Update readme.md
This commit is contained in:
blackorbird
@@ -15,3 +15,321 @@ https://redsense.com/publications/yearly-intel-trend-review-2023/
|
|||||||
Mobile Threat Landscape Report: 2023 in Review
|
Mobile Threat Landscape Report: 2023 in Review
|
||||||
|
|
||||||
https://www.lookout.com/threat-intelligence/report/mobile-landscape-threat-report
|
https://www.lookout.com/threat-intelligence/report/mobile-landscape-threat-report
|
||||||
|
|
||||||
|
2023 summary APT reports
|
||||||
|
|
||||||
|
1. https://www.gov.pl/web/baza-wiedzy/espionage-campaign-linked-to-russian-intelligence-services
|
||||||
|
2. https://unit42.paloaltonetworks.com/cloaked-ursa-phishing/
|
||||||
|
3. https://lab52.io/blog/2344-2/
|
||||||
|
4. https://www.recordedfuture.com/bluebravo-adapts-to-target-diplomatic-entities-with-graphicalproton-malware
|
||||||
|
5. https://cert.gov.ua/article/5105791
|
||||||
|
6. https://blog.sekoia.io/aridviper-an-intrusion-set-allegedly-associated-with-hamas/
|
||||||
|
7. https://mp.weixin.qq.com/s/_WMljf41eTsBrQDa3BjFTQ
|
||||||
|
8. https://mp.weixin.qq.com/s/w--fSiFrHQUaIv80AuitZQ
|
||||||
|
9. https://mp.weixin.qq.com/s/fiXIrwaDikNrV4wLGhJ_Mw
|
||||||
|
10. https://mp.weixin.qq.com/s/jI37KhBYoT1sAJOF2T5hEg
|
||||||
|
11. https://mp.weixin.qq.com/s/bOJ88Zzk27ZaHShlYUCYgA
|
||||||
|
12. https://sentinelone.com/labs/comrades-in-arms-north-korea-compromises-sanctioned-russian-missile-engineering-company/
|
||||||
|
13. https://mp.weixin.qq.com/s/kiwP2rKfllbRq2Afn8jKWw
|
||||||
|
14. https://www.seqrite.com/blog/double-action-triple-infection-and-a-new-rat-sidecopys-persistent-targeting-of-indian-defence/
|
||||||
|
15. https://mp.weixin.qq.com/s/OZgDgmUDZSML_NX_Wa_C6A
|
||||||
|
16. https://mp.weixin.qq.com/s/g8oSytVgRSV2773kwZYUHA
|
||||||
|
17. https://www.welivesecurity.com/2023/03/07/love-scam-espionage-transparent-tribe-lures-indian-pakistani-officials/?web_view=true
|
||||||
|
18. https://mp.weixin.qq.com/s/MhyGLPqOthzG-H2RVeobAw
|
||||||
|
19. https://mp.weixin.qq.com/s/bSsmRQFQz-2Llhd3rOfRVw
|
||||||
|
20. https://blogs.blackberry.com/en/2023/02/newspenguin-a-previously-unknown-threat-actor-targets-pakistan-with-advanced-espionage-tool
|
||||||
|
21. https://mp.weixin.qq.com/s/BvfZ5yRiVBuorgoTznY65A
|
||||||
|
22. https://securityaffairs.com/149698/apt/kimsuky-war-simulation-centre.html
|
||||||
|
23. https://mp.weixin.qq.com/s/uYV4x-46dkKpX76uzqyTmg
|
||||||
|
24. https://securelist.com/the-lazarus-group-deathnote-campaign/109490/
|
||||||
|
25. https://www.group-ib.com/blog/dark-pink-episode-2/
|
||||||
|
26. https://mp.weixin.qq.com/s/w--fSiFrHQUaIv80AuitZQ
|
||||||
|
27. https://securelist.com/gopuram-backdoor-deployed-through-3cx-supply-chain-attack/109344/
|
||||||
|
28. https://www.mandiant.com/resources/blog/north-korea-supply-chain
|
||||||
|
29. https://medium.com/checkmarx-security/lazarus-group-launches-first-open-source-supply-chain-attacks-targeting-crypto-sector-cabc626e404e
|
||||||
|
30. https://www.reversinglabs.com/blog/vmconnect-supply-chain-campaign-continues
|
||||||
|
31. https://www.microsoft.com/en-us/security/blog/2023/11/22/diamond-sleet-supply-chain-compromise-distributes-a-modified-cyberlink-installer/
|
||||||
|
32. https://mp.weixin.qq.com/s/f5YE12w3x3wad5EO0EB53Q
|
||||||
|
33. https://www.cisa.gov/sites/default/files/2023-12/aa23-347a-russian-foreign-intelligence-service-svr-exploiting-jetbrains-teamcity-cve-globally_0.pdf
|
||||||
|
34. https://www.microsoft.com/en-us/security/blog/2023/08/02/midnight-blizzard-conducts-targeted-social-engineering-over-microsoft-teams/
|
||||||
|
35. https://www.mandiant.com/resources/blog/apt43-north-korea-cybercrime-espionage
|
||||||
|
36. https://mp.weixin.qq.com/s/Nk2zml2d0HtK0hszyKW2Dw
|
||||||
|
37. https://mp.weixin.qq.com/s/yX8iKaPSr9VS3Z2wsgdisw
|
||||||
|
38. https://asec.ahnlab.com/ko/50851/
|
||||||
|
39. https://mp.weixin.qq.com/s/sO2rJbYbqLcYb3AvAUMeGg
|
||||||
|
40. https://mp.weixin.qq.com/s/gH6cWCn8PswJ4d2ef7ZSeQ
|
||||||
|
41. https://mp.weixin.qq.com/s/lvSraGnMsl3a1jEUubuvyw
|
||||||
|
42. https://www.sentinelone.com/labs/transparent-tribe-apt36-pakistan-aligned-threat-actor-expands-interest-in-indian-education-sector/
|
||||||
|
43. https://www.seqrite.com/blog/transparent-tribe-apt-actively-lures-indian-army-amidst-increased-targeting-of-educational-institutions
|
||||||
|
44. https://mp.weixin.qq.com/s/8zpPPl6JIXqa4QEpiKC5GQ
|
||||||
|
45. https://www.fbi.gov/news/press-releases/fbi-identifies-cryptocurrency-funds-stolen-by-dprk
|
||||||
|
46. https://securelist.com/unveiling-lazarus-new-campaign/110888/
|
||||||
|
47. https://mp.weixin.qq.com/s/EQ8nrfE3tkfg4nB8F49VLA
|
||||||
|
48. https://mp.weixin.qq.com/s/W4hkBRJnwN1G32QCpaNNoA
|
||||||
|
49. https://www.proofpoint.com/us/blog/threat-insight/ta444-apt-startup-aimed-at-your-funds
|
||||||
|
50. https://labs.withsecure.com/content/dam/labs/docs/WithSecure-Lazarus-No-Pineapple-Threat-Intelligence-Report-2023.pdf
|
||||||
|
51. https://asec.ahnlab.com/ko/47622/
|
||||||
|
52. https://asec.ahnlab.com/ko/47820/
|
||||||
|
53. https://www.welivesecurity.com/2023/02/23/winordll64-backdoor-vast-lazarus-arsenal/
|
||||||
|
54. https://mp.weixin.qq.com/s/iAGUMG7UmDFcB96HYhqRDw
|
||||||
|
55. https://asec.ahnlab.com/en/49295/
|
||||||
|
56. https://blog.alyac.co.kr/5102
|
||||||
|
57. https://blog.alyac.co.kr/5103
|
||||||
|
58. https://medium.com/s2wblog/kimsuky-group-appears-to-be-exploiting-onenote-like-the-cybercrime-group-3c96b0b85b9f
|
||||||
|
59. https://www.zscaler.com/blogs/security-research/unintentional-leak-glimpse-attack-vectors-apt37
|
||||||
|
60. https://threatmon.io/chinotto-backdoor-technical-analysis-of-the-apt-reapers-powerful/
|
||||||
|
61. https://asec.ahnlab.com/en/50625/
|
||||||
|
62. https://blog.google/threat-analysis-group/how-were-protecting-users-from-government-backed-attacks-from-north-korea/
|
||||||
|
63. https://blog.virustotal.com/2023/04/apt43-investigation-into-north-korean.html
|
||||||
|
64. https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/
|
||||||
|
65. https://www.jamf.com/blog/bluenoroff-apt-targets-macos-rustbucket-malware/#
|
||||||
|
66. https://mp.weixin.qq.com/s/iCFz9vhYGxz0cd8_0-PhDQ
|
||||||
|
67. https://research.checkpoint.com/2023/chain-reaction-rokrats-missing-link/
|
||||||
|
68. https://www.sentinelone.com/labs/kimsuky-evolves-reconnaissance-capabilities-in-new-global-campaign/
|
||||||
|
69. https://asec.ahnlab.com/ko/52662/
|
||||||
|
70. https://mp.weixin.qq.com/s/RjvwKH6UBETzUVtXje_bIA
|
||||||
|
71. https://www.genians.co.kr/hubfs/blogfile/threat_intelligence_report_apt37.pdf?hsLang=ko
|
||||||
|
72. https://asec.ahnlab.com/en/53132/
|
||||||
|
73. https://www.sentinelone.com/labs/kimsuky-ongoing-campaign-using-tailored-reconnaissance-toolkit/
|
||||||
|
74. https://threatmon.io/reverse-engineering-rokrat-a-closer-look-at-apt37s-onedrive-based-attack-vector/
|
||||||
|
75. https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3413621/us-rok-agencies-alert-dprk-cyber-actors-impersonating-targets-to-collect-intell/
|
||||||
|
76. https://mp.weixin.qq.com/s/v5JGN15kVr4zGjPkCeuovQ
|
||||||
|
77. https://asec.ahnlab.com/en/53377/
