Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-08-28360360 Threat Intelligence Center
@online{center:20230828:aptc55:9eadb97, author = {360 Threat Intelligence Center}, title = {{APT-C-55 (Kimsuky) organization uses Korean domain names for malicious activities}}, date = {2023-08-28}, organization = {360}, url = {https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA%3D%3D&mid=2247493300&idx=1&sn=614dda72d95b5dfd732916aec0662598&chksm=f9c1d5bdceb65cab316de9e368fef6a997b82e96ed1a70b9b53ea8ae3c5698a8d4c95488e956&scene=178&cur_album_id=1955835290309230595}, language = {Chinese}, urldate = {2023-09-07} } APT-C-55 (Kimsuky) organization uses Korean domain names for malicious activities
2022-12-06360 Threat Intelligence Center360 Beacon Lab
@online{lab:20221206:analysis:d045827, author = {360 Beacon Lab}, title = {{Analysis of suspected APT-C-56 (Transparent Tribe) attacks against terrorism}}, date = {2022-12-06}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/J_A12SOX0k5TOYFAegBv_w}, language = {Chinese}, urldate = {2022-12-24} } Analysis of suspected APT-C-56 (Transparent Tribe) attacks against terrorism
AhMyth Meterpreter SpyNote AsyncRAT
2022-08-17360360 Threat Intelligence Center
@online{center:20220817:kasablanka:2a28570, author = {360 Threat Intelligence Center}, title = {{Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East}}, date = {2022-08-17}, organization = {360}, url = {https://mp.weixin.qq.com/s/mstwBMkS0G3Et4GOji2mwA}, language = {Chinese}, urldate = {2022-08-19} } Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East
SpyNote Loda Nanocore RAT NjRAT
2022-05-18Weixin360 Threat Intelligence Center
@online{center:20220518:filesyncshelldll:4266601, author = {360 Threat Intelligence Center}, title = {{filesyncshell.dll hijacked? APT-C-24 Sidewinder Briefing on the Latest Attack Activity}}, date = {2022-05-18}, organization = {Weixin}, url = {https://mp.weixin.qq.com/s/qsGxZIiTsuI7o-_XmiHLHg}, language = {Chinese}, urldate = {2022-05-25} } filesyncshell.dll hijacked? APT-C-24 Sidewinder Briefing on the Latest Attack Activity
2022-04-12360 Threat Intelligence Center360 Beacon Lab
@online{lab:20220412:recent:2a11b0c, author = {360 Beacon Lab}, title = {{Recent attacks by Bahamut group revealed}}, date = {2022-04-12}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/YAAybJBAvxqrQWYDg31BBw}, language = {Chinese}, urldate = {2022-04-15} } Recent attacks by Bahamut group revealed
Bahamut
2022-04-02institute for advanced threats360 Threat Intelligence Center
@online{center:20220402:waves:5aa4f65, author = {360 Threat Intelligence Center}, title = {{WAVES LURKING IN THE CALM OF THE WIND AND WAVES: A DYNAMIC ANALYSIS OF THE ATTACK ACTIVITIES OF THE APT-C-00 (SEALOTUS) ORGANIZATION}}, date = {2022-04-02}, organization = {institute for advanced threats}, url = {https://mp.weixin.qq.com/s/tBQSbv55lJUipaPWFr1fKw}, language = {Chinese}, urldate = {2022-04-05} } WAVES LURKING IN THE CALM OF THE WIND AND WAVES: A DYNAMIC ANALYSIS OF THE ATTACK ACTIVITIES OF THE APT-C-00 (SEALOTUS) ORGANIZATION
2022-03-22360 Threat Intelligence Center360 Threat Intelligence Center
@online{center:20220322:quantum:8629794, author = {360 Threat Intelligence Center}, title = {{Quantum Attack System – NSA "APT-C-40" Hacking Organization High-end Cyber Attack Weapon Technical Analysis Report (I)}}, date = {2022-03-22}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/lzf16Fchfv1fMG3IExq7XA}, language = {Chinese}, urldate = {2022-06-27} } Quantum Attack System – NSA "APT-C-40" Hacking Organization High-end Cyber Attack Weapon Technical Analysis Report (I)
2022-02-23Weixin360 Threat Intelligence Center
@online{center:20220223:aptc58:fb10a0a, author = {360 Threat Intelligence Center}, title = {{APT-C-58 (Gorgon Group) attack warning}}, date = {2022-02-23}, organization = {Weixin}, url = {https://mp.weixin.qq.com/s/X0kAIHOSldiFDthb4IsmbQ}, language = {Chinese}, urldate = {2022-03-01} } APT-C-58 (Gorgon Group) attack warning
Agent Tesla
2021-11-19360 Threat Intelligence Centeradvanced threat research institute
@online{institute:20211119:it:0807b7c, author = {advanced threat research institute}, title = {{It is suspected that the APT-C-55 organization used the commercial software Web Browser Password Viewer to carry out the attack}}, date = {2021-11-19}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/QDI912ogVKyyKFYdKvBGdQ}, language = {Chinese}, urldate = {2021-12-07} } It is suspected that the APT-C-55 organization used the commercial software Web Browser Password Viewer to carry out the attack
