Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-19Recorded FutureInsikt Group
@techreport{group:20230919:multiyear:84b50f8, author = {Insikt Group}, title = {{Multi-year Chinese APT Campaign Targets South Korean Academic, Government, and Political Entities}}, date = {2023-09-19}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2023-0919.pdf}, language = {English}, urldate = {2023-09-20} } Multi-year Chinese APT Campaign Targets South Korean Academic, Government, and Political Entities
Korlia
2023-08-07Recorded FutureInsikt Group
@techreport{group:20230807:redhotel:ee4dd20, author = {Insikt Group}, title = {{RedHotel: A Prolific, Chinese State-Sponsored Group Operating at a Global Scale}}, date = {2023-08-07}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2023-0808.pdf}, language = {English}, urldate = {2023-08-09} } RedHotel: A Prolific, Chinese State-Sponsored Group Operating at a Global Scale
Winnti Brute Ratel C4 Cobalt Strike FunnySwitch PlugX ShadowPad Spyder
2023-08-02Recorded FutureInsikt Group
@techreport{group:20230802:bluecharlie:04c90f9, author = {Insikt Group}, title = {{BlueCharlie, Previously Tracked as TAG 53, Continues to Deploy New Infrastructure in 2023}}, date = {2023-08-02}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2023-0802.pdf}, language = {English}, urldate = {2023-08-03} } BlueCharlie, Previously Tracked as TAG 53, Continues to Deploy New Infrastructure in 2023
2023-08-02Recorded FutureInsikt Group
@online{group:20230802:bluecharlie:a86e294, author = {Insikt Group}, title = {{BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023}}, date = {2023-08-02}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/bluecharlie-previously-tracked-as-tag-53-continues-to-deploy-new-infrastructure-in-2023}, language = {English}, urldate = {2023-08-03} } BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023
2023-07-27Recorded FutureInsikt Group
@techreport{group:20230727:bluebravo:b456f7d, author = {Insikt Group}, title = {{BlueBravo Adapts to Target Diplomatic Entities with GraphicalProton Malware}}, date = {2023-07-27}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2023-0727-1.pdf}, language = {English}, urldate = {2023-07-28} } BlueBravo Adapts to Target Diplomatic Entities with GraphicalProton Malware
GraphDrop GraphicalNeutrino QUARTERRIG
2023-06-20Recorded FutureInsikt Group
@techreport{group:20230620:bluedelta:3a84c78, author = {Insikt Group}, title = {{BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities}}, date = {2023-06-20}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2023-0620.pdf}, language = {English}, urldate = {2023-07-11} } BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities
2023-06-20Recorded FutureInsikt Group
@online{group:20230620:bluedelta:a2c6423, author = {Insikt Group}, title = {{BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities}}, date = {2023-06-20}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/bluedelta-exploits-ukrainian-government-roundcube-mail-servers}, language = {English}, urldate = {2023-07-11} } BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities
2023-03-30Recorded FutureInsikt Group
@techreport{group:20230330:with:95ccd1c, author = {Insikt Group}, title = {{With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets}}, date = {2023-03-30}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2023-0330.pdf}, language = {English}, urldate = {2023-07-27} } With KEYPLUG, China’s RedGolf Spies On, Steals From Wide Field of Targets
KEYPLUG Cobalt Strike PlugX
2023-01-26Recorded FutureInsikt Group
@techreport{group:20230126:bluebravo:9d6aa62, author = {Insikt Group}, title = {{BlueBravo Uses Ambassador Lure to Deploy GraphicalNeutrino Malware}}, date = {2023-01-26}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf}, language = {English}, urldate = {2023-02-02} } BlueBravo Uses Ambassador Lure to Deploy GraphicalNeutrino Malware
GraphicalNeutrino APT29
2022-12-22Recorded FutureInsikt Group
@techreport{group:20221222:reddelta:7469cca, author = {Insikt Group}, title = {{RedDelta Targets European Government Organizations and Continues to Iterate Custom PlugX Variant}}, date = {2022-12-22}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-1223.pdf}, language = {English}, urldate = {2023-08-11} } RedDelta Targets European Government Organizations and Continues to Iterate Custom PlugX Variant
PlugX
2022-12-05Recorded FutureInsikt Group
