Click here to download all references as Bib-File.•
2025-09-16
⋅
Proofpoint
⋅
Going Underground: China-aligned TA415 Conducts U.S.-China Economic Relations Targeting Using VS Code Remote Tunnels |
2025-08-28
⋅
Trend Micro
⋅
TAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents Cobalt Strike Merlin |
2025-08-27
⋅
TRUESEC
⋅
Tamperedchef – The Bad PDF Editor TamperedChef |
2025-08-23
⋅
LevelBlue
⋅
Like PuTTY in Admin’s Hands Broomstick |
2025-06-04
⋅
Threatray
⋅
The Bitter End: Unraveling Eight Years of Espionage Antics – Part Two AlmondRAT AlmondRAT Artra Downloader BDarkRAT Havoc KiwiStealer KugelBlitz MiyaRAT ORPCBackdoor WmRAT ZxxZ |
2025-06-04
⋅
Proofpoint
⋅
The Bitter End: Unraveling Eight Years of Espionage Antics—Part One Artra Downloader Havoc |
2025-04-25
⋅
Trend Micro
⋅
Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors KRNRAT Moriya Earth Kurma |
2025-03-12
⋅
Mandiant
⋅
Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers tsh |
2025-01-06
⋅
North Korean Internet
⋅
Hangro: Investigating North Korean VPN Infrastructure Part 1 |
2024-12-17
⋅
Proofpoint
⋅
Hidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATs MiyaRAT WmRAT HAZY TIGER |
2024-10-11
⋅
Trend Micro
⋅
Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against Middle East STEALHOOK OilRig |
2024-10-11
⋅
Trend Micro
⋅
Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against UAE and Gulf Regions STEALHOOK |
2024-08-30
⋅
TRUESEC
⋅
Dissecting the Cicada Cicada3301 |
2024-04-17
⋅
Mandiant
⋅
Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm Sandworm |
2024-04-16
⋅
Mandiant
⋅
APT44: Unearthing Sandworm VPNFilter BlackEnergy CaddyWiper EternalPetya HermeticWiper Industroyer INDUSTROYER2 Olympic Destroyer PartyTicket RoarBAT Sandworm |
2024-01-26
⋅
Trendmicro
⋅
Spot the Difference: An Analysis of the New LODEINFO Campaign by Earth Kasha Anel Cobalt Strike LODEINFO NOOPDOOR |
2023-04-03
⋅
Mandiant
⋅
ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access LaZagne BlackCat MimiKatz |
2023-01-26
⋅
Trendmicro
⋅
New Mimic Ransomware Abuses Everything APIs for its Encryption Process Mimic Ransomware |
2022-11-18
⋅
Trend Micro
⋅
Earth Preta Spear-Phishing Governments Worldwide PUBLOAD TONESHELL MUSTANG PANDA |
2022-09-02
⋅
Trend Micro
⋅
Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm |