|
Up
|
|
|
|
|
2019.01.16 - APT Dark Hydrus/
|
— |
|
|
|
2019.01.17 - Malware Used by Rocke Group Evolves to Evade Detection by Cloud Security Products/
|
— |
|
|
|
2019.01.18 - DarkHydrus delivers new Trojan that can use Google Drive for C2 communications/
|
— |
|
|
|
2019.01.18 - WIRTE Group Attacking the Middle East/
|
— |
|
|
|
2019.01.24 - Gandcrab and Ursnif Campaign/
|
— |
|
|
|
2019.01.30 - Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities/
|
— |
|
|
|
2019.01.30 - Operation Kitty Phishing - The Double Life of SectorA05 Nesting in Agora/
|
— |
|
|
|
2019.01.30 - Orcus RAT/
|
— |
|
|
|
2019.02.01 - Tracking OceanLotus’ new Downloader, KerrDown/
|
— |
|
|
|
2019.02.05 - Analyzing Digital Quartermasters/
|
— |
|
|
|
2019.02.06 - APT10 Targeted Norwegian MSP and US Companies in Sustained Campaign/
|
— |
|
|
|
2019.02.14 - Molerats APT/
|
— |
|
|
|
2019.02.18 - APT C 36 Colombian/
|
— |
|
|
|
2019.02.20 - Lazarus Attacks in Russia/
|
— |
|
|
|
2019.02.25 - Defeating Compiler-Level Obfuscations used in APT10 Malware/
|
— |
|
|
|
2019.02.26 - The Arsenal Behind the Australian Parliament Hack/
|
— |
|
|
|
2019.02.27 - A Peek Into BRONZE UNION'S Toolbox/
|
— |
|
|
|
2019.02.28 - Ransomware, Trojan and Miner together against PIK Group/
|
— |
|
|
|
2019.03.04 - APT-40 - Examining a China-Nexus Espionage Actor/
|
— |
|
|
|
2019.03.06 - Operation Pistacchietto - An Italian Job/
|
— |
|
|
|
2019.03.06 - Taidoor Analysis/
|
— |
|
|
|
2019.03.06 - Whitefly - Espionage Group has Singapore in Its Sights/
|
— |
|
|
|
2019.03.07 - Slub Backdoor/
|
— |
|
|
|
2019.03.08 - Supply Chain/
|
— |
|
|
|
2019.03.11 - Gaming Industry Asia/
|
— |
|
|
|
2019.03.12 - Operation Comando/
|
— |
|
|
|
2019.03.13 - DMSniff POS Malware/
|
— |
|
|
|
2019.03.13 - GlitchPOS Pos Malware/
|
— |
|
|
|
2019.03.13 - Operation Sheep - Pilfer-Analytics SDK in Action/
|
— |
|
|
|
2019.03.22 - Lucky Elephant/
|
— |
|
|
|
2019.03.25 - Operation ShadowHammer/
|
— |
|
|
|
2019.03.27 - Elfin - Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S/
|
— |
|
|
|
2019.03.28 - Above Us Only Stars/
|
— |
|
|
|
2019.03.28 - Desktop , Mobile Phishing Campaign/
|
— |
|
|
|
2019.03.28 - Threat Actor Group Using Uac Bypass Module to Run Bat File/
|
— |
|
|
|
2019.04.02 - OceanLotus Steganography/
|
— |
|
|
|
2019.04.10 - Gaza Cybergang Group1, operation SneakyPastes/
|
— |
|
|
|
2019.04.10 - Project Tajmahal a sophisticated new APT framework/
|
— |
|
|
|
2019.04.10 - The Muddy Waters of APT Attacks/
|
— |
|
|
|
2019.04.17 - Aggah Campaign/
|
— |
|
|
|
2019.04.17 - Operation Sea Turtle - DNS Hijacking Abuses Trust In Core Internet Service/
|
— |
|
|
|
2019.04.19 - Ocean Lotus - Funky Malware Format Found in Sample/
|
— |
|
|
|
2019.04.22 - Finteam - Trojanized TeamViewer Against Government Targets/
|
— |
|
|
|
2019.04.23 - Operation ShadowHammer - a high-profile supply chain attack/
|
— |
|
|
|
2019.04.24 - TA505 - LS’ ACTORS THREAT INTO TURN TOOLS ADMIN REMOTE TOOLS/
|
— |
|
|
|
2019.04.30 - SectorB06 using Mongolian language in lure document/
|
— |
|
|
|
2019.05.03 - ZooPark - Who's in the Zoo/
|
— |
|
|
|