|
||||||
|
78. https://www.sentinelone.com/labs/kimsuky-new-social-engineering-campaign-aims-to-steal-credentials-and-gather-strategic-intelligence/
|
||||||
|
79. https://www.genians.co.kr/hubfs/blogfile/20230620_threat_inteligence_report_apt37_macos.pdf?hsLang=EN
|
||||||
|
80. https://asec.ahnlab.com/en/54349/
|
||||||
|
81. https://mp.weixin.qq.com/s/MLkYHLzKaMYGCF4Czw0Vag
|
||||||
|
82. https://securelist.com/lazarus-andariel-mistakes-and-easyrat/110119/
|
||||||
|
83. https://www.elastic.co/cn/security-labs/DPRK-strikes-using-a-new-variant-of-rustbucket
|
||||||
|
84. https://asec.ahnlab.com/ko/54952/
|
||||||
|
85. https://www.sentinelone.com/blog/bluenoroff-how-dprks-macos-rustbucket-seeks-to-evade-analysis-and-detection/
|
||||||
|
86. https://asec.ahnlab.com/en/55145/
|
||||||
|
87. https://ti.qianxin.com/blog/articles/Cloud-Spy-Analysis-of-Recent-Attack-Activities-by-Group123-CN/
|
||||||
|
88. https://mp.weixin.qq.com/s/13bQDJCfnTBFVMUbhKgllw
|
||||||
|
89. https://mp.weixin.qq.com/s/GMgk6LG6pYSebf4y7f7g7w
|
||||||
|
90. https://asec.ahnlab.com/en/55369/
|
||||||
|
91. https://mp.weixin.qq.com/s/8aoOtjXn3C5sVIaE08-_GQ
|
||||||
|
92. https://www.genians.co.kr/hubfs/blogfile/20230727_threat_inteligence_report_Konni.pdf?hsLang=ko
|
||||||
|
93. https://www.sentinelone.com/labs/comrades-in-arms-north-korea-compromises-sanctioned-russian-missile-engineering-company/
|
||||||
|
94. https://asec.ahnlab.com/ko/56256/
|
||||||
|
95. https://blog.talosintelligence.com/lazarus-quiterat/
|
||||||
|
96. https://blog.talosintelligence.com/lazarus-collectionrat/
|
||||||
|
97. https://mp.weixin.qq.com/s/2AnQICw1lII3j-IcKcUThw?poc_token=HAv7d2WjfLjxoUTf772bRE3Mbqcj17JNOI8X8hRz
|
||||||
|
98. https://asec.ahnlab.com/ko/56654/
|
||||||
|
99. https://mp.weixin.qq.com/s/PZfBhtrz6jelWIBUjRZcyw
|
||||||
|
100. https://mp.weixin.qq.com/s/Qr8lJrz9d7rgj9XH9vPCTg
|
||||||
|
101. https://mp.weixin.qq.com/s/1J4JNqLVUST6PsAWwoQ1CQ
|
||||||
|
102. https://blog.alyac.co.kr/5251
|
||||||
|
103. https://mp.weixin.qq.com/s/hwvEqIB68AAdnpQvrKNAeQ
|
||||||
|
104. https://www.welivesecurity.com/en/eset-research/lazarus-luring-employees-trojanized-coding-challenges-case-spanish-aerospace-company/
|
||||||
|
105. https://asec.ahnlab.com/ko/57427/
|
||||||
|
106. https://asec.ahnlab.com/ko/57748/
|
||||||
|
107. https://www.microsoft.com/en-us/security/blog/2023/10/18/multiple-north-korean-threat-actors-exploiting-the-teamcity-cve-2023-42793-vulnerability/
|
||||||
|
108. https://cyble.com/blog/higaisa-apt-resurfaces-via-phishing-website-targeting-chinese-users/
|
||||||
|
109. https://medium.com/s2wblog/fastviewer-variant-merged-with-fastspy-and-disguised-as-a-legitimate-mobile-application-f3004588f95c
|
||||||
|
110. https://www.elastic.co/security-labs/elastic-catches-dprk-passing-out-kandykorn
|
||||||
|
111. https://www.jamf.com/blog/bluenoroff-strikes-again-with-new-macos-malware/
|
||||||
|
112. https://asec.ahnlab.com/ko/58215/
|
||||||
|
113. https://asec.ahnlab.com/ko/59209/
|
||||||
|
114. https://asec.ahnlab.com/en/59318/
|
||||||
|
115. https://mp.weixin.qq.com/s/s3WVSPNjkfvhROufXrDtiQ
|
||||||
|
116. https://asec.ahnlab.com/ko/59460/
|
||||||
|
117. https://securelist.com/bluenoroff-new-macos-malware/111290/
|
||||||
|
118. https://mp.weixin.qq.com/s/2cxW68ION9Ch2Fg37_cDqw
|
||||||
|
119. https://ti.qianxin.com/blog/articles/Analysis-of-Suspected-Lazarus-APT-Q-1-Attack-Sample-Targeting-npm-Package-Supply-Chain-CN/
|
||||||
|
120. https://blog.talosintelligence.com/lazarus_new_rats_dlang_and_telegram/
|
||||||
|
