v x

Invisible Text. Fuck you.

Home Archive Code Zines Windows Papers Linux Papers AV Tech Papers Other Papers Threat Intel Malware Samples APT Collection

2013

NA/FireEye-Terminator_RAT
NA/Operation Ephemeral Hydra
NA/World War C
NA/Ke3chang
NA/Dark Seoul Cyberattack
NA/Secrets of the Comfoo Masters
NA/nJ RAT
NA/Command and Control in the Fifth Domain
NA/Operation Saffron Rose
NA/Chopping packets Decoding China Chopper Web Shell using SSL
NA/China Chopper Web Shell
NA/China Chopper
NA/nJ RAT uncovered
NA/Poison Ivy
NA/Deep Panda
NA/Byebye Shell
NA/Kimsuky
NA/ETSO APT Attacks Analysis
NA/Supply Chain Analysis
NA/2Q Report on Targeted Campaigns
NA/Plugx Smoaler
NA/Surtr Malware Tibetan
NA/Hidden lynx
NA/Operation Molerats
NA/Operation Deputy Dog
NA/India Pak Tranchulas
NA/Icefog APT
NA/Energy at risk
NA/APT Attacks on Indian Cyber Space
2013.01.14/Red October Diplomatic Cyber Attacks Investigation
2013.01.14/RedOctober
2013.01.14/RedOctober Detail
2013.01.14/Red October Detailed Malware Description 1 First Stage of Attack
2013.01.14/Red October Detailed Malware Description 2 Second Stage of Attack
2013.01.14/Red October Detailed Malware Description 3 Second Stage of Attack
2013.01.14/Red October Detailed Malware Description 4 Second Stage of Attack
2013.01.14/Red October Detailed Malware Description 5 Second Stage of Attack
2013.01.18/McAfee Labs Threat Advisory Exploit Operation Red Oct
2013.02.12/Targeted Cyber Attacks
2013.02.18/APT 1
2013.02.22/Comment Crew
2013.02.26/Stuxnet 0.5
2013.02.27/Miniduck Mystery
2013.02.27/Miniduke Indicators
2013.03.13/FinFisher
2013.03.17/Safe - A targeted threat
2013.03.20/The teamspy story
2013.03.20/Operation Troy
2013.03.21/Darkseoul - Jokra Analysis and Recovery
2013.03.27/APT1 - Technical backstage
2013.03.28/PlugX Variant
2013.04.01/Trojan APT Bane Chant
2013.04.13/Winnti
2013.04.21/Mini Duke
2013.05.16/Targeted information stealing attacks in South Asia use email signed binaries
2013.05.20/OperationHangOver - Executive Summary
2013.05.20/Mini Duke Analysis
2013.05.20/Unveiling an Indian Cyberattack Infrastructure - appendixes
2013.05.20/Unveiling an Indian Cyberattack Infrastructure
2013.05.20/Operation Hangover
2013.06.00/Maudi Surveillance Operation
2013.06.01/Crude Faux
2013.06.04/The NET Traveller
2013.06.07/Key Boy
2013.06.18/Trojan APT Seinup
2013.06.21/Syrian Attack
2013.09.06/Evasive Tactics Taidoor
2013.10.24/Evasive Tactics - Terminator RAT
2013.10.24/Fakem RAT
2013.12.20/ETSO APT Attacks Analysis

2014

NA/Illuminating the Etumbot APT Backdoor
NA/TR-25 Analysis - Turla - Pfinet - Snake- Uroburos
NA/The 'Penquin' Turla
NA/Operation Arachnophobia
NA/New Indicators of Compromise for APT Group Nitro Uncovered
NA/Democracy in Hong Kong Under Attack
NA/Putter Panda
NA/BLACKENERGY & QUEDAGH
NA/Scanbox
NA/Invincea
NA/Targeted Attacks Against the Energy Sector
NA/Hikit Analysis
NA/ZoxPNG Analysis
NA/The Rotten Tomato Campaign
NA/THE REGIN PLATFORM
NA/Uroburos
NA/When Governments Hack Opponents: A Look at Actors and Technology
NA/Dragonfly: Cyberespionage Attacks Against Energy Suppliers
NA/The Epic Turla Operation
NA/Embassy of Greece Beijing - Compromise
NA/BlackEnergy2 - Plugins - Router
NA/TOOHASH
NA/The Monju Incident
NA/Regin: Top-tier espionage tool enables stealthy surveillance
NA/Energetic Bear – Crouching Yeti
NA/Cat Scratch Fever: CrowdStrike Tracks Newly Reported Iranian Actor as FLYING KITTEN
NA/Operation Poisoned Handover
NA/FIN4 LIKELY PLAYING THE MARKET
NA/SAFFRON ROSE
NA/The mystery of North Korea’s cyber threat landscape
NA/Forced to Adapt: XSLCmd Backdoor Now on OS X
NA/Analysis of Chinese MITM on Google
NA/Targeted Threat Index: Characterizing and Quantifying Politically-Motivated Targeted Malware
NA/Aided Frame - Aided Direction (Because it’s a redirect)
NA/Full Disclosure of Havex Trojans
NA/El Machete
NA/ScanBox framework
NA/Zombie!Zero
NA/Operation Poisoned Hurricane
NA/OPERATION QUANTUM ENTANGLEMENT
NA/XtremeRAT: Nuisance or Threat
NA/Threat Spotlight: Group 72
NA/COSMICDUKE
NA/Snake
NA/Derusbi (Server Variant) Analysis
NA/DEEP PANDA
NA/SIDEWINDER
NA/New CDTO: A Sneakernet Trojan Solution
NA/NetTraveler APT Gets a Makeover for 10th Birthday
NA/Cloud Atlas: RedOctober APT is back in style
NA/The Uroburos case: new sophisticated RAT identified
NA/LeoUncia and OrcaRat
NA/OrcaRAT
NA/APT 28: A Window into Russia’s Cyber Espionage Operations
NA/Survival of the Fittest: New York Times Attackers Evolve Quickly
NA/Korplug military targeted attacks: Afghanistan & Tajikistan
NA/Miniduke still duking it out
NA/Darwin’s Favorite APT Group
2014.01.21/RSA Incident Response: Emerging Threat Profile Shell_Crew
2014.02.11/Unveiling “Careto” - The Masked APT
2014.02.13/Operation SnowMan
2014.02.20/Operation GreedyWonk
2014.02.20/Mo’ Shells Mo’ Problems – File List Stacking
2014.02.20/Mo' Shells Mo' Problems - Deep Panda Web Shells
2014.02.20/Mo’ Shells Mo’ Problems – Web Server Log Analysis
2014.02.20/Mo’ Shells Mo’ Problems – Network Detection
2014.02.25/The French Connection
2014.03.06/The Siesta Campaign: A New Cybercrime Operation Awakens
2014.03.12/A Detailed Examination of the Siesta Campaign
2014.05.28/NEWSCASTER: An Iranian Threat Within Social Networks
2014.05.28/Iranian Hackers Targeted US Officials in Elaborate Social Media Attack Operation
2014.07.07/Deep in Thought: Chinese Targeting of National Security Think Tanks
2014.07.11/The Eye of the Tiger Part 2
2014.07.11/Pitty_Tiger_Final_Report
2014.07.20/Sayad (Flying Kitten) Infostealer
2014.07.29/Threat Group-3279 Targets the Video Game Industry
2014.08.13/A Look at Targeted Attacks Through the Lense of an NGO
2014.08.18/Syrian Malware, the ever-evolving threat
2014.08.18/The Syrian Malware House of Cards
2014.10.22/Operation Pawn Storm
2014.11.10/DARKHOTEL IOC
2014.11.10/The Darkhotel APT
2014.11.13/Operation CloudyOmega
2014.11.14/OnionDuke
2014.11.20/EvilBunny
2014.11.21/Operation DoubleTap
2014.11.24/I am Ironman: DEEP PANDA Uses Sakula Malware to Target Organizations in Multiple Sectors
2014.12.02/Operation Cleaver
2014.12.03/Operation Cleaver: The Notepad Files
2014.12.09/The Inception Framework: Cloud-hosted APT
2014.12.10/W32.Regin Stage 1
2014.12.10(1)/W64.Regin Stage 1
2014.12.12(1)/Vinself now with steganography
2014.12.17/Wiper Malware
2014.12.18/Malware Attack Targeting Syrian ISIS Critics
2014.12.19/Alert (TA14-353A)
2014.12.21/Operation Poisoned Helmand
2014.12.22/Anunak: APT against financial institutions

