Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-28360360 Threat Intelligence Center
@online{center:20230828:aptc55:9eadb97, author = {360 Threat Intelligence Center}, title = {{APT-C-55 (Kimsuky) organization uses Korean domain names for malicious activities}}, date = {2023-08-28}, organization = {360}, url = {https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA%3D%3D&mid=2247493300&idx=1&sn=614dda72d95b5dfd732916aec0662598&chksm=f9c1d5bdceb65cab316de9e368fef6a997b82e96ed1a70b9b53ea8ae3c5698a8d4c95488e956&scene=178&cur_album_id=1955835290309230595}, language = {Chinese}, urldate = {2023-09-07} } APT-C-55 (Kimsuky) organization uses Korean domain names for malicious activities
2023-01-10360 netlabAlex Turing, Hui Wang
@online{turing:20230110:heads:afb8678, author = {Alex Turing and Hui Wang}, title = {{Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges}}, date = {2023-01-10}, organization = {360 netlab}, url = {https://blog.netlab.360.com/headsup_xdr33_variant_of_ciahive_emeerges/}, language = {English}, urldate = {2023-01-25} } Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges
xdr33
2022-12-06360 Threat Intelligence Center360 Beacon Lab
@online{lab:20221206:analysis:d045827, author = {360 Beacon Lab}, title = {{Analysis of suspected APT-C-56 (Transparent Tribe) attacks against terrorism}}, date = {2022-12-06}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/J_A12SOX0k5TOYFAegBv_w}, language = {Chinese}, urldate = {2022-12-24} } Analysis of suspected APT-C-56 (Transparent Tribe) attacks against terrorism
AhMyth Meterpreter SpyNote AsyncRAT
2022-11-03360 netlabLiu Ya, RootKiter
@online{ya:20221103:p2p:29795c2, author = {Liu Ya and RootKiter}, title = {{P2P Botnets: Review - Status - Continuous Monitoring}}, date = {2022-11-03}, organization = {360 netlab}, url = {https://blog.netlab.360.com/p2p-botnets-review-status-continuous-monitoring/}, language = {English}, urldate = {2023-05-23} } P2P Botnets: Review - Status - Continuous Monitoring
FritzFrog Hajime Mozi Pink
2022-08-29360 netlabwanghao
@online{wanghao:20220829:purecrypter:4d81329, author = {wanghao}, title = {{PureCrypter Loader continues to be active and has spread to more than 10 other families}}, date = {2022-08-29}, organization = {360 netlab}, url = {https://blog.netlab.360.com/purecrypter}, language = {Chinese}, urldate = {2022-09-06} } PureCrypter Loader continues to be active and has spread to more than 10 other families
404 Keylogger Agent Tesla AsyncRAT Formbook RedLine Stealer
2022-08-17360360 Threat Intelligence Center
@online{center:20220817:kasablanka:2a28570, author = {360 Threat Intelligence Center}, title = {{Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East}}, date = {2022-08-17}, organization = {360}, url = {https://mp.weixin.qq.com/s/mstwBMkS0G3Et4GOji2mwA}, language = {Chinese}, urldate = {2022-08-19} } Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East
SpyNote Loda Nanocore RAT NjRAT
2022-08-05360 netlab360 Netlab
@online{netlab:20220805:new:d4f6a02, author = {360 Netlab}, title = {{A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information}}, date = {2022-08-05}, organization = {360 netlab}, url = {https://blog.netlab.360.com/a-new-botnet-orchard-generates-dga-domains-with-bitcoin-transaction-information/}, language = {English}, urldate = {2022-08-30} } A new botnet Orchard Generates DGA Domains with Bitcoin Transaction Information
Orchard
2022-08-05360 netlabDaji, suqitian
@online{daji:20220805:dga:b184bd8, author = {Daji and suqitian}, title = {{The DGA family Orchard continues to change, and the new version generates DGA domain names using Bitcoin transaction information}}, date = {2022-08-05}, organization = {360 netlab}, url = {https://blog.netlab.360.com/orchard-dga/}, language = {Chinese}, urldate = {2022-09-21} } The DGA family Orchard continues to change, and the new version generates DGA domain names using Bitcoin transaction information
Orchard
2022-05-18Weixin360 Threat Intelligence Center
@online{center:20220518:filesyncshelldll:4266601, author = {360 Threat Intelligence Center}, title = {{filesyncshell.dll hijacked? APT-C-24 Sidewinder Briefing on the Latest Attack Activity}}, date = {2022-05-18}, organization = {Weixin}, url = {https://mp.weixin.qq.com/s/qsGxZIiTsuI7o-_XmiHLHg}, language = {Chinese}, urldate = {2022-05-25} } filesyncshell.dll hijacked? APT-C-24 Sidewinder Briefing on the Latest Attack Activity
2022-05-09360 netlabLiu Ya, Alex.Turing, Hui Wang, YANG XU
@online{ya:20220509:data:71a5fb8, author = {Liu Ya and Alex.Turing and Hui Wang and YANG XU}, title = {{The data analysis behind the cyber attack on Beijing Healthbao}}, date = {2022-05-09}, organization = {360 netlab}, url = {https://blog.netlab.360.com/botnet-group-behind-attack-bjjkb/}, language = {Chinese}, urldate = {2022-05-25} } The data analysis behind the cyber attack on Beijing Healthbao