2019.05.07 - ATMitch - New Evidence Spotted In The Wild/
|
— |
|
|
|
2019.05.07 - Buckeye - Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak/
|
— |
|
|
|
2019.05.07 - Turla Light Neuron/
|
— |
|
|
|
2019.05.08 - APT OceanLotus/
|
— |
|
|
|
2019.05.08 - FIN7.5 - the infamous cybercrime rig FIN7 continues its activities/
|
— |
|
|
|
2019.05.09 - Iranian APT Leak/
|
— |
|
|
|
2019.05.11 - Chinese APT Vietnamese/
|
— |
|
|
|
2019.05.13 - Scar Cruft Bluetooth/
|
— |
|
|
|
2019.05.15 - Winnti - More than just Windows and Gates/
|
— |
|
|
|
2019.05.18 - Operation BlackLion/
|
— |
|
|
|
2019.05.19 - HiddenWasp Malware Stings Targeted Linux Systems/
|
— |
|
|
|
2019.05.22 - A journey to Zebrocy land/
|
— |
|
|
|
2019.05.24 - Uncovering New Activity By APT10/
|
— |
|
|
|
2019.05.27 - APT-C-38/
|
— |
|
|
|
2019.05.28 - Emissary Panda Attacks Middle East Government Sharepoint Servers/
|
— |
|
|
|
2019.05.29 - A dive into Turla PowerShell usage/
|
— |
|
|
|
2019.05.29 - TA505 is Expanding its Operations/
|
— |
|
|
|
2019.05.30 - 10 years of virtual dynamite - A high-level retrospective of ATM malware/
|
— |
|
|
|
2019.06.03 - Zebrocy’s Multilanguage Malware Salad/
|
— |
|
|
|
2019.06.04 - APT Blueprint/
|
— |
|
|
|
2019.06.05 - Scattered Canary/
|
— |
|
|
|
2019.06.10 - New Muddy Waters Activities Uncovered/
|
— |
|
|
|
2019.06.11 - Fishwrap Group/
|
— |
|
|
|
2019.06.12 - Threat Group Cards/
|
— |
|
|
|
2019.06.20 - APT OceanLotus/
|
— |
|
|
|
2019.06.21 - Waterbug - Espionage Group Rolls Out Brand-New/
|
— |
|
|
|
2019.06.25 - MuddyC3/
|
— |
|
|
|
2019.06.25 - Operation Soft Cell - A Worldwide Campaign Against Telecommunications Providers/
|
— |
|
|
|
2019.06.26 - Iranian Threat Actor Amasses Large Cyber Operations Infrastructure Network to Target Saudi Organizations/
|
— |
|
|
|
2019.06.27 - ShadowGate Returns to Worldwide Operations With Evolved Greenflash Sundown Exploit Kit/
|
— |
|
|
|
2019.07.01 - Operation Tripoli/
|
— |
|
|
|
2019.07.01 - Ratsnif - New Network Vermin from OceanLotus/
|
— |
|
|
|
2019.07.03 - Multiple Chinese Threat Groups Exploiting CVE-2018-0798 Equation Editor Vulnerability Since Late 2018/
|
— |
|
|
|
2019.07.04 - APT33 NewsBeef/
|
— |
|
|
|
2019.07.04 - Latest Spam Campaigns from Ta505 Now Using New Malware Tools Gelup and Flowerpippi/
|
— |
|
|
|
2019.07.09 - Sea Turtle keeps on swimming, finds new victims, DNS hijacking techniques/
|
— |
|
|
|
2019.07.11 - Buhtrap group uses zero‑day in latest espionage campaigns/
|
— |
|
|
|
2019.07.15 - SWEED - Exposing years of Agent Tesla campaigns/
|
— |
|
|
|
2019.07.16 - SLUB Gets Rid of GitHub, Intensifies Slack Use/
|
— |
|
|
|
2019.07.17 - EvilGnome - Rare Malware Spying on Linux Desktop Users/
|
— |
|
|
|
2019.07.17 - Newly identified StrongPity operations/
|
— |
|
|
|
2019.07.18 - Hard Pass - Declining APT34’s Invite to Join Their Professional Network/
|
— |
|
|
|
2019.07.18 - Okrum and Ketrican/
|
— |
|
|
|
2019.07.18 - Spam Campaign Targets Colombian Entities with Proyecto RAT/
|
— |
|
|
|
2019.07.24 - Operation Lag Time IT/
|
— |
|
|
|
2019.07.24 - Resurgent Iron Liberty Targeting Energy Sector/
|
— |
|
|
|