2015

2015.01.11/Hong Kong SWC Attack
2015.01.12/Skeleton Key Analysis
2015.01.15/Agent.BTZ to ComRAT
2015.01.20/Project Cobra
2015.01.20/Inception APT Analysis
2015.01.22/Regin Hopscotch Legspin
2015.01.22/Scarab Russian
2015.01.22/WaterBug Attack
2015.01.27/Qwerty Keylogger
2015.01.29/Trojan Skelky
2015.01.29/P2P PlugX
2015.02.02/Behind the syria conflict
2015.02.04/PawnStorm
2015.02.10/Global Threat Intel Report
2015.02.16/Carbanak APT
2015.02.16/Equation group questions and answers
2015.02.16/Star of the malware galaxy
2015.02.16/Operation arid viper
2015.02.17/Desert Falcons APT
2015.02.17/A Fanny Equation
2015.02.18/Babar
2015.02.18/Shooting Elephants
2015.02.24/Scanbox
2015.02.25/Plugx goes to the registry and india
2015.02.25/Southeast asia threat landscape
2015.02.27/the anthem hack all roads lead to china
2015.02.27/The Anthem Hack All Roads Lead to China - ThreatConnect Enterprise Threat Intelligence Platform
2015.02.27/Anthem hack all roads lead to China
2015.03.05/Casper Malware
2015.03.06/Animals in the APT Farm
2015.03.06/Babar or Bunny
2015.03.10/Tibetan Uprising Day Malware Attacks
2015.03.11/Equation Drug
2015.03.19/Goldfish Phishing
2015.03.31/Volatile Cedar
2015.04.12/APT 30
2015.04.15/The Chronicles of the Hellsing APT
2015.04.15/Indicators of Compormise Hellsing
2015.04.16/Operation Pawn S
2015.04.18/Operation RussianDoll
2015.04.20/Sofacy II
2015.04.21/The CozyDuke APT
2015.04.22/CozyDuke
2015.04.27/Attacks against Israeli & Palestinian interests
2015.05.05/Attacks on France TV5 Monde
2015.05.07/Kraken
2015.05.12/APT 28
2015.05.12/Apt 28
2015.05.13/Cylance SPEAR Team
2015.05.14/The Naikon APT
2015.05.14(1)/Operation Tropic Trooper
2015.05.18/Cmstar Downloader
2015.05.19/Operation oil tanker
2015.05.21/TheNaikonAPT-MsnMM1
2015.05.21/TheNaikonAPT-MsnMM2
2015.05.26/Dissecting-LinuxMoose
2015.05.27/ANALYSIS ON APT-TO-BE ATTACK THAT FOCUSING ON CHINAS GOVERNMENT AGENCY
2015.05.27/Black Energy
2015.05.28/Grabit
2015.05.29/Ocean Lotus
2015.06.03/Thamar Reservoir
2015.06.04/Blue Termite
2015.06.09/Duqu 2.0 Win32K Exploit
2015.06.10/The Mystery of Duqu 2.0
2015.06.10/Duqu 2.0 Yara rules
2015.06.10/Duqu 2.0
2015.06.12/Afghan Government Compromise - Browser Beware
2015.06.15/Targeted Attacks against Tibetan and Hong Kong Groups Exploiting CVE-2014-4114
2015.06.16/Operation Lotus Blossom
2015.06.22/Winnti targeting pharmaceutical companies
2015.06.24/Unfinished Business
2015.06.26/Operation Clandestine Wolf
2015.06.26/OperationClandestineWolf
2015.06.28/APT on Taiwan
2015.06.30/Dino
2015.07.08/APT CVE-2015-5119
2015.07.08/Wild Neutron
2015.07.09/Butterfly
2015.07.10/APT group ups targets us gov
2015.07.13/Forkmeiam famous - Sea Duke
2015.07.13/Demonstrating Hustle
2015.07.14/Mini Dionis
2015.07.14/How pawn storms java zero day was used
2015.07.20/Watering Hole Aerospace CVE-2015-5122 IsSpace
2015.07.20/China Peace Palace
2015.07.22/Duke cloud Linux
2015.07.27/Apt29-Hammertoss
2015.07.28/Black Vine
2015.07.30/Operation Potao Express
2015.08.04/Terracotta VPN
2015.08.05/threat group - 3390
2015.08.08/Poison Ivy
2015.08.10/HTExploit Telemetry
2015.08.10/HT Exploit Topology.
2015.08.19/New Internet Explorer zero-day exploited in Hong Kong attacks
2015.08.20/Blue termite
2015.08.20/PlugX Threat Activity in Myanmar
2015.09.01/Rocket Kitten
2015.09.08/Musical chairs gh0st Malware
2015.09.08/Musical Chairs - gh0st Malware
2015.09.09/Satellite Turla APT
2015.09.09/Satellite Turla APT Command and Control in the Sky
2015.09.15/PlugX in Russia
2015.09.15/PlugX
2015.09.16/The Shadow Knows
2015.09.17/Operation Iron Tiger Appendix
2015.09.17/Operation Iron Tiger
2015.09.17/Dukes
2015.09.23/Project CameraShy
2015.10.03/Webmail Server APT
2015.10.05/threat identification
2015.10.15/Fin Fishers
2015.10.16/NGO Burmese Govt
2015.11.04/Evoling Threats
2015.11.09/Rocket Kitten
2015.11.10/Bookworm Trojan
2015.11.17/Pinpointing Targets Exploiting Web Analytics To Ensnare Victims
2015.11.18/Sakula Reloaded
2015.11.18/tdrop 2
2015.11.18/Amballa discovers new toolset
2015.11.18/Russian financial cybercrime
2015.11.18/Destover
2015.11.19/Emdivi
2015.11.19/Revealing the attack operations targeting Japan
2015.11.23/Prototype nation
2015.11.23/Prototype Nation - The Chinese Cybercriminal Underground in 2015
2015.11.23/Glass RAT
2015.11.23/Copy Kittens
2015.11.24/Bookworm Trojan
2015.11.30/Ponmocup
2015.12.01/China Based Threat Groups
2015.12.04/Sofacy APT
2015.12.07/Iran Based Attackers
2015.12.07/Fin1 targets boot record
2015.12.08/Packrat
2015.12.08/Packrat report
2015.12.13/Elise
2015.12.15/Newcomers in the Derusbi family
2015.12.16/operation black atlas part 2 tools and malware used and how to detect them
2015.12.16/Operation Black Atlas - Indicators_of_Compromise
2015.12.16/operation black atlas
2015.12.16/Operation Black Atlas - Technical Brief
2015.12.17/APT 28
2015.12.16/Inocnationcampaign
2015.12.18/Operation Lotus Blossom
2015.12.20/The EPS Awakens
2015.12.22/BBSRAT Roaming Tiger