121. https://mp.weixin.qq.com/s/bdAb1Bbgtd3amuziu2_Tsw
|
||||||
|
122. https://mp.weixin.qq.com/s/G3gUjg9WC96NW4cRPww6gw
|
||||||
|
123. https://www.group-ib.com/blog/dark-pink-apt/
|
||||||
|
124. https://mp.weixin.qq.com/s/7KOjLgeHsgEI7KuDhFOiKA
|
||||||
|
125. https://www.deepinstinct.com/blog/ducktail-threat-operation-re-emerges-with-new-lnk-powershell-and-other-custom-tactics-to-avoid-detection
|
||||||
|
126. https://mp.weixin.qq.com/s/_WMljf41eTsBrQDa3BjFTQ
|
||||||
|
127. https://yoroi.company/en/research/ducktail-dissecting-a-complex-infection-chain-started-from-social-engineering/
|
||||||
|
128. https://www.trendmicro.com/en_us/research/23/e/managed-xdr-investigation-of-ducktail-in-trend-micro-vision-one.html
|
||||||
|
129. https://www.elastic.co/cn/security-labs/elastic-charms-spectralviper
|
||||||
|
130. https://www.zscaler.com/blogs/security-research/look-ducktail
|
||||||
|
131. https://labs.withsecure.com/publications/meet-the-ducks
|
||||||
|
132. https://blog.nsfocus.net/aptdarkpinkwinrar-0daycve-2023-38831/
|
||||||
|
133. https://www.appgate.com/blog/vietnamese-information-stealer-campaigns-target-professionals-on-linkedin
|
||||||
|
134. https://securelist.com/ducktail-fashion-week/111017/
|
||||||
|
135. https://mp.weixin.qq.com/s/IB2w86cXcpmGS8qrOnprKw
|
||||||
|
136. https://labs.withsecure.com/publications/darkgate-rises
|
||||||
|
137. https://labs.withsecure.com/publications/ducktail
|
||||||
|
138. https://www.zscaler.com/blogs/security-research/new-php-variant-ducktail-infostealer-targeting-facebook-business-accounts
|
||||||
|
139. https://labs.withsecure.com/publications/ducktail-returns
|
||||||
|
140. https://mp.weixin.qq.com/s/JbaEpcmvC80EoE8X0DnwKQ
|
||||||
|
141. https://mp.weixin.qq.com/s/P7VXmHIB5dJl9ZoE1OBDww
|
||||||
|
142. https://mp.weixin.qq.com/s/7Q2nulqLsofjSftbWQt2kA
|
||||||
|
143. https://mp.weixin.qq.com/s/rslBGQgTL_jZD73AJqI05Q
|
||||||
|
144. https://mp.weixin.qq.com/s/SR-m-RrqyT3V2zkOPBm-9g
|
||||||
|
145. https://mp.weixin.qq.com/s/xU7b3m-L2OlAi2bU7nBj0A
|
||||||
|
146. https://www.group-ib.com/media-center/press-releases/sidewinder-apt-report/
|
||||||
|
147. https://threatmon.io/apt-sidecopy-targeting-indian-government-entities/
|
||||||
|
148. https://mp.weixin.qq.com/s/RD03YH2ngRUbUmE80d18Uw
|
||||||
|
149. https://blog.cyble.com/2023/03/21/notorious-sidecopy-apt-group-sets-sights-on-indias-drdo/
|
||||||
|
150. https://mp.weixin.qq.com/s/21kLaaPEzGBBAlguLgU9Cw
|
||||||
|
151. https://mp.weixin.qq.com/s/duZiNBDwPwJ3QbbaFrNzYg
|
||||||
|
152. https://www.intezer.com/blog/research/phishing-campaign-targets-nuclear-energy-industry/
|
||||||
|
153. https://www.cyfirma.com/outofband/donot-apt-targets-individuals-in-south-asia-using-android-malware/
|
||||||
|
154. https://mp.weixin.qq.com/s/ZJsZ5yqQzy5VnUNrB9ylxg
|
||||||
|
155. https://www.uptycs.com/blog/cyber_espionage_in_india_decoding_apt_36_new_linux_malware
|
||||||
|
156. https://mp.weixin.qq.com/s/Lb_NYxhi9iJgmvI2wjY9qg
|
||||||
|
157. https://www.fortinet.com/blog/threat-research/clean-rooms-nuclear-missiles-and-sidecopy
|
||||||
|
158. https://blogs.blackberry.com/en/2023/05/sidewinder-uses-server-side-polymorphism-to-target-pakistan
|
||||||
|
159. https://mp.weixin.qq.com/s/sYk4pTMJloRuogBMnD3hRg
|
||||||
|
160. https://www.group-ib.com/blog/hunting-sidewinder/
|
||||||
|
161. https://mp.weixin.qq.com/s/QTSefcnpZ9AeG0v2SIpwuA
|
||||||
|
162. https://mp.weixin.qq.com/s/DhQj9-0QLwVSQYH_uGDw2g
|
||||||
|
163. https://mp.weixin.qq.com/s/WU0VnMCf-FQyXiBkZfZAEw
|
||||||
|
164. https://mp.weixin.qq.com/s/H-ZRvcofbzwZ8Ikyn5Vu4w
