threat summary report

ddos q2

https://gcorelabs.com/blog/ddos-attack-trends-in-q1q2-of-2022/

Spam and phishing in 2021

https://securelist.com/spam-and-phishing-in-2021/105713/

list:

1.	https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/
2.	https://www.bleepingcomputer.com/news/security/lazarus-hackers-target-researchers-with-trojanized-ida-pro/
3.	https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/
4.	https://blogs.jpcert.or.jp/en/2021/01/Lazarus_malware2.html
5.	http://blog.nsfocus.net/stumpzarus-apt-lazarus/
6.	https://blog.malwarebytes.com/awareness/2021/02/north-korean-hackers-charged-with-1-3-billion-of-cyberheists/
7.	https://securelist.com/lazarus-threatneedle/100803/
8.	https://blog.sygnia.co/lazarus-groups-mata-framework-leveraged-to-deploy-tflower-ransomware?hsLang=en
9.	https://blogs.jpcert.or.jp/en/2021/03/Lazarus_malware3.html
10.	https://www.welivesecurity.com/2021/04/08/are-you-afreight-dark-watch-out-vyveva-new-lazarus-backdoor/
11.	https://blog.group-ib.com/btc_changer
12.	https://blog.malwarebytes.com/threat-intelligence/2021/04/lazarus-apt-conceals-malicious-code-within-bmp-file-to-drop-its-rat/
13.	https://www.estsecurity.com/enterprise/security-center/notice/view/59449?category-id=
14.	https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/lazarus-recruitment/
15.	https://ti.qianxin.com/blog/articles/Analysis-of-attacks-by-Lazarus-using-Daewoo-shipyard-as-bait/
16.	https://mp.weixin.qq.com/s/MBH8ACSTfC6UGzf2h1BuhA
17.	https://cybersecurity.att.com/blogs/labs-research/lazarus-campaign-ttps-and-evolution
18.	https://ti.qianxin.com/blog/articles/Lazarus'-Recent-Attack-Campaign-Targeting-Blockchain-Finance-and-Energy-Sectors/
19.	https://securelist.com/apt-trends-report-q3-2021/104708/
20.	https://usa.kaspersky.com/about/press-releases/2021_apt-actor-lazarus-attacks-defense-industry-develops-supply-chain-attack-capabilities
21.	https://asec.ahnlab.com/ko/28527/
22.	https://twitter.com/esetresearch/status/1458438155149922312
23.	https://mp.weixin.qq.com/s/ZMnO3Q6MAxafmOOO2cQMfw
24.	https://www.nknews.org/pro/dprk-hackers-use-south-korean-servers-and-google-drive-to-hide-malware-attack/
25.	https://blog.alyac.co.kr/3489
26.	https://blog.alyac.co.kr/3525
27.	https://blog.alyac.co.kr/3536
28.	https://blog.alyac.co.kr/3550
29.	https://www.estsecurity.com/enterprise/security-center/notice/view/22734?category-id=5
30.	https://blog.alyac.co.kr/3624
31.	https://apt.360.cn/report/apts/171.html
32.	https://ti.qianxin.com/blog/articles/Analysis-on-the-attack-activities-of-Kimsuky-APT-using-the-Foreign-Ministry-of-South-Korea-as-bait/
33.	https://blog.malwarebytes.com/threat-intelligence/2021/06/kimsuky-apt-continues-to-target-south-korean-government-using-appleseed-backdoor/
34.	https://www.freebuf.com/articles/paper/278762.html
35.	https://mp.weixin.qq.com/s/y4TGzrhr2rvVk5EAca91hA
36.	https://asec.ahnlab.com/ko/25351/
37.	https://www.freebuf.com/articles/paper/281985.html
38.	https://mp.weixin.qq.com/s/BvP00a-33OOmbcdwDkeqeg
39.	https://www.boannews.com/media/view.asp?idx=99543
40.	https://www.boannews.com/media/view.asp?idx=99543
41.	https://inquest.net/blog/2021/08/23/kimsuky-espionage-campaign
42.	https://blog.alyac.co.kr/4130
43.	https://asec.ahnlab.com/ko/27166/
44.	https://mp.weixin.qq.com/s/sautIOi__PCf4Y_tfdj1zg
45.	https://blog.talosintelligence.com/2021/11/kimsuky-abuses-blogs-delivers-malware.html%EF%BB%BF
46.	https://blog.malwarebytes.com/threat-analysis/2021/01/retrohunting-apt37-north-korean-apt-used-vba-self-decode-technique-to-inject-rokrat/