2016

2016.01.03/Black Energy
2016.01.07/Operation DustySky
2016.01.07/Rigging Compromise
2016.01.14/Waterbug Attack Group
2016.01.14/Cisco HayStack
2016.01.19/Apt 2015
2016.01.19/APT 2015
2016.01.21/nettraveler
2016.01.21/NetTraveler
2016.01.24/Scarlet Minic
2016.01.26/BlackEnergy
2016.01.27/Dissecting the malware in inocnation campaign
2016.01.27/Hi ZOR RAT
2016.01.28/Black Energy APT
2016.01.29/Kasidet & Dridex
2016.01.29/Tinbapore Attack
2016.02.01/Massive Admedia Adverting iFrame Infection
2016.02.01/URL Zone
2016.02.03/Emissary Trojan
2016.02.04/Advanced Modular Backdoor
2016.02.08/Know your enemies
2016.02.09/Poseidon
2016.02.09/Poseidon’s APT Boutique
2016.02.11/india pakistan cyber rivalry
2016.02.12/Fysbis Sofacy Linux Backdoor
2016.02.23/Dust Storm Infographic
2016.02.23/Operation Dust Storm
2016.02.24/Operation Blockbuster Destructive Malware Report
2016.02.24/Operation Blockbuster Ex Summary
2016.02.24/Operation Blockbuster Loaders Installers and Uninstallers Report
2016.02.24/Operation Blockbuster RAT and Staging Report
2016.02.24/Operation Blockbuster Report
2016.02.24/Operation Blockbuster Tools Report
2016.02.29/Turbo Campaign Derusbi
2016.03.01/Operation Transparent Tribe
2016.03.03/BlackEnergy
2016.03.08/APT C 03
2016.03.08/onion dog a 3 year old apt
2016.03.08/Operation onion dog
2016.03.09/Operation Russian Doll
2016.03.10/Shifting Tactics
2016.03.14/Carbanak Cybercrime Group
2016.03.15/SuckFly
2016.03.17/Taiwan Presidential Election A Case Study on Thematic Targeting
2016.03.17/taiwant election targetting
2016.03.18/Attack on Ukraine Power Grid
2016.03.23/Operation C Major
2016.03.25/Project M
2016.04.12/Targeted attacks in South and Southeast Asia
2016.04.15/Pandas & Bears
2016.04.18/Between Hong Kong and Burma Tracking UP007 and SLServer Espionage Campaigns
2016.04.18/UP007
2016.04.21/New Poison Ivy
2016.04.21/teaching an old rat new tricks
2016.04.22/The Ghost Dragon
2016.04.26/Iran opens a new front
2016.04.26/New Poison Ivy Activity Targeting Myanmar, Asian Countries
2016.04.26/New Poison Ivy
2016.04.27/Repackaging Open Source Beef
2016.05.02/goznym malware
2016.05.02/prince of persia infy malware
2016.05.05/Jaku Botnet Campaign
2016.05.06/exploring cve-2015-2545
2016.05.09/Using honeypots & diamond model for ics threat analysis
2016.05.10/tinypos abaddonpos ties to tinyloader
2016.05.10/tinyPOS tinyloader
2016.05.17/indian organizations targeted suckfly attacks
2016.05.17/Mofang
2016.05.18/Operation Groundbait
2016.05.22/Operation Ke3chang
2016.05.22/Targeted attacks against banks in middle east
2016.05.23/RUAG
2016.05.24/New Wekby Attacks
2016.05.25/cve-2015-2545
2016.05.26/Oilrig Campaign
2016.05.27/ixeshe derivative iheate targets users in america
2016.06.02/fastPOS
2016.06.02/fastPOS
2016.06.09/Operation- Dusty Sky II
2016.06.16/Bears in the Midst Intrusion into the Democratic National Committee »
2016.06.16/bears midst intrusion democratic national-committee
2016.06.16/DNC networks
2016.06.16/threat group-4127
2016.06.17/Operation Daybreak
2016.06.21/RPT China
2016.06.21/the curious case of an unknown trojan targeting german speaking users
2016.06.21/the curious case of an unknown-trojan targeting german speaking users
2016.06.21/visiting the bear den recon 2016 calvet campos dupuy
2016.06.23/tracking elirks variants
2016.06.26/Nigerian cybercriminals target high impact industries in India
2016.06.26/Lotus Blosson Campaign
2016.06.28/Attack tool investigation
2016.06.28/prince or persia game over
2016.06.28/unit42 prince of persia game over
2016.06.29/Monsoon Analysis
2016.06.30/Asruex
2016.07.01/Pacifier APT
2016.07.01/SBDH toolkit targeting central eastern europe uncovered
2016.07.03/HummingBad
2016.07.07/nettraveler apt targets russian european interests
2016.07.07/Unveiling Patchwork
2016.07.08/The Dropping Elephant
2016.07.12/nanhaishu
2016.07.13/Furtim's
2016.07.13/Furtim- The Ultra-Cautious Malware
2016.07.13/furtims parent
2016.07.21/Hide & Seek
2016.07.21/APT-C-15
2016.07.21/Sphinx
2016.07.26/attack delivers 9002 trojan through google drive
2016.07.28/Dynasty
2016.08.02/Group 5 syria
2016.08.02/group5-syria
2016.08.03/Operation Manul
2016.08.04/Russian APT Toolkits
2016.08.06/APT-C-09
2016.08.06/APT-C-09
2016.08.07/strider
2016.08.07/Symantec Remsec IOCs
2016.08.08/Monsoon Analysis
2016.08.08/ProjectSauron
2016.08.08/The ProjectSauron APT IOCs
2016.08.08/The ProjectSauron APT research
2016.08.08/The ProjectSauron APT Technical Analysis
2016.08.11/Iran And The Soft War For Internet-Dominance
2016.08.16/Aveo
2016.08.17/Operation Ghoul
2016.08.19/Russian Cyber Operations On Steroids
2016.08.24/million dollar dissident iphone zero day nso group uae
2016.08.25/pegasus technical analysis
2016.09.01/human rights impersonation malware
2016.09.01/Iran And The Soft War For Internet Dominance
2016.09.06/Buckeye
2016.09.14/mile tea
2016.09.18/Hunting Libyan Scorpions AR
2016.09.18/Hunting Libyan Scorpions EN
2016.09.18/Hunting Libyan Scorpions
2016.09.26/sofacys komplex os x trojan
2016.09.28/Confucius Says
2016.09.28/Russia Hacks Bellingcat MH17 Investigation
2016.09.29/China & Cyber Attitudes Strategies Organisation
2016.10.03/StrongPity
2016.10.05/Wave your false flag
2016.10.16/A tale of two targets
2016.10.20/Sednit
2016.10.25/Houdini.s.Magic.Reappearance
2016.10.25/Sednit
2016.10.26/Moonlight
2016.10.27/blackgear
2016.10.27/BLACKGEAR
2016.10.27/Sednit
2016.10.31/emissary trojan
2016.10.31/Emissary Trojan
2016.11.03/Ukraine Cybersecurity Threat Briefing
2016.11.09/Houdini's RAT
2016.11.09/houdinis-rat
2016.11.22/tropic trooper
2016.11.30/nic cyber security themed
2016.12.13/Telebots
2016.12.15/Microsoft Security Intelligence Report

