Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-29360 netlabwanghao
@online{wanghao:20220829:purecrypter:4d81329, author = {wanghao}, title = {{PureCrypter Loader continues to be active and has spread to more than 10 other families}}, date = {2022-08-29}, organization = {360 netlab}, url = {https://blog.netlab.360.com/purecrypter}, language = {Chinese}, urldate = {2022-09-06} } PureCrypter Loader continues to be active and has spread to more than 10 other families
404 Keylogger Agent Tesla AsyncRAT Formbook RedLine Stealer
2022-08-17360360 Threat Intelligence Center
@online{center:20220817:kasablanka:2a28570, author = {360 Threat Intelligence Center}, title = {{Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East}}, date = {2022-08-17}, organization = {360}, url = {https://mp.weixin.qq.com/s/mstwBMkS0G3Et4GOji2mwA}, language = {Chinese}, urldate = {2022-08-19} } Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East
SpyNote Loda Nanocore RAT NjRAT
2022-08-05360 netlab360 Netlab
@online{netlab:20220805:new:d4f6a02, author = {360 Netlab}, title = {{A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information}}, date = {2022-08-05}, organization = {360 netlab}, url = {https://blog.netlab.360.com/a-new-botnet-orchard-generates-dga-domains-with-bitcoin-transaction-information/}, language = {English}, urldate = {2022-08-30} } A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
Orchard
2022-08-05360 netlabDaji, suqitian
@online{daji:20220805:dga:b184bd8, author = {Daji and suqitian}, title = {{The DGA family Orchard continues to change, and the new version generates DGA domain names using Bitcoin transaction information}}, date = {2022-08-05}, organization = {360 netlab}, url = {https://blog.netlab.360.com/orchard-dga/}, language = {Chinese}, urldate = {2022-09-21} } The DGA family Orchard continues to change, and the new version generates DGA domain names using Bitcoin transaction information
Orchard
2022-05-18Weixin360 Threat Intelligence Center
@online{center:20220518:filesyncshelldll:4266601, author = {360 Threat Intelligence Center}, title = {{filesyncshell.dll hijacked? APT-C-24 Sidewinder Briefing on the Latest Attack Activity}}, date = {2022-05-18}, organization = {Weixin}, url = {https://mp.weixin.qq.com/s/qsGxZIiTsuI7o-_XmiHLHg}, language = {Chinese}, urldate = {2022-05-25} } filesyncshell.dll hijacked? APT-C-24 Sidewinder Briefing on the Latest Attack Activity
2022-05-09360 netlabLiu Ya, Alex.Turing, Hui Wang, YANG XU
@online{ya:20220509:data:71a5fb8, author = {Liu Ya and Alex.Turing and Hui Wang and YANG XU}, title = {{The data analysis behind the cyber attack on Beijing Healthbao}}, date = {2022-05-09}, organization = {360 netlab}, url = {https://blog.netlab.360.com/botnet-group-behind-attack-bjjkb/}, language = {Chinese}, urldate = {2022-05-25} } The data analysis behind the cyber attack on Beijing Healthbao
2022-04-19360360 Netlab
@online{netlab:20220419:public:0ce406b, author = {360 Netlab}, title = {{Public Cloud Cybersecurity Threat Intelligence (202203)}}, date = {2022-04-19}, organization = {360}, url = {https://blog.netlab.360.com/public-cloud-threat-intelligence-202203/}, language = {English}, urldate = {2022-04-25} } Public Cloud Cybersecurity Threat Intelligence (202203)
Bashlite Tsunami Mirai
2022-04-13360 netlabHui Wang, Alex.Turing, YANG XU
@online{wang:20220413:fodcha:3279a03, author = {Hui Wang and Alex.Turing and YANG XU}, title = {{Fodcha, a new DDos botnet}}, date = {2022-04-13}, organization = {360 netlab}, url = {https://blog.netlab.360.com/fodcha-a-new-ddos-botnet/}, language = {English}, urldate = {2022-04-15} } Fodcha, a new DDos botnet
2022-04-13360 netlabHui Wang, Alex.Turing, YANG XU
@online{wang:20220413:new:1e147e1, author = {Hui Wang and Alex.Turing and YANG XU}, title = {{New Threat: The Muffled Fodcha Botnet}}, date = {2022-04-13}, organization = {360 netlab}, url = {https://blog.netlab.360.com/men-sheng-fa-da-cai-fodchajiang-shi-wang-luo/}, language = {Chinese}, urldate = {2022-05-04} } New Threat: The Muffled Fodcha Botnet
2022-04-12360 Threat Intelligence Center360 Beacon Lab
@online{lab:20220412:recent:2a11b0c, author = {360 Beacon Lab}, title = {{Recent attacks by Bahamut group revealed}}, date = {2022-04-12}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/YAAybJBAvxqrQWYDg31BBw}, language = {Chinese}, urldate = {2022-04-15} } Recent attacks by Bahamut group revealed
Bahamut
2022-04-05Cert-UACert-UA
@online{certua:20220405:information:b3685e0, author = {Cert-UA}, title = {{Information on cyberattacks aimed at gaining access to Telegram accounts (CERT-UA#4360)}}, date = {2022-04-05}, organization = {Cert-UA}, url = {https://cert.gov.ua/article/39253}, language = {Ukrainian}, urldate = {2022-04-07} } Information on cyberattacks aimed at gaining access to Telegram accounts (CERT-UA#4360)