2019.07.24 - Winnti - Attacking the Heart of the German Industry/
|
— |
|
|
|
2019.08.01 - Analysis of the Attack of Mobile Devices by OceanLotus/
|
— |
|
|
|
2019.08.05 - Latest Trickbot Campaign Delivered Via Highly Obfuscated Js File/
|
— |
|
|
|
2019.08.05 - Machete - Venezuelan military under attack/
|
— |
|
|
|
2019.08.07 - APT41 - A Dual Espionage and Cyber Crime Operation/
|
— |
|
|
|
2019.08.08 - Suspected BITTER APT Continues Targeting Government of China and Chinese Organizations/
|
— |
|
|
|
2019.08.12 - Recent Cloud Atlas activity/
|
— |
|
|
|
2019.08.14 - In the Balkans, businesses are under fire from a double‑barreled weapon/
|
— |
|
|
|
2019.08.20 - Chinese APT/
|
— |
|
|
|
2019.08.21 - Silence 2.0 - Going Global/
|
— |
|
|
|
2019.08.21 - The Gamaredon Group - A TTP Profile Analysis/
|
— |
|
|
|
2019.08.22 - Operation TaskMasters/
|
— |
|
|
|
2019.08.26 - APT-C-09/
|
— |
|
|
|
2019.08.27 - APT Patchwork/
|
— |
|
|
|
2019.08.27 - China Chopper still active 9 years later/
|
— |
|
|
|
2019.08.27 - LYCEUM Takes Center Stage in Middle East Campaign/
|
— |
|
|
|
2019.08.27 - TA505 At It Again - Variety is the Spice of ServHelper and FlawedAmmyy/
|
— |
|
|
|
2019.08.29 - Threat Actor ITG08 Strikes Again/
|
— |
|
|
|
2019.08.29 - Heatstroke Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information/
|
— |
|
|
|
2019.08.29 - SectorJ04 Group’s Increased Activity in 2019/
|
— |
|
|
|
2019.08.29 - Tick Tock - Tick Cyber Espionage Group/
|
— |
|
|
|
2019.08.31 - Malware analysis on Bitter APT campaign/
|
— |
|
|
|
2019.09.04 - Glupteba Campaign Hits Network Routers and Updates C&C Servers with Data from Bitcoin Transactions/
|
— |
|
|
|
2019.09.05 - UPSynergy - Chinese-American Spy vs. Spy Story/
|
— |
|
|
|
2019.09.06 - BITTER APT- Not So Sweet/
|
— |
|
|
|
2019.09.09 - Thrip - Ambitious Attacks Against High Level Targets Continue/
|
— |
|
|
|
2019.09.11 - RANCOR APT - Suspected targeted attacks against South East Asia/
|
— |
|
|
|
2019.09.15 - Charming Kitten Campaign Against Academic/
|
— |
|
|
|
2019.09.18 - Magecart Skimming Attack/
|
— |
|
|
|
2019.09.18 - Tortoiseshell Group/
|
— |
|
|
|
2019.09.24 - DeadlyKiss/
|
— |
|
|
|
2019.09.24 - How Tortoiseshell created a fake veteran hiring website to host malware/
|
— |
|
|
|
2019.09.24 - Russia APT Ecosystem/
|
— |
|
|
|
2019.09.26 - Chinese APT Hackers Attack Windows Users Via Fakenarrator Malware/
|
— |
|
|
|
2019.09.30 - HELO Winnti/
|
— |
|
|
|
2019.10.01 - Kovcoreg Malvertising Campaign/
|
— |
|
|
|
2019.10.01 - New Adwind Campaign Targets Us Petroleum Industry/
|
— |
|
|
|
2019.10.03 - PKPLUG - Chinese Cyber Espionage Group Attacking Asia/
|
— |
|
|
|
2019.10.04 - Geost Botnet/
|
— |
|
|
|
2019.10.07 - Charming Kitten Campaign/
|
— |
|
|
|
2019.10.07 - China-Based APT Mustang Panda Targets Minority Groups, Public and Private Sector Organizations/
|
— |
|
|
|
2019.10.07 - Supply Chain Attacks/
|
— |
|
|
|
2019.10.09 - FIN 6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops/
|
— |
|
|
|
2019.10.10 - ESET discovers Attor, a spy platform with curious GSM fingerprinting/
|
— |
|
|
|