2017

2017.01.05/Iranian Fileless Attack Infiltrates Israeli Organizations
2017.01.05/Iranian Threat Agent OilRig
2017.01.09/Shamoon
2017.01.11/APT28
2017.01.12/The “EyePyramid” Attacks
2017.01.15/Bear Spotting
2017.01.18/Operation Grand Mars
2017.01.19/Uri Attack
2017.01.25/German Industrial Attacks
2017.01.30/Downeks & quasar rat
2017.02.02/PlugX
2017.02.03/Kingslayer
2017.02.03/Several Polish banks hacked
2017.02.10/Cyber Attack Targeting Indian Navy
2017.02.10/Grizzly Steppe
2017.02.12/Lazarus
2017.02.14/Operation Kingphish
2017.02.15/DragonOK Rambo Backdoor
2017.02.15/Pupy RAT
2017.02.15/Magic Hound
2017.02.15/The full Shamoon
2017.02.16/Technical analysis of recent attacks against Polish banks
2017.02.17/chches malware
2017.02.20/lazarus false flag malware
2017.02.21/additional insights shamoon2
2017.02.22/spear phishing mongolian govt
2017.02.23/APT 28
2017.02.27/The Gamaredon Group Toolset Evolution
2017.02.28/AtomBombing -Brand New Code Injection for Windows
2017.02.28/AtomBombing
2017.02.28/Dridex's Cold War Enter AtomBombing
2017.03.06/Report - Shamoon , StoneDrill
2017.03.08/Targeted Attack Campaigns with Multi-Variate Malware Observed in the Cloud
2017.03.14/Operation Electric Powder
2017.03.15/FHAPPI Campaign
2017.04.05/KASPERAGENT and MICROPSIA
2017.04.06/Cloud Hopper
2017.04.06/Operation cloud hopper
2017.04.10/Longhorn
2017.04.11/Unraveling the Lamberts Toolkit
2017.04.13/callisto group
2017.04.27/iranian fileless cyberattack on israel
2017.05.03/kazuar
2017.05.03/Konni
2017.05.14/APT-32
2017.05.24/operation cobalt kitty
2017.05.30/Lazarus
2017.06.12/CrashOverride
2017.06.12/Industroyer
2017.06.13/Hidden Cobra
2017.06.14/KASPERAGENT
2017.06.15/North Korea Cyber Activity
2017.06.18/Evolution of pirpi
2017.06.19/ShellTea PoSlurp
2017.06.22/Blacktech
2017.06.22/Ocean Lotus
2017.06.26/threat group 4127
2017.06.30/From BlackEnergy to ExPetr
2017.06.30/TeleBots
2017.07.05/Insider Information
2017.07.06/Operation Desert Eagle
2017.07.10/emmental
2017.07.11/winnti evolution going open source
2017.07.18/Inexsmar
2017.07.18/Inexsmar
2017.07.18/Winnti
2017.07.24/Tick Group
2017.07.27/chessmaster cyber espionage campaign
2017.07.27/chessmaster
2017.07.27/Oilrig
2017.07.27/Operation Wilted Tulip
2017.08.01/Cobalt Group
2017.08.08/APT Trends report Q2 2017
2017.08.11/APT-28
2017.08.15/Notepad and Chthonic
2017.08.17/Turla APT
2017.08.18/Russian Bank Offices
2017.08.25/Operation Rat Cook
2017.08.30/Gazer
2017.08.30/WhiteBear
2017.09.06/Dragonfly
2017.09.06/Dragonfly 2
2017.09.06/intelligence games in the power grid
2017.09.06/intelligence-games-in-the-power-grid
2017.09.12/CVE 2017-8759
2017.09.18/CCleanup
2017.09.18/Cloud Atlas
2017.09.20/Aurora Operation CCleaner
2017.09.20/CCleaner -C2
2017.09.28/Belarus CMSTAR Trojan
2017.09.XX/APT3
2017.10.02/Aurora Operation CCleaner
2017.10.10/Post Soviet Bank Heists
2017.10.12/Bronze Butler
2017.10.16/BlackOasis
2017.10.16/Leviathan
2017.10.16/Taiwan Heist
2017.10.19/Operation PZCHAO
2017.10.24/Greenbug
2017.10.27/Bahamaut Revisited
2017.10.30/Gaza Cybergang
2017.10.31/Night of the Devil
2017.11.02/New Insights into Energetic Bear's Attacks on Turkish Critical Infrastructure
2017.11.02/Inpage Exploits
2017.11.02/Keyboys
2017.11.02/LeetMX
2017.11.06/Chess Master
2017.11.06/oceanlotus
2017.11.07/APT-28
2017.11.07/Sowbug
2017.11.10/new malware with ties to sunorcal discovered
2017.11.14/muddying the water targeted attacks
2017.11.22/MuddyWater APT
2017.12.04/Carnabak
2017.12.04/The Shadows of ghosts
2017.12.05/Charming Kitten
2017.12.07/APT 34
2017.12.11/Money Taker
2017.12.11/Patchwork APT
2017.12.11/Patchwork APT
2017.12.14/attackers deploy new ics attack framework triton
2017.12.17/Operation Dragonfly Analysis
2017.12.19/north korea bitten by bitcoin bug
2017.12.19/north korea bitten by bitcoin bug