47.	https://www.volexity.com/blog/2021/08/17/north-korean-apt-inkysquid-infects-victims-using-browser-exploits/
48.	https://blog.malwarebytes.com/threat-intelligence/2021/08/new-variant-of-konni-malware-used-in-campaign-targetting-russia/
49.	https://www.volexity.com/blog/2021/08/24/north-korean-bluelight-special-inkysquid-deploys-rokrat/
50.	https://securelist.com/scarcruft-surveilling-north-korean-defectors-and-human-rights-activists/105074/
51.	https://mp.weixin.qq.com/s/nyxZFXgrtm2-tBiV3-wiMg
52.	https://www.anomali.com/blog/primitive-bear-gamaredon-targets-ukraine-with-timely-themes
53.	https://www.microsoft.com/security/blog/2021/05/27/new-sophisticated-email-based-attack-from-nobelium/
54.	https://blog.netlab.360.com/rotajakiro_vs_oceanlotus_cn/
55.	https://ti.qianxin.com/blog/articles/Operation-OceanStorm:The-OceanLotus-hidden-under-the-abyss-of-the-deep/
56.	https://www.amnestyusa.org/reports/vietnamese-activists-targeted-by-notorious-hacking-group/
57.	https://mp.weixin.qq.com/s/WnKc0JbjA5_IsjPFSzFoYA
58.	https://mp.weixin.qq.com/s/NUjR3qVE0PJXULgGc3Edow
59.	https://mp.weixin.qq.com/s/8nP27nQKD_6OE-igggFDww
60.	https://www.4hou.com/posts/2Drj
61.	https://ti.qianxin.com/blog/articles/%22operation-magichm%22:CHM-file-release-and-subsequent-operation-of-BITTER-organization/
62.	https://ti.qianxin.com/blog/articles/Donot-uses-Google-Drive-to-distribute-malware/
63.	https://ti.qianxin.com/blog/articles/Analysis-of-the-Donot-group's-attack-campaign-using-RTF-template-injection-against-the-neighbourhood/
64.	https://mp.weixin.qq.com/s/RC1S7yrYT-o9oyPHkPE-ow
65.	https://ti.qianxin.com/blog/articles/Sidecopy-dual-platform-weapon/
66.	https://mp.weixin.qq.com/s/C09P0al1nhsyyujHRp0FAw
67.	https://ti.dbappsecurity.com.cn/blog/articles/2021/02/10/windows-kernel-zero-day-exploit-is-used-by-bitter-apt-in-targeted-attack-cn/
68.	https://resources.lookout.com/blog/lookout-discovers-novel-confucius-apt-android-spyware-linked-to-india-pakistan-conflict
69.	https://www.antiy.com/response/20210222.html
70.	https://mp.weixin.qq.com/s/ELYDvdMiiy4FZ3KpmAddZQ
71.	https://blog.cyble.com/2021/04/21/donot-team-apt-group-is-back-to-using-old-malicious-patterns/
72.	https://blog.talosintelligence.com/2021/05/transparent-tribe-infra-and-targeting.html
73.	https://ti.qianxin.com/blog/articles/SideWinder-arsenal-update:Analysis-of-attack-activity-against-Pakistan-using-foreign-policy/
74.	https://ti.qianxin.com/blog/articles/Analysis-of-the-APT-Group-Donot's-Attack-Campaign-Using-the-Impact-of-the-Afghan-Withdrawal-as-Bait/
75.	https://ti.qianxin.com/blog/articles/Analysis-of-recent-attacks-by-Transparent-Tribe-using-Indian-Defense-Ministry-meeting-minutes-as-bait/
76.	https://www.trendmicro.com/en_us/research/21/h/confucius-uses-pegasus-spyware-related-lures-to-target-pakistani.html
77.	https://mp.weixin.qq.com/s/_LHJYgf6l9uFYMN23fUQAA
78.	https://mp.weixin.qq.com/s/AhxP5HmROtMsFBiUxj0cFg
79.	https://blog.cyble.com/2021/09/14/apt-group-targets-indian-defense-officials-through-enhanced-ttps/
80.	https://www.amnesty.org/en/latest/news/2021/10/togo-activist-targeted-with-spyware-by-notorious-hacker-group/
81.	https://ti.qianxin.com/blog/articles/Analysis-of-BITTER-APT-Group-for-the-Military-Industry-New-Attack-Activity/
82.	https://mp.weixin.qq.com/s/CGHDuJAb4dav_th25yYpWA
83.	https://mp.weixin.qq.com/s/MQgEVZVqQmcyOXVlEgpezA
84.	http://blog.nsfocus.net/apt-sidecopy/
85.	https://blog.malwarebytes.com/threat-intelligence/2021/12/sidecopy-apt-connecting-lures-to-victims-payloads-to-infrastructure/