2022-04-02institute for advanced threats360 Threat Intelligence Center
@online{center:20220402:waves:5aa4f65, author = {360 Threat Intelligence Center}, title = {{WAVES LURKING IN THE CALM OF THE WIND AND WAVES: A DYNAMIC ANALYSIS OF THE ATTACK ACTIVITIES OF THE APT-C-00 (SEALOTUS) ORGANIZATION}}, date = {2022-04-02}, organization = {institute for advanced threats}, url = {https://mp.weixin.qq.com/s/tBQSbv55lJUipaPWFr1fKw}, language = {Chinese}, urldate = {2022-04-05} } WAVES LURKING IN THE CALM OF THE WIND AND WAVES: A DYNAMIC ANALYSIS OF THE ATTACK ACTIVITIES OF THE APT-C-00 (SEALOTUS) ORGANIZATION
2022-04-01360 netlabhouliuyang, 黄安欣
@online{houliuyang:20220401:what:f58905c, author = {houliuyang and 黄安欣}, title = {{What Our Honeypot Sees Just One Day After The Spring4Shell Advisory}}, date = {2022-04-01}, organization = {360 netlab}, url = {https://blog.netlab.360.com/what-our-honeypot-sees-just-one-day-after-the-spring4shell-advisory-en/}, language = {English}, urldate = {2022-04-13} } What Our Honeypot Sees Just One Day After The Spring4Shell Advisory
Mirai
2022-03-22360 Threat Intelligence Center360 Threat Intelligence Center
@online{center:20220322:quantum:8629794, author = {360 Threat Intelligence Center}, title = {{Quantum Attack System – NSA "APT-C-40" Hacking Organization High-end Cyber Attack Weapon Technical Analysis Report (I)}}, date = {2022-03-22}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/lzf16Fchfv1fMG3IExq7XA}, language = {Chinese}, urldate = {2022-06-27} } Quantum Attack System – NSA "APT-C-40" Hacking Organization High-end Cyber Attack Weapon Technical Analysis Report (I)
2022-03-15360 netlabAlex.Turing, Hui Wang
@online{alexturing:20220315:new:3b64b05, author = {Alex.Turing and Hui Wang}, title = {{New Threat: Linux Backdoor B1txor20 using DNS Tunnel technology is spreading through the Log4j vulnerability}}, date = {2022-03-15}, organization = {360 netlab}, url = {https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_cn/}, language = {Chinese}, urldate = {2022-03-15} } New Threat: Linux Backdoor B1txor20 using DNS Tunnel technology is spreading through the Log4j vulnerability
B1txor20
2022-02-25360 netlabGhost
@online{ghost:20220225:details:66e35e3, author = {Ghost}, title = {{Details of the DDoS attacks we have seen recently against Ukraine and Russia}}, date = {2022-02-25}, organization = {360 netlab}, url = {https://blog.netlab.360.com/wo-men-kan-dao-de-wu-ke-lan-bei-ddosgong-ji-xi-jie/}, language = {Chinese}, urldate = {2022-03-01} } Details of the DDoS attacks we have seen recently against Ukraine and Russia
Bashlite Mirai Mirai
2022-02-25360 netlabGhost
@online{ghost:20220225:some:268b2df, author = {Ghost}, title = {{Some details of the DDoS attacks targeting Ukraine and Russia in recent days}}, date = {2022-02-25}, organization = {360 netlab}, url = {https://blog.netlab.360.com/some_details_of_the_ddos_attacks_targeting_ukraine_and_russia_in_recent_days/}, language = {English}, urldate = {2022-03-02} } Some details of the DDoS attacks targeting Ukraine and Russia in recent days
Bashlite Mirai MooBot PerlBot
2022-02-23Weixin360 Threat Intelligence Center
@online{center:20220223:aptc58:fb10a0a, author = {360 Threat Intelligence Center}, title = {{APT-C-58 (Gorgon Group) attack warning}}, date = {2022-02-23}, organization = {Weixin}, url = {https://mp.weixin.qq.com/s/X0kAIHOSldiFDthb4IsmbQ}, language = {Chinese}, urldate = {2022-03-01} } APT-C-58 (Gorgon Group) attack warning
Agent Tesla
2021-11-30360 netlabAlex.Turing, Hui Wang
@online{alexturing:20211130:ewdoor:aa6e76e, author = {Alex.Turing and Hui Wang}, title = {{EwDoor Botnet Is Attacking AT&T Customers}}, date = {2021-11-30}, organization = {360 netlab}, url = {https://blog.netlab.360.com/warning-ewdoor-botnet-is-attacking-att-customers/}, language = {English}, urldate = {2021-12-07} } EwDoor Botnet Is Attacking AT&T Customers
EwDoor
2021-11-19360 Threat Intelligence Centeradvanced threat research institute
@online{institute:20211119:it:0807b7c, author = {advanced threat research institute}, title = {{It is suspected that the APT-C-55 organization used the commercial software Web Browser Password Viewer to carry out the attack}}, date = {2021-11-19}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/QDI912ogVKyyKFYdKvBGdQ}, language = {Chinese}, urldate = {2021-12-07} } It is suspected that the APT-C-55 organization used the commercial software Web Browser Password Viewer to carry out the attack