2022-04-19360360 Netlab
@online{netlab:20220419:public:0ce406b, author = {360 Netlab}, title = {{Public Cloud Cybersecurity Threat Intelligence (202203)}}, date = {2022-04-19}, organization = {360}, url = {https://blog.netlab.360.com/public-cloud-threat-intelligence-202203/}, language = {English}, urldate = {2022-04-25} } Public Cloud Cybersecurity Threat Intelligence (202203)
Bashlite Tsunami Mirai
2022-04-13360 netlabHui Wang, Alex.Turing, YANG XU
@online{wang:20220413:fodcha:3279a03, author = {Hui Wang and Alex.Turing and YANG XU}, title = {{Fodcha, a new DDos botnet}}, date = {2022-04-13}, organization = {360 netlab}, url = {https://blog.netlab.360.com/fodcha-a-new-ddos-botnet/}, language = {English}, urldate = {2022-04-15} } Fodcha, a new DDos botnet
Fodcha
2022-04-13360 netlabHui Wang, Alex.Turing, YANG XU
@online{wang:20220413:new:1e147e1, author = {Hui Wang and Alex.Turing and YANG XU}, title = {{New Threat: The Muffled Fodcha Botnet}}, date = {2022-04-13}, organization = {360 netlab}, url = {https://blog.netlab.360.com/men-sheng-fa-da-cai-fodchajiang-shi-wang-luo/}, language = {Chinese}, urldate = {2022-05-04} } New Threat: The Muffled Fodcha Botnet
2022-04-12360 Threat Intelligence Center360 Beacon Lab
@online{lab:20220412:recent:2a11b0c, author = {360 Beacon Lab}, title = {{Recent attacks by Bahamut group revealed}}, date = {2022-04-12}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/YAAybJBAvxqrQWYDg31BBw}, language = {Chinese}, urldate = {2022-04-15} } Recent attacks by Bahamut group revealed
Bahamut
2022-04-05Cert-UACert-UA
@online{certua:20220405:information:b3685e0, author = {Cert-UA}, title = {{Information on cyberattacks aimed at gaining access to Telegram accounts (CERT-UA#4360)}}, date = {2022-04-05}, organization = {Cert-UA}, url = {https://cert.gov.ua/article/39253}, language = {Ukrainian}, urldate = {2022-04-07} } Information on cyberattacks aimed at gaining access to Telegram accounts (CERT-UA#4360)
2022-04-02institute for advanced threats360 Threat Intelligence Center
@online{center:20220402:waves:5aa4f65, author = {360 Threat Intelligence Center}, title = {{WAVES LURKING IN THE CALM OF THE WIND AND WAVES: A DYNAMIC ANALYSIS OF THE ATTACK ACTIVITIES OF THE APT-C-00 (SEALOTUS) ORGANIZATION}}, date = {2022-04-02}, organization = {institute for advanced threats}, url = {https://mp.weixin.qq.com/s/tBQSbv55lJUipaPWFr1fKw}, language = {Chinese}, urldate = {2022-04-05} } WAVES LURKING IN THE CALM OF THE WIND AND WAVES: A DYNAMIC ANALYSIS OF THE ATTACK ACTIVITIES OF THE APT-C-00 (SEALOTUS) ORGANIZATION
2022-04-01360 netlabhouliuyang, 黄安欣
@online{houliuyang:20220401:what:f58905c, author = {houliuyang and 黄安欣}, title = {{What Our Honeypot Sees Just One Day After The Spring4Shell Advisory}}, date = {2022-04-01}, organization = {360 netlab}, url = {https://blog.netlab.360.com/what-our-honeypot-sees-just-one-day-after-the-spring4shell-advisory-en/}, language = {English}, urldate = {2022-04-13} } What Our Honeypot Sees Just One Day After The Spring4Shell Advisory
Mirai
2022-03-22360 Threat Intelligence Center360 Threat Intelligence Center
@online{center:20220322:quantum:8629794, author = {360 Threat Intelligence Center}, title = {{Quantum Attack System – NSA "APT-C-40" Hacking Organization High-end Cyber Attack Weapon Technical Analysis Report (I)}}, date = {2022-03-22}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/lzf16Fchfv1fMG3IExq7XA}, language = {Chinese}, urldate = {2022-06-27} } Quantum Attack System – NSA "APT-C-40" Hacking Organization High-end Cyber Attack Weapon Technical Analysis Report (I)
2022-03-15360 netlabAlex.Turing, Hui Wang
@online{alexturing:20220315:new:3b64b05, author = {Alex.Turing and Hui Wang}, title = {{New Threat: Linux Backdoor B1txor20 using DNS Tunnel technology is spreading through the Log4j vulnerability}}, date = {2022-03-15}, organization = {360 netlab}, url = {https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_cn/}, language = {Chinese}, urldate = {2022-03-15} } New Threat: Linux Backdoor B1txor20 using DNS Tunnel technology is spreading through the Log4j vulnerability
B1txor20
2022-02-25360 netlabGhost
@online{ghost:20220225:some:268b2df, author = {Ghost}, title = {{Some details of the DDoS attacks targeting Ukraine and Russia in recent days}}, date = {2022-02-25}, organization = {360 netlab}, url = {https://blog.netlab.360.com/some_details_of_the_ddos_attacks_targeting_ukraine_and_russia_in_recent_days/}, language = {English}, urldate = {2022-03-02} } Some details of the DDoS attacks targeting Ukraine and Russia in recent days
Bashlite Mirai MooBot PerlBot