|
||||||
|
165. https://perception-point.io/blog/operation-red-deer/
|
||||||
|
166. https://mp.weixin.qq.com/s/MZadlpXbpCfQAv41rtVm3A
|
||||||
|
167. https://www.seqrite.com/blog/double-action-triple-infection-and-a-new-rat-sidecopys-persistent-targeting-of-indian-defence
|
||||||
|
168. https://www.cyfirma.com/outofband/donot-apt-elevates-its-tactics-by-deploying-malicious-android-apps-on-google-play-store/
|
||||||
|
169. https://www.rewterz.com/rewterz-news/rewterz-threat-alert-apt-c-35-aka-donot-team-active-iocs-14/
|
||||||
|
170. https://www.rewterz.com/rewterz-news/rewterz-threat-alert-sidewinder-apt-group-launches-cyber-espionage-campaign-against-pakistan-government-active-iocs/
|
||||||
|
171. https://asec.ahnlab.com/en/54916/
|
||||||
|
172. https://mp.weixin.qq.com/s/ewGyvlmWUD45XTVsoxeVpg
|
||||||
|
173. https://threatmon.io/from-slides-to-threats-transparent-tribes-new-attack-on-indian-government-entities-using-malicious-ppt/
|
||||||
|
174. https://threatmon.io/unraveling-the-complex-infection-chain-analysis-of-the-sidecopy-apts-attack/
|
||||||
|
175. https://mp.weixin.qq.com/s/qkWD_X3aFPURThJqu7lbvg
|
||||||
|
176. https://mp.weixin.qq.com/s/HVhXyIB4sKuG6dDwwe4Pcw
|
||||||
|
177. https://mp.weixin.qq.com/s/9cqXdFn7erJupk9QPRhqpg
|
||||||
|
178. https://mp.weixin.qq.com/s/FJXfNLhWjBjBHMqWKgdPNw
|
||||||
|
179. https://mp.weixin.qq.com/s/WJji5Dr9OHSgwIaySetCfg
|
||||||
|
180. https://mp.weixin.qq.com/s/VCGI3FtR4LwXpWzf5EuLIA
|
||||||
|
181. https://mp.weixin.qq.com/s/6bicaHGYmOBQmXnm27NNAQ
|
||||||
|
182. https://mp.weixin.qq.com/s/nMTQww-jHkdKBWFPYdfprA
|
||||||
|
183. https://mp.weixin.qq.com/s/IOBCV0hUVjFUrEbbYnRW-w
|
||||||
|
184. https://www.zscaler.com/blogs/security-research/peek-apt36-s-updated-arsenal
|
||||||
|
185. https://www.sentinelone.com/labs/capratube-transparent-tribes-caprarat-mimics-youtube-to-hijack-android-phones/
|
||||||
|
186. https://www.seqrite.com/blog/sidecopys-multi-platform-onslaught-leveraging-winrar-zero-day-and-linux-variant-of-ares-rat/
|
||||||
|
187. https://mp.weixin.qq.com/s/iWx2tGCLOR0JtDBnC3FOwQ
|
||||||
|
188. https://mp.weixin.qq.com/s/CRx7NLPE4zzGwHEoWe8_bA
|
||||||
|
189. https://mp.weixin.qq.com/s/NpEpqjOCLKDRsRHJP-zTgA
|
||||||
|
190. https://mp.weixin.qq.com/s/cew83Kzo6omopGlPG-qgxw
|
||||||
|
191. https://mp.weixin.qq.com/s/o8KeGK1DKFfXCQT2KFdhHA
|
||||||
|
192. https://www.seqrite.com/blog/operation-rusticweb-targets-indian-govt-from-rust-based-malware-to-web-service-exfiltration/
|
||||||
|
193. https://www.mandiant.com/resources/blog/turla-galaxy-opportunity
|
||||||
|
194. https://cert.gov.ua/article/3718487
|
||||||
|
195. https://www.welivesecurity.com/2023/01/27/swiftslicer-new-destructive-wiper-malware-ukraine/
|
||||||
|
196. https://therecord.media/latvia-confirms-phishing-attack-on-ministry-of-defense-linking-it-to-russian-hacking-group/
|
||||||
|
197. https://cert.gov.ua/article/3761023
|
||||||
|
198. https://mrtiepolo.medium.com/russian-apt-gamaredon-exploits-hoaxshell-to-target-ukrainian-organizations-173427d4339b
|
||||||
|
199. https://mrtiepolo.medium.com/sophisticated-apt29-campaign-abuses-notion-api-to-target-the-european-commission-200188059f58
|
||||||
|
200. https://threatmon.io/beyond-bullets-and-bombs-an-examination-of-armageddon-groups-cyber-warfare-against-ukraine/
|
||||||
|
201. https://blogs.blackberry.com/en/2023/03/nobelium-targets-eu-governments-assisting-ukraine
|
||||||
|
202. https://informnapalm.org/en/hacked-russian-gru-officer/
|
||||||
|
203. https://www.gov.pl/web/baza-wiedzy/espionage-campaign-linked-to-russian-intelligence-services
