = {2020-10-30}, organization = {Qianxin}, url = {https://mp.weixin.qq.com/s/3Pa3hiuZyQBspDzH0kGSHw}, language = {Chinese}, urldate = {2020-11-02} } 攻击武器再升级:Donot组织利用伪造签名样本的攻击活动分析
2020-10-30360Threat Intelligence Center
@online{center:20201030:aptc41:ede60de, author = {Threat Intelligence Center}, title = {{蓝色魔眼(APT-C-41)组织首次针对我国重要机构定向攻击活动披露}}, date = {2020-10-30}, organization = {360}, url = {https://mp.weixin.qq.com/s/5No0TR4ECVPp_Xv4joXEBg}, language = {Chinese}, urldate = {2020-11-02} } 蓝色魔眼(APT-C-41)组织首次针对我国重要机构定向攻击活动披露
StrongPity
2020-10-26QianxinThreat Intelligence Center
@online{center:20201026:analysis:81bfa52, author = {Threat Intelligence Center}, title = {{Analysis of the attack activities of the Rattlesnake organization using the Buffy bilateral agreement as bait}}, date = {2020-10-26}, organization = {Qianxin}, url = {https://www.secrss.com/articles/26507}, language = {Chinese}, urldate = {2020-10-27} } Analysis of the attack activities of the Rattlesnake organization using the Buffy bilateral agreement as bait
SideWinder
2020-10-23360360 Threat Intelligence Center
@online{center:20201023:apt28:099c6cd, author = {360 Threat Intelligence Center}, title = {{APT28携小众压缩包诱饵对北约、中亚目标的定向攻击分析}}, date = {2020-10-23}, organization = {360}, url = {https://mp.weixin.qq.com/s/6R7bFs9lH1I3BNdkatCC9g}, language = {Chinese}, urldate = {2020-10-26} } APT28携小众压缩包诱饵对北约、中亚目标的定向攻击分析
Zebrocy
2020-09-10MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
@online{mstic:20200910:strontium:eeaafcd, author = {Microsoft Threat Intelligence Center (MSTIC)}, title = {{STRONTIUM: Detecting new patterns in credential harvesting}}, date = {2020-09-10}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2020/09/10/strontium-detecting-new-patters-credential-harvesting/}, language = {English}, urldate = {2020-09-15} } STRONTIUM: Detecting new patterns in credential harvesting
Sofacy
2020-08-25360 Threat Intelligence Center360 Threat Intelligence Center
@online{center:20200825:darkhotel:cf3af4b, author = {360 Threat Intelligence Center}, title = {{Darkhotel (APT-C-06) organized multiple attacks using the Thinmon backdoor framework to reveal the secrets}}, date = {2020-08-25}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/nyxZFXgrtm2-tBiV3-wiMg}, language = {Chinese}, urldate = {2020-08-25} } Darkhotel (APT-C-06) organized multiple attacks using the Thinmon backdoor framework to reveal the secrets
ThinMon
2020-07-01360360 Threat Intelligence Center
@online{center:20200701::fc5fdee, author = {360 Threat Intelligence Center}, title = {{游走在东欧和中亚的奇幻熊}}, date = {2020-07-01}, organization = {360}, url = {https://mp.weixin.qq.com/s/pE_6VRDk-2aTI996sff0og}, language = {Chinese}, urldate = {2020-10-26} } 游走在东欧和中亚的奇幻熊
Zebrocy
2020-05-28MicrosoftMicrosoft Threat Intelligence Center (MSTIC)
@online{mstic:20200528:breaking:f55e372, author = {Microsoft Threat Intelligence Center (MSTIC)}, title = {{Breaking down NOBELIUM’s latest early-stage toolset}}, date = {2020-05-28}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2021/05/28/breaking-down-nobeliums-latest-early-stage-toolset/}, language = {English}, urldate = {2021-06-09} } Breaking down NOBELIUM’s latest early-stage toolset
Cobalt Strike
2020-05-28QianxinThreat Intelligence Center
@online{center:20200528:analysis:5b197d4, author = {Threat Intelligence Center}, title = {{Analysis of recent rattlesnake APT attacks against surrounding countries and regions}}, date = {2020-05-28}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/the-recent-rattlesnake-apt-organized-attacks-on-neighboring-countries-and-regions/}, language = {Chinese}, urldate = {2020-10-27} } Analysis of recent rattlesnake APT attacks against surrounding countries and regions
SideWinder
2020-02-13QianxinQi Anxin Threat Intelligence Center
@techreport{center:20200213:report:146d333, author = {Qi Anxin Threat Intelligence Center}, title = {{APT Report 2019}}, date = {2020-02-13}, institution = {Qianxin}, url = {https://ti.qianxin.com/uploads/2020/02/13/cb78386a082f465f259b37dae5df4884.pdf}, language = {English}, urldate = {2020-02-27} } APT Report 2019
Chrysaor Exodus Dacls elf.vpnfilter DNSRat Griffon KopiLuwak More_eggs SQLRat AppleJeus BONDUPDATER Agent.BTZ Anchor AndroMut AppleJeus BOOSTWRITE Brambul Carbanak Cobalt Strike Dacls DistTrack DNSpionage Dtrack ELECTRICFISH FlawedAmmyy FlawedGrace Get2 Grateful POS HOPLIGHT Imminent Monitor RAT jason Joanap KerrDown KEYMARBLE Lambert LightNeuron LoJax MiniDuke PolyglotDuke PowerRatankba Rising Sun SDBbot ServHelper Snatch Stuxnet TinyMet tRat TrickBot Volgmer X-Agent Zebrocy
2019-12-12MicrosoftMicrosoft Threat Intelligence Center