@techreport{group:20221205:exposing:b80717f, author = {Insikt Group}, title = {{Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations}}, date = {2022-12-05}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-1205.pdf}, language = {English}, urldate = {2023-01-03} } Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations
TAG-53
2022-12-05Recorded FutureInsikt Group
@online{group:20221205:exposing:4181968, author = {Insikt Group}, title = {{Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations}}, date = {2022-12-05}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/exposing-tag-53-credential-harvesting-infrastructure-for-russia-aligned-espionage-operations?utm_campaign=PostBeyond&utm_source=Twitter&utm_medium=359877&utm_term=Exposing+TAG-53%E2%80%99s+Credential+Harvesting+Infrastructure+Used+for+Russia-Aligned+Espionage+Operations}, language = {English}, urldate = {2023-01-03} } Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations
TAG-53
2022-12-05Recorded FutureRecorded Future
@online{future:20221205:exposing:702c2a5, author = {Recorded Future}, title = {{Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations}}, date = {2022-12-05}, organization = {Recorded Future}, url = {https://www.recordedfuture.com/exposing-tag-53-credential-harvesting-infrastructure-for-russia-aligned-espionage-operations}, language = {English}, urldate = {2022-12-06} } Exposing TAG-53’s Credential Harvesting Infrastructure Used for Russia-Aligned Espionage Operations
2022-11-29Recorded FutureRecorded Future
@techreport{future:20221129:suspected:199acb1, author = {Recorded Future}, title = {{Suspected Iran-Nexus TAG-56 Uses UAE Forum Lure for Credential Theft Against US Think Tank}}, date = {2022-11-29}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-1129.pdf}, language = {English}, urldate = {2022-12-02} } Suspected Iran-Nexus TAG-56 Uses UAE Forum Lure for Credential Theft Against US Think Tank
2022-09-28Recorded FutureInsikt Group®
@techreport{group:20220928:1:eb11b21, author = {Insikt Group®}, title = {{1 KEY FOR 1 LOCK: The Chinese Communist Party’s Strategy for Targeted Propaganda}}, date = {2022-09-28}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/ta-2022-0928.pdf}, language = {English}, urldate = {2022-09-30} } 1 KEY FOR 1 LOCK: The Chinese Communist Party’s Strategy for Targeted Propaganda
2022-09-22Recorded FutureInsikt Group®
@techreport{group:20220922:chinese:9349a24, author = {Insikt Group®}, title = {{Chinese State-Sponsored Group TA413 Adopts New Capabilities in Pursuit of Tibetan Targets}}, date = {2022-09-22}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0922.pdf}, language = {English}, urldate = {2022-09-26} } Chinese State-Sponsored Group TA413 Adopts New Capabilities in Pursuit of Tibetan Targets
8.t Dropper LOWZERO
2022-09-20Recorded FutureInsikt Group®
@techreport{group:20220920:threat:b6666bd, author = {Insikt Group®}, title = {{Threat Actors Continue to Abuse Google Tag Manager for Payment Card e-Skimming}}, date = {2022-09-20}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0920.pdf}, language = {English}, urldate = {2022-09-26} } Threat Actors Continue to Abuse Google Tag Manager for Payment Card e-Skimming
2022-09-19Recorded FutureInsikt Group®
@techreport{group:20220919:russianexus:e07ed8e, author = {Insikt Group®}, title = {{Russia-Nexus UAC-0113 Emulating Telecommunication Providers in Ukraine}}, date = {2022-09-19}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0919.pdf}, language = {English}, urldate = {2022-09-26} } Russia-Nexus UAC-0113 Emulating Telecommunication Providers in Ukraine
Ave Maria Colibri Loader DCRat
2022-08-16Recorded FutureInsikt Group®
@techreport{group:20220816:redalpha:5bfb9a3, author = {Insikt Group®}, title = {{RedAlpha Conducts Multi-Year Credential Theft Campaign Targeting Global Humanitarian, Think Tank, and Government Organizations}}, date = {2022-08-16}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/ta-2022-0816.pdf}, language = {English}, urldate = {2022-08-30} } RedAlpha Conducts Multi-Year Credential Theft Campaign Targeting Global Humanitarian, Think Tank, and Government Organizations
RedAlpha
2022-08-02Recorded FutureInsikt Group
@techreport{group:20220802:initial:5caddb5, author = {Insikt Group}, title = {{Initial Access Brokers Are Key to Rise in Ransomware Attacks}}, date = {2022-08-02}, institution = {Recorded Future}, url = {https://go.recordedfuture.com/hubfs/reports/cta-2022-0802.pdf}, language = {English}, urldate = {2022-08-05} } Initial Access Brokers Are Key to Rise in Ransomware Attacks
Azorult BlackMatter Conti Mars Stealer Raccoon RedLine Stealer Taurus Stealer Vidar