2018

2018.01.04/Iran Cyber Threat Carnegie
2018.01.06/Pyeong Olympics
2018.01.07/operation dustysky
2018.01.07/Operation DustySky
2018.01.09/Turla Mosquito
2018.01.09/turla
2018.01.11/North Korean Defectors and Journalists Targeted
2018.01.12/Pawn Storm Update
2018.01.15/New killdisk
2018.01.16/Korea in crosshairs
2018.01.16/north korea cryptocurrency campaign
2018.01.16/Skygofree
2018.01.16/Skygofree
2018.01.18/Dark Caracal
2018.01.18/Turla Neuron Malware
2018.01.24/Lazarus
2018.01.25/Oilrg
2018.01.26/Top hat campaign
2018.01.27/Dragonfish
2018.01.29/PoriewSpy India
2018.01.29/VERMIN - Quasar RAT and Custom Malware Used In Ukraine
2018.01.30/APT-32
2018.01.31/Comnie
2018.02.01/Operation Pzchao
2018.02.02/Gold Dragon
2018.02.07/VBS Campaign
2018.02.13/deciphering confucius
2018.02.13/Lotus Blossom
2018.02.20/APT-37
2018.02.20/APT37
2018.02.20/Sofacy
2018.02.20/Musical Chairs Playing Tetris
2018.02.21/Tempting Cedar spyware
2018.02.28/Chafer
2018.02.28/Sofacy Attacks Multiple Government Entities
2018.03.01/MuddyWater
2018.03.02/Operation Honeybee
2018.03.05/ComboJack
2018.03.06/Slingshot
2018.03.07/Patchwork
2018.03.08/Donot Team
2018.03.08/Hidden Cobra
2018.03.08/olympic destroyer
2018.03.08/Territorial Dispute
2018.03.09/apt-15
2018.03.09/APT15
2018.03.09/masha and these bears
2018.03.09/new traces hacking team wild
2018.03.09/Sandvine’s PacketLogic Devices APT
2018.03.12/MuddyWater
2018.03.13/therapeutic postmortem of connected medicine
2018.03.13/BlackTDS
2018.03.13/Iranian threat group
2018.03.13/OceanLotus
2018.03.14/Inception Framework
2018.03.14/Tropic Trooper’s New Strategy
2018.03.15/Russian Government Cyber Activity
2018.03.23/Targeted Attacks on South Korean Org
2018.03.27/Panda Banker Zeros
2018.03.29/ChessMaster
2018.03.31/NavRAT
2018.04.04/Oceanlotus
2018.04.12/Operation Parliament
2018.04.17/Iron Tiger Gh0st RAT Variant
2018.04.23/energetic bear
2018.04.23/Hogfish
2018.04.23/orangeworm
2018.04.24/metamorfo campaign
2018.04.24/operation ghostsecret
2018.04.24/sednit
2018.04.26/GravityRAT
2018.04.27/Ocean Lotus
2018.05.03/Burning Umbrella
2018.05.03/Red eyes hacking group
2018.05.03/whos who in the zoo
2018.05.03/ZooPark
2018.05.09/cve-2018-8174
2018.05.09/Iran's hacker hiearchy exposed
2018.05.22/the destruction of APT3
2018.05.22/turla mosquito
2018.05.23/Confucius
2018.05.23/VPNFilter
2018.05.29/Iron
2018.06.06/operation prowli
2018.06.06/Sofacy
2018.06.06/vpnfilter
2018.06.07/adobe flash zero day targeted attack
2018.06.07/Patchwork
2018.06.07/totally tubular treatise on triton and tristation
2018.06.13/luckymouse
2018.06.14/Muddywater
2018.06.14/MirageFox - APT15
2018.06.19/olympic destroyer
2018.06.20/Thrip
2018.06.22/Tick Group
2018.06.23/Andariel Group
2018.06.26/Rancor
2018.06.xx/Operation Red Gambler
2018.07.08/Big bang
2018.07.08/Hussarini
2018.07.09/certificates stolen taiwanese tech
2018.07.12/MDM - India
2018.07.13/Operation Roman Holiday
2018.07.16/New Andariel
2018.07.23/APT-27
2018.07.27/Dark Hydrus
2018.07.31/APT Side Winder
2018.07.31/Bisonal Malware
2018.08.01/Malicious document targets Vietnamese officials
2018.08.02/Goblin Panda
2018.08.02/Goldfin
2018.08.02/Gorgon Group
2018.08.09/North Korea Malware Families
2018.08.16/Chinese Cyberrespionage Tshinghua University
2018.08.21/Operation Red Signature
2018.08.21/Turla Outlook Backdoor
2018.08.23/Operation AppleJeus
2018.08.28/CeidPageLock
2018.08.29/Bahamut Confucius and Patchwork
2018.08.29/The Urpage Connection to Bahamut Confucius and Patchwork
2018.08.30/Cobalt Group
2018.08.30/Hidden Bee
2018.08.30/Stone Panda
2018.08.30/WindShift APT
2018.09.04/Oilrig
2018.09.04/Silence
2018.09.07/Domestic Kitten
2018.09.07/Goblin Panda targets Cambodia
2018.09.07/Targeted Attack on Indian Ministry of External Affairs using Crimson RAT
2018.09.10/LuckyMouse
2018.09.13/APT10 Targeting Japanese Corporations Using Updated TTPs
2018.09.19/Green Spot APT
2018.09.20/Poison Trumpet Vine Operation
2018.09.27/LoJax
2018.10.03/APT-38
2018.10.10/MuddyWater
2018.10.11/Gallmaker
2018.10.15/Octopus
2018.10.17/Grey Energy
2018.10.17/GreyEnergy
2018.10.17/Ocean Lotus Spy RATs
2018.10.17/MartyMcFly
2018.10.17/MartyMcFly Malware - Targeting Naval Industry
2018.10.18/APT Sidewinder
2018.10.18/Datper Bronze Butler
2018.10.18/Operation Oceansalt
2018.10.19/Dark Pulsar
2018.11.01/Outlaw Group
2018.11.05/Inception
2018.11.08/How the Lazarus Group is Emptying Millions from ATMs
2018.11.13/Temp Periscope
2018.11.19/APT 29
2018.11.20/Lazarus
2018.11.27/DNSpionage Campaign
2018.11.28/MuddyWater-Operations in Lebanon & Oman
2018.11.28/Tropic Trooper Microsoft
2018.11.29/Attacking Pakistan by exploiting InPage - EN
2018.11.30/Muddywater
2018.11.xx/The Hunt for 3ve
2018.12.11/Poking the Bear
2018.12.12/Donot Group
2018.12.12/Operation Sharpshooter
2018.12.13/The Return of The Charming Kitten
2018.12.13/Shamoon 3
2018.12.13/Tiledeb Shadow Brokers
2018.12.18/URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader
2018.12.20/Wind Shift
2018.12.27/The Enigmatic Roma225 Campaign
2018.12.28/Goblin Panda