@online{center:20191212:gallium:79f6460, author = {Microsoft Threat Intelligence Center}, title = {{GALLIUM: Targeting global telecom}}, date = {2019-12-12}, organization = {Microsoft}, url = {https://www.microsoft.com/security/blog/2019/12/12/gallium-targeting-global-telecom/}, language = {English}, urldate = {2020-01-07} } GALLIUM: Targeting global telecom
Ghost RAT HTran GALLIUM
2019-02-26TencentTencent Yujian Threat Intelligence Center
@online{center:20190226:disclosure:d46aaed, author = {Tencent Yujian Threat Intelligence Center}, title = {{Disclosure of SideWinder APT's attack against South Asia}}, date = {2019-02-26}, organization = {Tencent}, url = {https://s.tencent.com/research/report/659.html}, language = {Chinese}, urldate = {2021-03-04} } Disclosure of SideWinder APT's attack against South Asia
SideWinder SideWinder
2019-02-18360 Threat IntelligenceAnxin Threat Intelligence Center
@online{center:20190218:aptc36:abbf9ea, author = {Anxin Threat Intelligence Center}, title = {{APT-C-36: Continuous Attacks Targeting Colombian Government Institutions and Corporations}}, date = {2019-02-18}, organization = {360 Threat Intelligence}, url = {https://ti.360.net/blog/articles/apt-c-36-continuous-attacks-targeting-colombian-government-institutions-and-corporations-en/}, language = {English}, urldate = {2020-01-09} } APT-C-36: Continuous Attacks Targeting Colombian Government Institutions and Corporations
Imminent Monitor RAT APT-C-36
2018-12-12360 Threat IntelligenceQi Anxin Threat Intelligence Center
@online{center:20181212:donot:32e8fb0, author = {Qi Anxin Threat Intelligence Center}, title = {{Donot (APT-C-35) Group Is Targeting Pakistani Businessman Working In China}}, date = {2018-12-12}, organization = {360 Threat Intelligence}, url = {https://ti.360.net/blog/articles/donot-group-is-targeting-pakistani-businessman-working-in-china-en/}, language = {English}, urldate = {2020-01-13} } Donot (APT-C-35) Group Is Targeting Pakistani Businessman Working In China
APT-C-35
2018-11-29360 Threat IntelligenceThreat Intelligence Center
@online{center:20181129:analysis:d46e3e4, author = {Threat Intelligence Center}, title = {{Analysis Of Targeted Attack Against Pakistan By Exploiting InPage Vulnerability And Related APT Groups}}, date = {2018-11-29}, organization = {360 Threat Intelligence}, url = {https://ti.qianxin.com/blog/articles/analysis-of-targeted-attack-against-pakistan-by-exploiting-inpage-vulnerability-and-related-apt-groups-english/}, language = {English}, urldate = {2022-01-03} } Analysis Of Targeted Attack Against Pakistan By Exploiting InPage Vulnerability And Related APT Groups
BioData Bitter RAT WSCSPL
2018-11-29360 Threat IntelligenceQi Anxin Threat Intelligence Center
@online{center:20181129:analysis:08c590c, author = {Qi Anxin Threat Intelligence Center}, title = {{Analysis Of Targeted Attack Against Pakistan By Exploiting InPage Vulnerability And Related APT Groups}}, date = {2018-11-29}, organization = {360 Threat Intelligence}, url = {https://ti.360.net/blog/articles/analysis-of-targeted-attack-against-pakistan-by-exploiting-inpage-vulnerability-and-related-apt-groups-english}, language = {English}, urldate = {2020-03-02} } Analysis Of Targeted Attack Against Pakistan By Exploiting InPage Vulnerability And Related APT Groups
Artra Downloader
2018-07-23360 Threat IntelligenceQi Anxin Threat Intelligence Center
@online{center:20180723:golden:acfd437, author = {Qi Anxin Threat Intelligence Center}, title = {{Golden Rat Organization-targeted attack in Syria}}, date = {2018-07-23}, organization = {360 Threat Intelligence}, url = {https://ti.360.net/blog/articles/analysis-of-apt-c-27/}, language = {Chinese}, urldate = {2020-04-28} } Golden Rat Organization-targeted attack in Syria
NjRAT Golden RAT
2018-05-23TencentTencent Mimi Threat Intelligence Center
@online{center:20180523:sidewinderapttapt04:2f4c2cc, author = {Tencent Mimi Threat Intelligence Center}, title = {{SideWinder“响尾蛇”APT组织(T-APT-04):针对南亚的定向攻击威胁}}, date = {2018-05-23}, organization = {Tencent}, url = {https://s.tencent.com/research/report/479.html}, language = {Chinese}, urldate = {2020-01-06} } SideWinder“响尾蛇”APT组织(T-APT-04):针对南亚的定向攻击威胁
SideWinder SideWinder
2018-03-30360 Threat IntelligenceQi Anxin Threat Intelligence Center
@online{center:20180330:analysis:4f1feb9, author = {Qi Anxin Threat Intelligence Center}, title = {{Analysis of the latest cyber attack activity of the APT organization against sensitive institutions in China}}, date = {2018-03-30}, organization = {360 Threat Intelligence}, url = {https://ti.360.net/blog/articles/analysis-of-apt-c-09-target-china/}, language = {Chinese}, urldate = {2020-01-13} } Analysis of the latest cyber attack activity of the APT organization against sensitive institutions in China
Quasar RAT