Click here to download all references as Bib-File.
2023-03-30 ⋅ Proofpoint ⋅ Exploitation is a Dish Best Served Cold: Winter Vivern Uses Known Zimbra Vulnerability to Target Webmail Portals of NATO-Aligned Governments in Europe |
2022-08-30 ⋅ Proofpoint ⋅ Rising Tide: Chasing the Currents of Espionage in the South China Sea scanbox Meterpreter APT40 |
2022-07-14 ⋅ Proofpoint ⋅ Above the Fold and in Your Inbox: Tracing State-Aligned Activity Targeting Journalists, Media Chinoxy |
2022-03-07 ⋅ Proofpoint ⋅ The Good, the Bad, and the Web Bug: TA416 Increases Operational Tempo Against European Governments as Conflict in Ukraine Escalates PlugX |
2022-03-01 ⋅ Proofpoint ⋅ Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement SunSeed |
2021-12-01 ⋅ Proofpoint ⋅ Injection is the New Black: Novel RTF Template Inject Technique Poised for Widespread Adoption Beyond APT Actors |
2021-11-11 ⋅ Twitter (@aRtAGGI) ⋅ Tweet on APT31 using compromised PakEdge Rk1&RE2 router IPs as exit nodes in reconnaissance phishing campaigns |
2021-07-28 ⋅ Proofpoint ⋅ I Knew You Were Trouble: TA456 Targets Defense Contractor with Alluring Social Media Persona Liderc SysKit |
2021-02-25 ⋅ Proofpoint ⋅ TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organizations scanbox Sepulcher Lucky Cat |
2020-06-08 ⋅ Proofpoint ⋅ TA410: The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware FlowCloud Lookback TA410 |
2020-03-11 ⋅ Virus Bulletin ⋅ Attribution is in the object: using RTF object dimensions to track APT phishing weaponizers 8.t Dropper |
2019-09-22 ⋅ Proofpoint ⋅ LookBack Forges Ahead: Continued Targeting of the United States’ Utilities Sector Reveals Additional Adversary TTPs Lookback TA410 |
2019-08-01 ⋅ Proofpoint ⋅ LookBack Malware Targets the United States Utilities Sector with Phishing Attacks Impersonating Engineering Licensing Boards GUP Proxy Tool Lookback TA410 |
2019-07-23 ⋅ Proofpoint ⋅ Chinese APT “Operation LagTime IT” Targets Government Information Technology Agencies in Eastern Asia 8.t Dropper Cotx RAT Poison Ivy TA428 |