2019

2019.01.16/Dark Hydrus
2019.01.16/DarkHydrus
2019.01.17/Rocke
2019.01.18/DarkHydrus
2019.01.18/WIRTE Group
2019.01.24/GandCrab and Ursnif Campaign
2019.01.30/Chafer
2019.01.30/Operation Kitty Phishing
2019.01.30/Orcus rat
2019.02.01/OceanLotus
2019.02.05/Analyzing Digital Quartermasters
2019.02.06/APT 10
2019.02.06/APT10
2019.02.14/Molerats APT
2019.02.14/Molerats
2019.02.18/APT C 36 Colombian
2019.02.20/Lazarus
2019.02.20/LAZARUS
2019.02.25/APT 10
2019.02.26/The Arsenal Behind the Australian Parliament Hack
2019.02.27/A Peek into BRONZE UNION’s Toolbox
2019.02.28/RIK Group
2019.03.04/APT 40
2019.03.06/Operation Pistacchietto
2019.03.06/Whitefly
2019.03.06/taidoor analysis
2019.03.07/SLUB Backdoor
2019.03.08/Supply Chain
2019.03.11/Gaming Industry Asia
2019.03.12/Operation Comando
2019.03.13/DMSniff POS Malware
2019.03.13/GlitchPOS Pos Malware
2019.03.13/Operation Sheep
2019.03.22/LUCKY ELEPHANT
2019.03.25/Operation Shadow Hammer
2019.03.27/Elfin
2019.03.28/Desktop , Mobile Phishing Campaign
2019.03.28/Above Us Only Stars
2019.03.28/Threat Actor Group using UAC Bypass Module to run BAT File
2019.04.02/OceanLotus
2019.04.10/The Muddy Waters
2019.04.10/Operation Sneaky Pastes
2019.04.10/Project TajMahal
2019.04.17/Aggah Campaign
2019.04.17/Operation Sea Turtle
2019.04.19/Ocean Lotus
2019.04.22/FINTEAM
2019.04.23/Operation Shadow Hammer
2019.04.24/TA 505
2019.04.30/SectorB06
2019.05.03/ZooPark
2019.05.07/ATMitch
2019.05.07/Buckeye
2019.05.07/Turla Light Neuron
2019.05.08/FIN7.5
2019.05.08/OceanLotus
2019.05.09/Iranian APT Leak
2019.05.11/Chinese APT Vietnamese
2019.05.13/Scar Cruft Bluetooth
2019.05.15/Winnti
2019.05.18/Operation BlackLion
2019.05.19/HiddenWasp
2019.05.22/Zebrocy land
2019.05.24/APT 10
2019.05.27/APT-C-38
2019.05.27/APT-C-38
2019.05.28/Emissary Panda
2019.05.29/TA 505
2019.05.29/Turla PowerShell
2019.05.30/ATM Malware
2019.06.03/Zebrocy
2019.06.04/APT Blueprint
2019.06.05/scattered canary
2019.06.10/Muddy Waters
2019.06.10/MuddyWater
2019.06.11/fishwrap group
2019.06.11/Fishwrap
2019.06.12/Threat Group Cards
2019.06.20/OceanLotus
2019.06.21/Waterbug
2019.06.25/MuddyC3
2019.06.25/Operation Soft Cell
2019.06.26/Iranian to Saudi
2019.06.27/ShadowGate
2019.07.01/Open Lotus
2019.07.01/Operation Tripoli
2019.07.03/CVE-2018-0798
2019.07.04/newsbeef apt
2019.07.04/Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi
2019.07.04/TA 505
2019.07.04/TA 505
2019.07.09/Sea turtle
2019.07.11/Buhtrap group
2019.07.15/SWEED
2019.07.16/SLUB
2019.07.17/EvilGnome
2019.07.17/Strong Pity Operations
2019.07.18/APT 34
2019.07.18/Okrum and Ketrican
2019.07.18/Proyecto RAT Colombian
2019.07.18/Proyecto RAT
2019.07.24/Operation Lag Time IT
2019.07.24/Resurgent Iron Liberty
2019.07.24/Winnti
2019.08.05/MACHETE
2019.08.05/Sharpening the Machete
2019.08.05/Latest Trickbot Campaign Delivered via Highly Obfuscated JS File
2019.08.07/APT 41
2019.08.07/APT41
2019.08.08/BITTER APT
2019.08.12/Cloud Atlas Activity
2019.08.14/Balkans Campaign
2019.08.20/Chinese APT
2019.08.21/The Gamaredon Group
2019.08.21/Silence 2.0
2019.08.22/Operation Task Masters
2019.08.26/APT-C-09
2019.08.27/China Chopper
2019.08.27/LYCEUM Threat Group
2019.08.27/APT Patchwork
2019.08.27/TA505
2019.08.29/Threat Actor ITG08
2019.08.29/Heatstroke Campaign
2019.08.29/SectorJ04
2019.08.29/Tick Tock
2019.08.31/Bitter APT
2019.09.04/Glupteba Campaign
2019.09.05/UPSynergy
2019.09.06/BITTER APT
2019.09.09/Thrip
2019.09.11/RANCOR APT
2019.09.15/Kittens
2019.09.18/Magecart Skimming Attack
2019.09.18/Tortoiseshell Group
2019.09.24/DeadlyKiss
2019.09.24/Tortoiseshell
2019.09.24/Russia APT Ecosystem
2019.09.26/Chinese APT Hackers Attack Windows Users via FakeNarrator Malware
2019.09.30/HELO Winnti
2019.10.01/New Adwind Campaign targets US Petroleum Industry
2019.10.01/KovCoreG Malvertising Campaign
2019.10.01/KovCoreG-Malvertising-Campaign
2019.10.01/New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign
2019.10.03/PKPLUG
2019.10.04/GEOST BOTNET
2019.10.07/Charming Kittens
2019.10.07/Kittens
2019.10.07/Mustang Panda
2019.10.07/Supply Chain Attacks
2019.10.09/FIN 6
2019.10.10/Attor
2019.10.10/ESET - Attor
2019.10.10/FIN 7
2019.10.10/Winnti
2019.10.14/Emotet External SOC
2019.10.14/winnti
2019.10.14/TURBINE PANDA
2019.10.15/Lowkey
2019.10.17/Operation Ghost
2019.10.21/Winnti Group’s skip-2.0_ A Microsoft SQL Server backdoor
2019.10.21/Geost Botnet
2019.10.28/SWEED
2019.10.31/Calypso APT
2019.10.31/MESSAGETAP
2019.11.04/Higaisa APT
2019.11.04/APT 38
2019.11.05/LAZARUS GAZE APT38
2019.11.08/Platinum Group
2019.11.1/Operation Wizard Opium
2019.11.12/TA 505
2019.11.13/APT 33
2019.11.20/APT-C-34
2019.11.20/Lazarus
2019.11.21/Registers as “Default Print Monitor”, but is a malicious downloader. Meet DePriMon
2019.11.25/Do not Team
2019.11.26/Dexpot
2019.11.28/RevengeHotels
2019.11.29/Operation ENDTRADE
2019.12.03/Threat Actor Targeting Hong Kong Pro-Democracy Figures
2019.12.04/Kurdish Coder Campaign
2019.12.04/Zero Cleare
2019.12.06/Cosmic Banker campaign
2019.12.10/TrickBot Planeswalker
2019.12.11/Waterbear
2019.12.11/Anchor IOCs
2019.12.11/Dropping Anchor
2019.12.12/Drilling Deep
2019.12.12/GALLIUM
2019.12.12/Operation Gamework
2019.12.16/My kings
2019.12.17/Dacls RAT
2019.12.17/Dacls, the Dual platform RAT
2019.12.17/Rancor
2019.12.19/Operation Wacao
2019.12.26/Trojan Lampion
2019.12.29/BRONZE PRESIDENT Targets NGOs