2019.10.10 - Mahalo FIN7 - Responding to the Criminal Operators’ New Tools and Techniques/
|
— |
|
|
|
2019.10.10 - Winnti - Connecting the Dots/
|
— |
|
|
|
2019.10.14 - Is Emotet gang targeting companies with external SOC/
|
— |
|
|
|
2019.10.14 - Turbine Panda/
|
— |
|
|
|
2019.10.14 - Winnti - From tweet to rootkit/
|
— |
|
|
|
2019.10.15 - LOWKEY - Hunting for the Missing Volume Serial ID/
|
— |
|
|
|
2019.10.17 - Operation Ghost/
|
— |
|
|
|
2019.10.21 - Geost Botnet/
|
— |
|
|
|
2019.10.21 - Turla group exploits Iranian APT to expand coverage of victims/
|
— |
|
|
|
2019.10.21 - Winnti Group’s Skip‑2.0 - A Microsoft Sql Server Backdoor/
|
— |
|
|
|
2019.10.24 - APT-41 Overview/
|
— |
|
|
|
2019.10.28 - SWEED Targeting Precision Engineering Companies in Italy/
|
— |
|
|
|
2019.10.31 - Calypso APT/
|
— |
|
|
|
2019.10.31 - Messagetap - Who’s Reading Your Text Messages/
|
— |
|
|
|
2019.11.01 - Operation Wizard Opium CVE-2019-13720/
|
— |
|
|
|
2019.11.04 - APT38 Lazarus/
|
— |
|
|
|
2019.11.04 - Higaisa Apt/
|
— |
|
|
|
2019.11.05 - DarkUniverse – the mysterious APT framework/
|
— |
|
|
|
2019.11.05 - Lazarus Gaze APT38/
|
— |
|
|
|
2019.11.08 - Titanium - the Platinum group strikes again/
|
— |
|
|
|
2019.11.12 - TA-505 - Cybercrime on System Integrator Companies/
|
— |
|
|
|
2019.11.13 - More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting/
|
— |
|
|
|
2019.11.20 - APT-C-34/
|
— |
|
|
|
2019.11.20 - Mac Backdoor Linked to Lazarus Targets Korean Users/
|
— |
|
|
|
2019.11.21 - Registers As “Default Print Monitor”, but Is a Malicious Downloader. Meet Deprimon/
|
— |
|
|
|
2019.11.25 - Studying Donot Team/
|
— |
|
|
|
2019.11.26 - Dexphot - Insights from one year of tracking a polymorphic threat/
|
— |
|
|
|
2019.11.28 - RevengeHotels - cybercrime targeting hotel front desks worldwide/
|
— |
|
|
|
2019.11.29 - Operation Endtrade/
|
— |
|
|
|
2019.12.03 - Threat Actor Targeting Hong Kong Pro-Democracy Figures/
|
— |
|
|
|
2019.12.04 - Kurdish Coder Campaign/
|
— |
|
|
|
2019.12.04 - New Destructive Wiper “ZeroCleare” Targets Energy Sector in the Middle East/
|
— |
|
|
|
2019.12.06 - Cosmic Banker Campaign still active revealing link with Banload malware/
|
— |
|
|
|
2019.12.10 - Trickbot Planeswalker/
|
— |
|
|
|
2019.12.11 - Dropping Anchor - From a TrickBot Infection to the Discovery of the Anchor Malware/
|
— |
|
|
|
2019.12.11 - Waterbear is Back, Uses API Hooking to Evade Security Product Detection/
|
— |
|
|
|
2019.12.12 - Drilling Deep A Look at Cyberattacks on the Oil and Gas Industry/
|
— |
|
|
|
2019.12.12 - GALLIUM Targeting Global Telecom/
|
— |
|
|
|
2019.12.12 - Operation Gamework/
|
— |
|
|
|
2019.12.16 - My Kings - The Slow But Steady Growth of a Relentless Botnet/
|
— |
|
|
|
2019.12.17 - Lazarus Group -Dacls Rat/
|
— |
|
|
|
2019.12.17 - Rancor - Cyber Espionage Group Uses New Custom Malware to Attack Southeast Asia/
|
— |
|
|
|
2019.12.19 - Operation Wacao - Shining a light on one of China’s/
|
— |
|
|
|
2019.12.26 - Trojan Lampion - A new trojan ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax/
|
— |
|
|
|
2019.12.29 - BRONZE PRESIDENT Targets Ngos/
|
— |
|
|