2021-09-01360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20210901:aptc56:0f08cce, author = {Advanced Threat Institute}, title = {{APT-C-56 (Transparent Tribe) Latest Attack Analysis and Associated Suspected Gorgon Group Attack Analysis Alert}}, date = {2021-09-01}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/xUM2x89GuB8uP6otN612Fg}, language = {Chinese}, urldate = {2021-09-09} } APT-C-56 (Transparent Tribe) Latest Attack Analysis and Associated Suspected Gorgon Group Attack Analysis Alert
Crimson RAT NetWire RC
2021-08-02360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20210802:operation:af54e15, author = {Advanced Threat Institute}, title = {{Operation Hunting - The latest attack by the CNC (APT-C-48) has been revealed}}, date = {2021-08-02}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/dMFyLxsErYUZX7BQyBL9YQ}, language = {Chinese}, urldate = {2021-08-02} } Operation Hunting - The latest attack by the CNC (APT-C-48) has been revealed
2021-07-27360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20210727:summary:219ae9b, author = {Advanced Threat Institute}, title = {{Summary of Kimsuky's secret stealing activities in the first half of 2021}}, date = {2021-07-27}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/og8mfnqoKZsHlOJdIDKYgQ}, language = {Chinese}, urldate = {2021-07-27} } Summary of Kimsuky's secret stealing activities in the first half of 2021
2021-07-16360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20210716:aptc61:4736008, author = {Advanced Threat Institute}, title = {{APT-C-61 attacks against South Asia}}, date = {2021-07-16}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/Jpw7TqyPzOy57RAZDQdlWA}, language = {Chinese}, urldate = {2021-07-20} } APT-C-61 attacks against South Asia
2021-06-15360 Threat Intelligence Center360 Fiberhome Laboratory
@online{laboratory:20210615:pjobrat:df97e9c, author = {360 Fiberhome Laboratory}, title = {{PJobRAT: Spyware targeting Indian military personnel}}, date = {2021-06-15}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/VTHvmRTeu3dw8HFyusKLqQ}, language = {Chinese}, urldate = {2021-06-21} } PJobRAT: Spyware targeting Indian military personnel
PjobRAT
2021-04-20360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20210420:transparent:1033b04, author = {Advanced Threat Institute}, title = {{Transparent Tribe uses the new crown vaccine hotspot to analyze the targeted attacks on the Indian medical industry}}, date = {2021-04-20}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/ELYDvdMiiy4FZ3KpmAddZQ}, language = {Chinese}, urldate = {2021-04-28} } Transparent Tribe uses the new crown vaccine hotspot to analyze the targeted attacks on the Indian medical industry
Crimson RAT
2021-01-26360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20210126:shell:b75c032, author = {Advanced Threat Institute}, title = {{Shell Break-Lazarus (APT-C-26) organized targeted attacks against security researchers to reveal the secret}}, date = {2021-01-26}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/W-C_tKVnXco8C3ctgAjoNQ}, language = {Chinese}, urldate = {2021-01-27} } Shell Break-Lazarus (APT-C-26) organized targeted attacks against security researchers to reveal the secret
2021-01-21360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20210121:disclosure:7709c9e, author = {Advanced Threat Institute}, title = {{Disclosure of Manling Flower Organization (APT-C-08) using Warzone RAT attack}}, date = {2021-01-21}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/C09P0al1nhsyyujHRp0FAw}, language = {Chinese}, urldate = {2021-01-26} } Disclosure of Manling Flower Organization (APT-C-08) using Warzone RAT attack
Ave Maria
2020-12-16360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20201216:aptc47clickonce:8643850, author = {Advanced Threat Institute}, title = {{旺刺组织(APT-C-47)使用ClickOnce技术的攻击活动披露}}, date = {2020-12-16}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/h_MUJfa3QGM9SqT_kzcdHQ}, language = {Chinese}, urldate = {2021-01-01} } 旺刺组织(APT-C-47)使用ClickOnce技术的攻击活动披露
2020-12-15360 Threat Intelligence CenterAdvanced Threat Institute
@online{institute:20201215:operation:899bf4d, author = {Advanced Threat Institute}, title = {{Operation Falling Eagle-the secret of the most influential supply chain attack in history}}, date = {2020-12-15}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/lh7y_KHUxag_-pcFBC7d0Q}, language = {Chinese}, urldate = {2020-12-18} } Operation Falling Eagle-the secret of the most influential supply chain attack in history
SUNBURST
2020-11-09360360 Threat Intelligence Center
@online{center:20201109:analysis:ccf80c0, author = {360 Threat Intelligence Center}, title = {{Analysis of the latest targeted attacks by Lugansk against Ukraine}}, date = {2020-11-09}, organization = {360}, url = {https://mp.weixin.qq.com/s/aMj_EDmTYyAouHWFbY64-A}, language = {Chinese}, urldate = {2020-11-11} } Analysis of the latest targeted attacks by Lugansk against Ukraine