2020

2020.01.01/Side winder
2020.01.06/CVE-2019-2215 - Linked to SideWinder APT Group
2020.01.07/Dustman
2020.01.07/Iranian Cyber Response
2020.01.08/Operation AppleJeus Sequel
2020.01.09/NA EL Threat Perspective 2019
2020.01.13/APT27 ZXShell RootKit
2020.01.13/Reviving MuddyC3
2020.01.16/JhoneRAT
2020.01.31/Winnti
2020.01.xx/ZeroCleare
2020.02.03/Sharepoint Vulnerability
2020.02.10/Outlaw Updates
2020.02.13/Pierogi Backdoor
2020.02.17/Gamaredon Espionage Campaign
2020.02.17/CLAMBLING Dropbox Backdoor
2020.02.17/Fox Kitten Campaign
2020.02.18/Operation DRB Control
2020.02.19/The Lazarus Constellation
2020.02.21/MyKings Botnet
2020.02.22/Weaponizing a Lazarus Group Implant
2020.02.25/Cloud Snooper
2020.02.28/Nortrom Lion APT
2020.03.02/APT 34
2020.03.03/Kimsuky APT
2020.03.05/Dissecting Geost
2020.03.05/Guildma
2020.03.10/njRat IOCs
2020.03.10/njRAT
2020.03.10/Threat Alert Hacking the Hackers
2020.03.11/Operation Overtrap
2020.03.11/Operation Overtrap
2020.03.12/Tracking Turla
2020.03.12/Two Tailed Scorpion
2020.03.12/Vicious Panda
2020.03.15/APT 36
2020.03.19/Probing Pawn Storm
2020.03.24/Operation Poisoned News
2020.03.24/WildPressure
2020.03.25/APT 41
2020.03.26/Light Spy Two Sail Junk APT
2020.03.30/Operation Spy Cloud
2020.04.07/COVID White Paper
2020.04.07/Decade of the RATs
2020.04.07/New Ursnif campaign
2020.04.15/Chimera APT
2020.04.15/Covid-19 lures Syrians
2020.04.16/Exposing Modular Adware
2020.04.16/Icebucket TV Bot Attack
2020.04.16/Chimera
2020.04.17/Gamaredon APT Group
2020.04.20/WINNTI GROUP
2020.04.21/Evil Eye Threat Actor
2020.04.24/Posh C2 APT
2020.04.28/Grandoreiro
2020.04.28/Outlaw
2020.04.29/cta-2020-0429
2020.05.05/Nazar
2020.05.06/Leery Turtle
2020.05.06/Phantom Evilnum
2020.05.07/Blue Mockingbird
2020.05.07/Naikon APT Reloaded
2020.05.11/JsOutProx RAT
2020.05.11/Backconfig
2020.05.12/Tropic Trooper’s
2020.05.13/Ramsay
2020.05.14/Central Asia APT
2020.05.14/COMpfun
2020.05.14/Mikroceen
2020.05.14/RATicate
2020.05.14/Vendetta
2020.05.18/APT-C-23
2020.05.19/Greenbug
2020.05.21/APT 15
2020.05.21/Iranian Chafer APT
2020.05.21/Winnti
2020.05.26/ComRAT
2020.05.28/Operation WizardOpium
2020.05.29/Russian Cyber Attack Campaigns and Actors
2020.06.03/Cycldek
2020.06.03/Higasia APT
2020.06.08/GuLoader No, CloudEyE
2020.06.08/TA410
2020.06.11/Earth Empusa
2020.06.11/Gamaredon group
2020.06.15/Coordinated Spyware Operation
2020.06.16/Cobalt
2020.06.17/Acid Box
2020.06.17/Cobalt Strike
2020.06.17/Operation Interception
2020.06.18/InvisiMole
2020.06.19/India-China Border Dispute APT
2020.06.23/Wasted Locker Evil Corp Group
2020.06.24/Bronze Vinewood
2020.06.25/Leviathan
2020.06.26/Wasted Locker
2020.06.29/Promethium Strong Pity3
2020.06.30/StrongPity APT
2020.07.01/Uyghurs
2020.07.06/Magecart
2020.07.08/Copy cat of APT Sidewinder
2020.07.08/TA410
2020.07.08/Operation Honey Trap
2020.07.09/Cosmic Lynx
2020.07.12/SideWinder
2020.07.14/Molerats
2020.07.14/Turla Venomous Bear
2020.07.15/The Fake cisco
2020.07.16/APT-29
2020.07.17/DRIDEX
2020.07.20/APT attacks on state institutions in Kazakhstan and Kyrgyzstan
2020.07.22/Oilrig
2020.07.22/MATA
2020.07.28/Black jack
2020.07.29/Operation North Star
2020.08.03/TAIDOOR
2020.08.10/Gorgon APT
2020.08.12/Operation PowerFall
2020.08.13/CactusPete APT
2020.08.13/Operation Dream Job
2020.08.18/Lazarus Group
2020.08.20/APT Hackers for Hire
2020.08.20/TA505
2020.08.24/DeathStalker
2020.08.27/Kittens
2020.08.28/Transparent Tribe
2020.09.01/Chinese APT TA413
2020.09.03/Evilnum IOCs
2020.09.03/EvilNum
2020.09.08/TeamTNT
2020.09.11/Talos
2020.09.16/Partners in Crime
2020.09.17/Operation Tibbar
2020.09.21/Cobalt Strike
2020.09.22/APT28
2020.09.23/Operation SideCopy
2020.09.24/Empires in the Cloud
2020.09.25/APT C 43
2020.09.25/Finspy
2020.09.29/Palmerworm
2020.09.29/Winnti Group
2020.09.30/APT-C-23
2020.10.05/Mosaic Regressor
2020.10.06/Kraken Fileless APT
2020.10.07/report spark bahamut
2020.10.13/Operation Rubia Cordifolia
2020.10.14/Silent Librarian APT
2020.10.15/Muddywater
2020.10.19/Operation Earth Kitsune
2020.10.22/Bitter CHM APT
2020.10.23/APT C 44
2020.10.26/PlugX
2020.10.27/North Korean APT
2020.11.01/Transparent Tribe
2020.11.02/UNC1945
2020.11.04/KillSomeOne DLL APT
2020.11.06/OceanLotus
2020.11.10/APT 32
2020.11.12/Costa Ricto Campaign
2020.11.12/Lazarus
2020.11.12/Jupyter Infostealer
2020.11.12/ModPipe backdoor
2020.11.16/Chinese APT
2020.11.16/TA505
2020.11.17/Cicada Japan
2020.11.18/Bookcodes C2
2020.11.19/Medusa Locker Ransomware
2020.11.23/Clop Campaign
2020.11.26/Bandook
2020.11.27/APT27
2020.11.30/Coin Miner
2020.11.30/UNC1945
2020.12.01/AA20-336A APT Actors Targeting US ThinkTanks
2020.12.01/Red Kangaroo
2020.12.02/Turla Crutch
2020.12.03/Adversary Tracking Report
2020.12.07/Fake Security
2020.12.09/SideWinder
2020.12.13/Sunburst Backdoor
2020.12.15/APT C-47
2020.12.15/Lazarus
2020.12.16/AridViper Augury
2020.12.17/Operation SignSight
2020.12.17/Pay2Kitten
2020.12.19/Panda Vietnam
2020.12.22/FIN7 RYUK
2020.12.23/Lazarus
2020.12.29/Revenge RAT
2020.12.30/SolarWinds Attribution

