Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-23QianxinQi AnXin CERT
@online{cert:20201223:solarwindsapt:a237c40, author = {Qi AnXin CERT}, title = {{从Solarwinds供应链攻击(金链熊)看APT行动中的隐蔽作战}}, date = {2020-12-23}, organization = {Qianxin}, url = {https://mp.weixin.qq.com/s/UqXC1vovKUu97569LkYm2Q}, language = {Chinese}, urldate = {2020-12-23} } 从Solarwinds供应链攻击(金链熊)看APT行动中的隐蔽作战
SUNBURST
2020-12-16QianxinRed Raindrop Team
@online{team:20201216:solarwinds:0871f46, author = {Red Raindrop Team}, title = {{中招目标首次披露:SolarWinds供应链攻击相关域名生成算法可破解!}}, date = {2020-12-16}, organization = {Qianxin}, url = {https://mp.weixin.qq.com/s/v-ekPFtVNZG1W7vWjcuVug}, language = {Chinese}, urldate = {2020-12-17} } 中招目标首次披露:SolarWinds供应链攻击相关域名生成算法可破解!
SUNBURST
2020-12-10QianxinRed Raindrop Team
@online{team:20201210:model:eec2704, author = {Red Raindrop Team}, title = {{APT model worker: A summary of the activities of the Eastern European hacker group using spear phishing emails to attack Ukraine}}, date = {2020-12-10}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/Hackers-in-Eastern-Europe-Use-Harpoon-Mail-to-Target-Activities-in-Ukraine/}, language = {Chinese}, urldate = {2020-12-14} } APT model worker: A summary of the activities of the Eastern European hacker group using spear phishing emails to attack Ukraine
2020-12-07QianxinRed Raindrop Team
@online{team:20201207:blocking:11414ce, author = {Red Raindrop Team}, title = {{Blocking APT: Qi'anxin QOWL engine defeats BITTER's targeted attacks on domestic government and enterprises}}, date = {2020-12-07}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/Blocking-APT:-Qianxin's-QOWL-Engine-Defeats-Bitter's-Targeted-Attack-on-Domestic-Government-and-Enterprises/}, language = {Chinese}, urldate = {2020-12-11} } Blocking APT: Qi'anxin QOWL engine defeats BITTER's targeted attacks on domestic government and enterprises
2020-12-07QianxinRed Raindrop Team
@online{team:20201207:analysis:30935b5, author = {Red Raindrop Team}, title = {{Analysis of the suspected two-tailed scorpion APT organization using CIA-funded information about Hamas as bait}}, date = {2020-12-07}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/analysis-of-APT-C-23-CIA-funding-for-Hamas-information-as-bait/}, language = {Chinese}, urldate = {2020-12-11} } Analysis of the suspected two-tailed scorpion APT organization using CIA-funded information about Hamas as bait
2020-10-30QianxinThreat Intelligence Center
@online{center:20201030:donot:5f3e428, author = {Threat Intelligence Center}, title = {{攻击武器再升级:Donot组织利用伪造签名样本的攻击活动分析}}, date = {2020-10-30}, organization = {Qianxin}, url = {https://mp.weixin.qq.com/s/3Pa3hiuZyQBspDzH0kGSHw}, language = {Chinese}, urldate = {2020-11-02} } 攻击武器再升级:Donot组织利用伪造签名样本的攻击活动分析
2020-10-26QianxinThreat Intelligence Center
@online{center:20201026:analysis:81bfa52, author = {Threat Intelligence Center}, title = {{Analysis of the attack activities of the Rattlesnake organization using the Buffy bilateral agreement as bait}}, date = {2020-10-26}, organization = {Qianxin}, url = {https://www.secrss.com/articles/26507}, language = {Chinese}, urldate = {2020-10-27} } Analysis of the attack activities of the Rattlesnake organization using the Buffy bilateral agreement as bait
SideWinder
2020-10-13QianxinRedDrip Team
@techreport{team:20201013::30e32cd, author = {RedDrip Team}, title = {{血茜草:永不停歇的华语情报搜集活动}}, date = {2020-10-13}, institution = {Qianxin}, url = {https://ti.qianxin.com/uploads/2020/10/13/b837df2b51f6b69f3d002b087537486f.pdf}, language = {Chinese}, urldate = {2020-10-23} } 血茜草:永不停歇的华语情报搜集活动
2020-09-21QianxinRedDrip Team
@techreport{team:20200921:operation:730163c, author = {RedDrip Team}, title = {{Operation Tibo: A retaliatory targeted attack from the South Asian APT organization "Mo Luo Qi"}}, date = {2020-09-21}, institution = {Qianxin}, url = {https://ti.qianxin.com/uploads/2020/09/17/69da886eecc7087e9dac2d3ea4c66ba8.pdf}, language = {Chinese}, urldate = {2020-09-24} } Operation Tibo: A retaliatory targeted attack from the South Asian APT organization "Mo Luo Qi"
AsyncRAT Darktrack RAT
2020-08-25QianxinQi'anxin Threat Intelligence
@online{intelligence:20200825:apt:0ad132f, author = {Qi'anxin Threat Intelligence}, title = {{南亚APT组织“透明部落”在移动端上与对手的较量}}, date = {2020-08-25}, organization = {Qianxin}, url = {https://www.secrss.com/articles/24995}, language = {Chinese}, urldate = {2020-08-25} } 南亚APT组织“透明部落”在移动端上与对手的较量
AhMyth Crimson RAT Oblique RAT
2020-06-30QianxinRedDrip Team