|
||||||
|
204. https://securityintelligence.com/posts/ex-conti-fin7-actors-collaborate-new-domino-backdoor/
|
||||||
|
205. https://blog.eclecticiq.com/exposed-web-panel-reveals-gamaredon-groups-automated-spear-phishing-campaigns
|
||||||
|
206. https://www.ncsc.gov.uk/news/apt28-exploits-known-vulnerability-to-carry-out-reconnaissance-and-deploy-malware-on-cisco-routers
|
||||||
|
207. https://securelist.com/tomiris-called-they-want-their-turla-malware-back/109552/
|
||||||
|
208. https://labs.withsecure.com/publications/fin7-target-veeam-servers
|
||||||
|
209. https://www.prodaft.com/resource/detail/paperbug-nomadic-octopus-paperbug-campaign
|
||||||
|
210. https://cert.gov.ua/article/4492467
|
||||||
|
211. https://cert.gov.ua/article/4501891
|
||||||
|
212. https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/analyzing-the-ntc-vulkan-leak-what-it-says-about-russias-cyber-capabilities/
|
||||||
|
213. https://thedfirreport.com/2023/06/12/a-truly-graceful-wipe-out/
|
||||||
|
214. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/shuckworm-russia-ukraine-military
|
||||||
|
215. https://cert.gov.ua/article/4905718
|
||||||
|
216. https://www.recordedfuture.com/bluedelta-exploits-ukrainian-government-roundcube-mail-servers
|
||||||
|
217. https://cert.gov.ua/article/4905829
|
||||||
|
218. https://cert.gov.ua/article/5098518
|
||||||
|
219. https://lab52.io/blog/2344-2/
|
||||||
|
220. https://blog.talosintelligence.com/malicious-campaigns-target-entities-in-ukraine-poland/
|
||||||
|
221. https://cert.gov.ua/article/5160737
|
||||||
|
222. https://cert.gov.ua/article/5213167
|
||||||
|
223. https://www.avertium.com/resources/threat-reports/evolution-of-russian-apt29-new-attacks-and-techniques-uncovered
|
||||||
|
224. https://mp.weixin.qq.com/s/32U2nBhyE0hjBWSKhwCT4g
|
||||||
|
225. https://go.recordedfuture.com/hubfs/reports/cta-2023-0727-1.pdf
|
||||||
|
226. https://blog.eclecticiq.com/german-embassy-lure-likely-part-of-campaign-against-nato-aligned-ministries-of-foreign-affairs
|
||||||
|
227. https://www.cisa.gov/news-events/analysis-reports/ar23-243a
|
||||||
|
228. https://www.zscaler.com/blogs/security-research/steal-it-campaign
|
||||||
|
229. https://www.silentpush.com/blog/from-russia-with-a-71
|
||||||
|
230. https://unit42.paloaltonetworks.com/turla-pensive-ursa-threat-assessment/
|
||||||
|
231. https://mp.weixin.qq.com/s/QFlQ_I08mDwyl8wl5_vshQ
|
||||||
|
232. https://blog.google/threat-analysis-group/government-backed-actors-exploiting-winrar-vulnerability/
|
||||||
|
233. https://www.cert.ssi.gouv.fr/uploads/CERTFR-2023-CTI-009.pdf
|
||||||
|
234. https://unit42.paloaltonetworks.com/pensive-ursa-uses-upgraded-kazuar-backdoor/
|
||||||
|
235. https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology
|
||||||
|
236. https://www.rnbo.gov.ua/files/2023_YEAR/CYBERCENTER/november/APT29%20attacks%20Embassies%20using%20CVE-2023-38831%20-%20report%20en.pdf
|
||||||
|
237. https://research.checkpoint.com/2023/malware-spotlight-into-the-trash-analyzing-litterdrifter/
|
||||||
|
238. https://www.wojsko-polskie.pl/woc/articles/aktualnosci-w/detecting-malicious-activity-against-microsoft-exchange-servers/
|
||||||
|
239. https://www.proofpoint.com/us/blog/threat-insight/ta422s-dedicated-exploitation-loop-same-week-after-week
|
||||||
|
240. https://mp.weixin.qq.com/s/qXEGbV6LTn_UdJrSKS-srg
|
||||||
|
241. https://socradar.io/dark-web-profile-muddywater-apt-group/
|
||||||
|
242. https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users/
|
||||||
|