2021

2021.01.04/APT 27
2021.01.04/Dridex
2021.01.04/Royal Road ReDive
2021.01.05/Earth Wendigo
2021.01.05/Recon Hellcat APT
2021.01.06/APT37
2021.01.06/LokiBot Infection Chain
2021.01.07/BrunHilda
2021.01.08/Charming Kitten
2021.01.11/Sunburst Kazuar
2021.01.11/Sunspot Analysis
2021.01.11/xHunt Campaign
2021.01.12/Chimera
2021.01.12/Operation Spalax
2021.01.12/STEEL CORGI
2021.01.14/APT 41
2021.01.20/Commonly Known Tools Used by Lazarus
2021.01.20/Patchwork
2021.01.28/Lebanese Cedar APT
2021.01.31/APT 41
2021.02.01/Operation NightScout
2021.02.02/Kobalos
2021.02.03/Hildegard
2021.02.08/Domestic Kitten
2021.02.09/Bendy Bear
2021.02.10/Lookout Discovers Novel Confucius APT
2021.02.17/Confucius APT Android Spyware Targets Pakistani and Other South Asian Regions
2021.02.22/APT31
2021.02.24/Click & Bait
2021.02.24/LazyScripter
2021.02.25/A41 APT
2021.02.25/Lazarus Threat Needle
2021.02.25/FriarFox
2021.02.28/RedEcho APT
2021.03.02/HAFNIUM APT
2021.03.02/Operation Exchange Marauder
2021.03.10/BADHATCH
2021.03.10/RedXOR
2021.03.11/Academics AI and APTs
2021.03.30/APT10
2021.03.30/BadBlood - TA453
2021.04.07/Sowing Discord
2021.04.08/APT34
2021.04.08/Vyveva Lazarus
2021.04.09/Iron Tiger
2021.04.13/CVE-2021-28310
2021.04.13/Hackers Flood
2021.04.19/Zebrocys Dropper
2021.04.19/Lazarus Apt
2021.04.20/Pulse Secure Zero Day
2021.04.23/Charming Kitten
2021.04.23/NAIKON
2021.04.27/Lazarus Group Recruitment
2021.04.28/unc1151 ghostwriter
2021.05.06/Operation TunnelSnake
2021.05.07/SVR TTPs
2021.05.13/Transparent Tribe
2021.05.25/Evolution of Agrius
2021.05.27/New sophisticated email-based attack from NOBELIUM
2021.05.28/Breaking down NOBELIUM’s latest early-stage toolset
2021.06.03/SharpPanda
2021.06.08/PuzzleMaker attacks with Chrome zero-day exploit chain
2021.06.10/APT41 - Big airline heist
2021.06.16/Ferocious Kitten: 6 years of covert surveillance in Iran
2021.06.16/Threat Activity Group RedFoxtrot Linked to China’s PLA Unit 69010
2021.06.24/Operation Eagle Eye
2021.07.01/IndigoZebra APT continues to attack Central Asia with evolving tools
2021.07.05/Tracking Cobalt Strike
2021.07.06/Lazarus campaign TTPs and evolution
2021.07.07/InSideCopy: How this APT continues to evolve its arsenal
2021.07.19/Tactics, Techniques, and Procedures of Indicted APT40 Actors
2021.07.20/Tracking the Activities of TeamTNT
2021.07.27/THOR: Previously Unseen PlugX Variant Deployed
2021.07.28/TA456 Targets Defense Contractor
2021.08.02/TG1021: “Praying Mantis”
2021.08.03/The Art of Cyberwarfare
2021.08.03/DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos
2021.08.03/APT31 new dropper
2021.08.10/UNC215: Spotlight on a Chinese Espionage Campaign in Israel
2021.08.12/Uncovering Tetris
2021.08.14/Indra
2021.08.17/North Korean APT InkySquid Infects Victims Using Browser Exploits
2021.08.17/New Iranian Espionage Campaign
2021.08.19/SHADOWPAD
2021.08.25/FIN8 Threat Actor
2021.09.08/Pro-PRC Influence
2021.09.09/Dark Covenant
2021.09.13/APT-C-36 Updates Its Spam Campaign
2021.09.23/FamousSparrow
2021.09.27/FoggyWeb
2021.09.28/FinSpy: unseen findings
2021.09.30/GhostEmperor
2021.10.04/Malware Gh0stTimes Used by BlackTech
2021.10.05/UEFI threats moving to the ESP: Introducing ESPecter bootkit
2021.10.06/Operation GhostShell: Novel RAT Targets Global Aerospace and Telecoms Firms
2021.10.11/FontOnLake: Previously unknown malware family targeting Linux
2021.10.12/MysterySnail attacks with Windows zero-day
2021.10.14/MirrorBlast Campaign Targets Financial Companies
2021.10.18/Harvester - Nation-state-backed group targets victims in South Asia
2021.10.19/A Roaming Threat to Telecommunications Companies
2021.10.19/PurpleFox Adds New Backdoor That Uses WebSockets
2021.10.19/TA505 Ramps Up Activity, Delivers New FlawedGrace Variant
2021.10.20/TightVNC Used by Kimsuky Group
2021.10.20/FiveSYS
2021.10.26/Malware WinDealer used by LuoYu Attack Group.
2021.10.26/SQUIRRELWAFFLE Leverages malspam to deliver Qakbot Cobalt Strike
2021.10.27/WsLink: Unique and undocumented malicious loader thatruns as a server
2021.10.27/TA2722: New Threat Actor Spoofs Philippine Government, COVID19 Health Data in Widespread RAT Campaigns
2021.10.28/HelloKitty: Tactics, Techniques, and Indicators of Compromise Associated with Hello Kitty/FiveHands Ransomware
2021.10.28/AbstractEmu:Rooting Malware Makes a Comeback: Lookout Discovers Global Campaign
2021.11.02/APT-C-59
2021.11.03/Dissecting new AppleSeed backdoor of Kimsuky threat actor
2021.11.05/Hunter Becomes Hunted: Zebra2104 Hides a Herd of Malware
2021.11.07/Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer
2021.11.08/DEV-0322: Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus
2021.11.10/Lazarus Group trojanized IDA Pro Installer
2021.11.10/Lazarus Group - NukeSped
2021.11.17/Alert (AA21-321A) Iranian Government-Sponsored APT Cyber Actors
2021.11.18/Triple Threat: North Korea-Aligned TA406 Steals, Scams and Spies
2021.11.22/Tardigrade: APT Attack on the Bioeconomy

Want to sponsor vx-underground?

Your information could go here