Click here to download all references as Bib-File.
2023-08-28 ⋅ 360 ⋅ APT-C-55 (Kimsuky) organization uses Korean domain names for malicious activities |
2023-07-26 ⋅ Weixin ⋅ APT29 recently faked the German embassy and issued a malicious PDF file BEATDROP Unidentified 107 (APT29) |
2023-04-19 ⋅ Microsoft ⋅ Exploring STRONTIUM's Abuse of Cloud Services FusionDrive |
2023-03-13 ⋅ Microsoft ⋅ DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit |
2023-02-02 ⋅ YouTube (SLEUTHCON) ⋅ Lions, Tigers, and Infostealers - Oh my! RecordBreaker RedLine Stealer Vidar |
2022-12-06 ⋅ 360 Threat Intelligence Center ⋅ Analysis of suspected APT-C-56 (Transparent Tribe) attacks against terrorism AhMyth Meterpreter SpyNote AsyncRAT |
2022-11-30 ⋅ Qianxin Threat Intelligence Center ⋅ Analysis of APT29's attack activities against Italy Unidentified 098 (APT29 Slack Downloader) |
2022-10-10 ⋅ RiskIQ ⋅ DEV-0832 Leverages Commodity Tools in Opportunistic Ransomware Campaigns BlackCat Mount Locker SystemBC Zeppelin |
2022-08-25 ⋅ Microsoft ⋅ MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations MimiKatz |
2022-08-24 ⋅ Microsoft ⋅ MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone |
2022-08-17 ⋅ 360 ⋅ Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East SpyNote Loda Nanocore RAT NjRAT |
2022-08-15 ⋅ Microsoft ⋅ Disrupting SEABORGIUM’s ongoing phishing operations Callisto |
2022-08-15 ⋅ Microsoft ⋅ Disrupting SEABORGIUM’s ongoing phishing operations |
2022-07-27 ⋅ Microsoft ⋅ Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits Subzero |
2022-07-20 ⋅ Freebuf ⋅ Abused Slack Service: Analysis of APT29's Attack on Italy Unidentified 098 (APT29 Slack Downloader) |
2022-07-14 ⋅ Microsoft ⋅ North Korean threat actor (H0lyGh0st /DEV-0530) targets small and midsize businesses with H0lyGh0st ransomware SiennaBlue SiennaPurple |
2022-07-12 ⋅ Microsoft ⋅ From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud |
2022-07-05 ⋅ Microsoft ⋅ Hive ransomware gets upgrades in Rust Hive |
2022-06-08 ⋅ Qianxin Threat Intelligence Center ⋅ Operation Tejas: A dying elephant curled up in the Kunlun Mountains HAZY TIGER RAZOR TIGER |
2022-06-02 ⋅ Microsoft ⋅ Exposing POLONIUM activity and infrastructure targeting Israeli organizations POLONIUM |