@online{team:20200630:donot:f611c31, author = {RedDrip Team}, title = {{Donot APT团伙使用升级版数字武器针对周边地区的攻击活动分析}}, date = {2020-06-30}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/analysis-of-donot-apt-group-attacks-on-surrounding-areas/}, language = {Chinese}, urldate = {2020-07-02} } Donot APT团伙使用升级版数字武器针对周边地区的攻击活动分析
2020-06-29QianxinRedDrip Team
@techreport{team:20200629:global:6fa9d6e, author = {RedDrip Team}, title = {{Global Advanced Persistent Threats (APT) Mid-2020 Report}}, date = {2020-06-29}, institution = {Qianxin}, url = {https://ti.qianxin.com/uploads/2020/06/29/e4663b4f11f01e5ec8a1a5d91a71dc72.pdf}, language = {English}, urldate = {2020-06-30} } Global Advanced Persistent Threats (APT) Mid-2020 Report
2020-05-28QianxinThreat Intelligence Center
@online{center:20200528:analysis:5b197d4, author = {Threat Intelligence Center}, title = {{Analysis of recent rattlesnake APT attacks against surrounding countries and regions}}, date = {2020-05-28}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/the-recent-rattlesnake-apt-organized-attacks-on-neighboring-countries-and-regions/}, language = {Chinese}, urldate = {2020-10-27} } Analysis of recent rattlesnake APT attacks against surrounding countries and regions
SideWinder
2020-04-30QianxinRed Raindrop Team
@online{team:20200430:lazarus:4a450b4, author = {Red Raindrop Team}, title = {{Lazarus APT organization uses information such as recruitment of a Western aviation giant to analyze targeted attack incidents in specific countries}}, date = {2020-04-30}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/analysis-of-lazarus-apt-oriented-attack-event/}, language = {English}, urldate = {2020-05-07} } Lazarus APT organization uses information such as recruitment of a Western aviation giant to analyze targeted attack incidents in specific countries
2020-03-26QianxinRed Raindrop Team
@online{team:20200326:covid19:43d6b99, author = {Red Raindrop Team}, title = {{COVID-19 | Analysis Report of Global Epidemic-Related Cyber ​​Attacks Covered by New Crown Virus}}, date = {2020-03-26}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/coronavirus-analysis-of-global-outbreak-related-cyber-attacks/}, language = {Chinese}, urldate = {2020-04-26} } COVID-19 | Analysis Report of Global Epidemic-Related Cyber ​​Attacks Covered by New Crown Virus
METALJACK
2020-02-13QianxinQi Anxin Threat Intelligence Center
@techreport{center:20200213:report:146d333, author = {Qi Anxin Threat Intelligence Center}, title = {{APT Report 2019}}, date = {2020-02-13}, institution = {Qianxin}, url = {https://ti.qianxin.com/uploads/2020/02/13/cb78386a082f465f259b37dae5df4884.pdf}, language = {English}, urldate = {2020-02-27} } APT Report 2019
Chrysaor Exodus Dacls elf.vpnfilter DNSRat Griffon KopiLuwak More_eggs SQLRat AppleJeus BONDUPDATER Agent.BTZ Anchor AndroMut AppleJeus BOOSTWRITE Brambul Carbanak Cobalt Strike Dacls DistTrack DNSpionage Dtrack ELECTRICFISH FlawedAmmyy FlawedGrace Get2 Grateful POS HOPLIGHT Imminent Monitor RAT jason Joanap KerrDown KEYMARBLE Lambert LightNeuron LoJax MiniDuke PolyglotDuke PowerRatankba Rising Sun SDBbot ServHelper Snatch Stuxnet TinyMet tRat TrickBot Volgmer X-Agent Zebrocy
2019-11-18QianxinRed Raindrop Team
@online{team:20191118:surprised:2930338, author = {Red Raindrop Team}, title = {{Surprised by Julius the Great! Disclosure of Cyrus attacks against Iran}}, date = {2019-11-18}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/surprised-by-cyrus-the-great-disclosure-against-Iran-cyrus-attack/}, language = {Chinese}, urldate = {2020-11-17} } Surprised by Julius the Great! Disclosure of Cyrus attacks against Iran
Unidentified APK 003
2019-08-26QianxinRed Raindrop Team
@online{team:20190826:aptc09:a228795, author = {Red Raindrop Team}, title = {{APT-C-09 Reappeared as Conflict Intensified Between India and Pakistan}}, date = {2019-08-26}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/apt-c-09-reappeared-as-conflict-intensified-between-india-and-pakistan/}, language = {English}, urldate = {2020-01-07} } APT-C-09 Reappeared as Conflict Intensified Between India and Pakistan
BadNews
2014-07-07QianxinRed Raindrop Team
@online{team:20140707:analysis:e586631, author = {Red Raindrop Team}, title = {{Analysis and disclosure of the CIA's cyber arsenal}}, date = {2014-07-07}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/network-weapons-of-cia/}, language = {Chinese}, urldate = {2019-12-19} } Analysis and disclosure of the CIA's cyber arsenal
Lambert