86.	https://ti.qianxin.com/blog/articles/SideCopy-APT-Group-Takes-Advantage-of-the-Fire/
87.	https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf
88.	https://unit42.paloaltonetworks.com/ironnetinjector
89.	https://ti.qianxin.com/blog/articles/Analysis-of-attack-activities-of-APT28-using-high-carbon-ferrochrome-manufacturer-registration-form-as-bait/
90.	https://blog.talosintelligence.com/2021/02/gamaredonactivities.html
91.	https://www.mimecast.com/incident-report/
92.	https://www.spiegel.de/politik/deutschland/russischer-hack-erneute-attacke-hack-auf-bundestag-sieben-abgeordnete-betroffen-a-75e1adbe-4462-4e30-bd94-96796aed6b8a
93.	https://www.anomali.com/blog/primitive-bear-gamaredon-targets-ukraine-with-timely-themes
94.	https://www.microsoft.com/security/blog/2021/05/27/new-sophisticated-email-based-attack-from-nobelium/
95.	https://msrc-blog.microsoft.com/2021/06/25/new-nobelium-activity/
96.	https://www.version2.dk/artikel/danmarks-nationalbank-hacket-led-verdens-mest-sofistikerede-hackerangreb-1092886
97.	https://mp.weixin.qq.com/s/bJrEwoq4QkDJvEk_ThvueQ
98.	https://www.bloomberg.com/news/articles/2021-07-06/russian-state-hackers-breached-republican-national-committee
99.	https://www.zscaler.com/blogs/security-research/cloudfall-targets-researchers-and-scientists-invited-international-military
100.	https://blog.talosintelligence.com/2021/09/tinyturla.html
101.	https://services.google.com/fh/files/misc/gcat_threathorizons_full_nov2021.pdf
102.	http://blog.nsfocus.net/solarwinds-foggyweb/
103.	https://ti.qianxin.com/blog/articles/MKLG-Operation:Analysis-of-attacks-against-the-Middle-East-for-several-years/
104.	https://ti.qianxin.com/blog/articles/SnowLeopard:Surveillance-activities-against-Pakistani-users-disclosed/
105.	https://ti.qianxin.com/blog/articles/PyMICROPSIA-New-Trojan-for-AridViper/
106.	https://ti.qianxin.com/blog/articles/PROMETHIUM-forged-NotePad++-installation-package-attack-campaign/
107.	https://ti.qianxin.com/blog/articles/Molerats-Latest-Mobile-Attack-Tracking-Disclosure/
108.	https://blog.certfa.com/posts/charming-kitten-christmas-gift/
109.	https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies
110.	https://ti.qianxin.com/blog/articles/MKLG-Operation:Analysis-of-attacks-against-the-Middle-East-for-several-years/
111.	https://research.checkpoint.com/2021/irans-apt34-returns-with-an-updated-arsenal/
112.	https://about.fb.com/wp-content/uploads/2021/04/Technical-threat-report-Arid-Viper-April-2021.pdf
113.	https://mp.weixin.qq.com/s/o_EVjBVN2sQ1q7cl4rUXoQ
114.	https://www.trendmicro.com/en_us/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time.html
115.	https://ti.qianxin.com/blog/articles/SnowLeopard:Surveillance-activities-against-Pakistani-users-disclosed/
116.	https://securelist.com/lyceum-group-reborn/104586/
117.	https://ti.qianxin.com/blog/articles/APT-Q-63-Attack-Targeting-Palestinian-Areas-Using-Election-Information-as-Bait/
118.	https://ti.qianxin.com/blog/articles/PROMETHIUM-forged-NotePad++-installation-package-attack-campaign/
119.	https://ti.qianxin.com/blog/articles/PyMICROPSIA-New-Trojan-for-AridViper/
120.	https://ti.qianxin.com/blog/articles/Operation-EICAR:-Targeted-hunting-activities-for-the-securities-and-finance-industry/
121.	https://ti.qianxin.com/blog/articles/APT-Q-12-Attack-the-Trade-Industry/
122.	https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/new-apt-group-chamelgang/#id0
123.	https://research.checkpoint.com/2021/indra-hackers-behind-recent-attacks-on-iran/