243. https://www.trendmicro.com/en_us/research/23/b/new-apt34-malware-targets-the-middle-east.html
|
||||||
|
244. https://www.gov.il/en/departments/news/_muddywater
|
||||||
|
245. https://mp.weixin.qq.com/s/NomfjAjGYdsOpLBtiOSZpA
|
||||||
|
246. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/mantis-palestinian-attacks
|
||||||
|
247. https://www.microsoft.com/en-us/security/blog/2023/04/07/mercury-and-dev-1084-destructive-attack-on-hybrid-environment/
|
||||||
|
248. https://www.microsoft.com/en-us/security/blog/2023/04/18/nation-state-threat-actor-mint-sandstorm-refines-tradecraft-to-attack-high-value-targets/
|
||||||
|
249. https://www.group-ib.com/blog/muddywater-infrastructure/
|
||||||
|
250. https://research.checkpoint.com/2023/educated-manticore-iran-aligned-threat-actor-targeting-israel-via-improved-arsenal-of-tools/
|
||||||
|
251. https://www.bitdefender.com/blog/businessinsights/unpacking-bellaciao-a-closer-look-at-irans-latest-malware/
|
||||||
|
252. https://www.welivesecurity.com/2023/05/02/apt-groups-muddying-waters-msps/
|
||||||
|
253. https://research.checkpoint.com/2023/agrius-deploys-moneybird-in-targeted-attacks-against-israeli-organizations/
|
||||||
|
254. https://www.volexity.com/blog/2023/06/28/charming-kitten-updates-powerstar-with-an-interplanetary-twist/
|
||||||
|
255. https://www.deepinstinct.com/blog/phonyc2-revealing-a-new-malicious-command-control-framework-by-muddywater
|
||||||
|
256. https://www.proofpoint.com/us/blog/threat-insight/welcome-new-york-exploring-ta453s-foray-lnks-and-mac-malware
|
||||||
|
257. https://mp.weixin.qq.com/s/XVV3BoAd7CdPaZ0na8ID1Q
|
||||||
|
258. https://mp.weixin.qq.com/s/e4S10n9sLxJrmmgyJFZN0g
|
||||||
|
259. https://mp.weixin.qq.com/s/YEIyUjvG2rmgrI8gDDAPBA
|
||||||
|
260. https://www.welivesecurity.com/en/eset-research/sponsor-batch-filed-whiskers-ballistic-bobcats-scan-strike-backdoor/
|
||||||
|
261. https://www.microsoft.com/en-us/security/blog/2023/09/14/peach-sandstorm-password-spray-campaigns-enable-intelligence-collection-at-high-value-targets/
|
||||||
|
262. https://mp.weixin.qq.com/s/-LYXJtjEhdwa8Km_Ri1cXg
|
||||||
|
263. https://www.welivesecurity.com/en/eset-research/oilrigs-outer-space-juicy-mix-same-ol-rig-new-drill-pipes/
|
||||||
|
264. https://www.welivesecurity.com/en/eset-research/stealth-falcon-preying-middle-eastern-skies-deadglyph/
|
||||||
|
265. https://www.trendmicro.com/en_us/research/23/i/apt34-deploys-phishing-attack-with-new-malware.html
|
||||||
|
266. https://mp.weixin.qq.com/s/xy9PfucgtYTzae_XLWsN6w
|
||||||
|
267. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/crambus-middle-east-government
|
||||||
|
268. https://blog.sekoia.io/aridviper-an-intrusion-set-allegedly-associated-with-hamas/
|
||||||
|
269. https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/
|
||||||
|
270. https://blog.talosintelligence.com/arid-viper-mobile-spyware/
|
||||||
|
271. https://www.deepinstinct.com/blog/muddywater-en-able-spear-phishing-with-new-ttps
|
||||||
|
272. https://unit42.paloaltonetworks.com/agonizing-serpens-targets-israeli-tech-higher-ed-sectors/
|
||||||
|
273. https://www.sentinelone.com/labs/arid-viper-apts-nest-of-spyc23-malware-continues-to-target-android-devices/
|
||||||
|
274. https://mp.weixin.qq.com/s/f6T_ZQHyLcDcJZrHiHDxFA
|
||||||
|
275. https://www.proofpoint.com/us/blog/threat-insight/ta402-uses-complex-ironwind-infection-chains-target-middle-east-based-government
|
||||||
|
276. https://www.welivesecurity.com/en/eset-research/oilrig-persistent-attacks-cloud-service-powered-downloaders/
|
||||||
|
277. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/iran-apt-seedworm-africa-telecoms
|
||||||
|
278. https://securelist.com/operation-triangulation/109842/
|
||||||
|
279. https://securelist.com/find-the-triangulation-utility/109867/
|
||||||
|
280. https://securelist.com/triangledb-triangulation-implant/110050/
|
||||||
|
281. https://securelist.com/triangulation-validators-modules/110847/
|
||||||
|
282. https://securelist.com/operation-triangulation-catching-wild-triangle/110916/
|
||||||
|
283. https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
|
||||||
|
284. https://research.checkpoint.com/2023/blindeagle-targeting-ecuador-with-sharpened-tools/
|
||||||
|
285. https://blogs.blackberry.com/en/2023/02/blind-eagle-apt-c-36-targets-colombia
|
||||||
|
286. https://mp.weixin.qq.com/s/agvWfF-UBTbTevUSm2yspw
|
||||||
|
287. https://threatmon.io/apt-blind-eagles-malware-arsenal-technical-analysis/
|
||||||
|
288. https://mp.weixin.qq.com/s/6YDnMAf0laiLKukJ04XLTQ
|
||||||
|
289. https://it.rising.com.cn/anquan/20037.html
|
||||||
|
290. https://mp.weixin.qq.com/s/-7U1-NTP0EdVOtptzbHUsg
|
||||||
|
291. https://mp.weixin.qq.com/s/b0FSKQ6D3MvlA8yX3v4IUg
|
||||||
|
292. https://mp.weixin.qq.com/s/5e_FTpMsciVFouWpigV7Gw
|
||||||
|
293. https://www.trendmicro.com/en_us/research/23/b/earth-kitsune-delivers-new-whiskerspy-backdoor.html
|
||||||
|
294. https://blog.sekoia.io/following-noname05716-ddosia-projects-targets/
|
||||||
|
295. https://securelist.com/goldenjackal-apt-group/109677/
|
||||||
|
296. https://www.microsoft.com/en-us/security/blog/2023/06/14/cadet-blizzard-emerges-as-a-novel-and-distinct-russian-threat-actor/
|
||||||
|
297. https://www.paloaltonetworks.com/blog/security-operations/through-the-cortex-xdr-lens-uncovering-a-new-activity-group-targeting-governments-in-the-middle-east-and-africa/
|
||||||
|
298. https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/space-pirates-a-look-into-the-group-s-unconventional-techniques-new-attack-vectors-and-tools/
|
||||||
|
299. https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/
|
||||||
|
300. https://mp.weixin.qq.com/s/DZwbJ8-UTji29kH2on90fQ
|
||||||
|
301. https://mp.weixin.qq.com/s/dOQ5kA7MwQCDg2x_NgBoEA
|
||||||
|
302. https://www.barracuda.com/company/legal/esg-vulnerability
|
||||||
|
303. https://www.mandiant.com/resources/blog/barracuda-esg-exploited-globally
|
||||||
|
304. https://msrc.microsoft.com/blog/2023/07/microsoft-mitigates-china-based-threat-actor-storm-0558-targeting-of-customer-email/
|
||||||
|
305. https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-193a
|
||||||
|
306. https://practical365.com/storm-0558-snafus/
|
||||||
|
307. https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/view?pli=1#gid=1746868651
|
||||||
|
308. https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/
|
||||||
|
309. https://blog.google/threat-analysis-group/0-days-exploited-by-commercial-surveillance-vendor-in-egypt/
|
||||||
|
310. https://citizenlab.ca/2023/09/predator-in-the-wires-ahmed-eltantawy-targeted-with-predator-spyware-after-announcing-presidential-ambitions/
|
||||||
|
311. https://www.trendmicro.com/en_us/research/22/d/new-apt-group-earth-berberoka-targets-gambling-websites-with-old.html
|
||||||
|
312. https://ti.qianxin.com/uploads/2023/03/20/396eaf4482e610119ce0cdcd7526c945.pdf
|
||||||
|
313. https://ti.qianxin.com/apt/detail/5acb29d0596a10001a1a9794?name=Turla&type=map
|
||||||
|
314. https://blogs.blackberry.com/en/2023/07/romcom-targets-ukraine-nato-membership-talks-at-nato-summit
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user