mirror of
https://github.com/valitydev/APT_CyberCriminal_Campagin_Collections.git
synced 2024-11-06 08:45:24 +00:00
2014 fix
This commit is contained in:
cybermonitor
parent
bd31e5896a
commit
3accaa8920
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
44
README.md
44
README.md
@ -960,7 +960,7 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
||||
* Dec 10 - [[Ahnlab] South Korea MBR Wiper](http://asec.ahnlab.com/1015) | [:closed_book:](../../blob/master/2014/2014.12.10_South_Korea_MBR_Wiper)
|
||||
* Dec 10 - [[F-Secure] W64/Regin, Stage #1](https://www.f-secure.com/documents/996508/1030745/w64_regin_stage_1.pdf) | [:closed_book:](../../blob/master/2014/2014.12.10.W64_Regin)
|
||||
* Dec 10 - [[F-Secure] W32/Regin, Stage #1](https://www.f-secure.com/documents/996508/1030745/w32_regin_stage_1.pdf) | [:closed_book:](../../blob/master/2014/2014.12.10_W32_Regin)
|
||||
* Dec 10 - [Cloud Atlas: RedOctober APT](http://securelist.com/blog/research/68083/cloud-atlas-redoctober-apt-is-back-in-style/)
|
||||
* Dec 10 - [[Kaspersky] Cloud Atlas: RedOctober APT](http://securelist.com/blog/research/68083/cloud-atlas-redoctober-apt-is-back-in-style/) | [:closed_book:](../../blob/master/2014/2014.12.10.RedOctober_APT)
|
||||
* Dec 09 - [[BlueCoat] The Inception Framework](https://www.bluecoat.com/security-blog/2014-12-09/blue-coat-exposes-%E2%80%9C-inception-framework%E2%80%9D-very-sophisticated-layered-malware) | [:closed_book:](../../blob/master/2014/2014.12.09_The_Inception_Framework)
|
||||
* Dec 08 - [[Kaspersky] The 'Penquin' Turla](http://securelist.com/blog/research/67962/the-penquin-turla-2/) | [:closed_book:](../../blob/master/2014/2014.12.08.Penquin_Turla)
|
||||
* Dec 05 - [[Cylance] Operation Cleaver: The Notepad Files](http://blog.cylance.com/operation-cleaver-the-notepad-files) | [:closed_book:](../../blob/master/2014/2014.12.05.Operation_Cleaver)
|
||||
@ -971,15 +971,15 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
||||
* Nov 24 - [[Kaspersky] Kaspersky's report on The Regin Platform](http://securelist.com/blog/research/67741/regin-nation-state-ownage-of-gsm-networks/) | [:closed_book:](../../blob/master/2014/2014.11.24.Regin_Platform)
|
||||
* Nov 24 - [[Symantec] Regin: Top-tier espionage tool enables stealthy surveillance](http://www.symantec.com/connect/blogs/regin-top-tier-espionage-tool-enables-stealthy-surveillance) | [:closed_book:](../../blob/master/2014/2014.11.24.Regin_Top-tier_espionage)
|
||||
* Nov 21 - [[FireEye] Operation Double Tap](https://www.fireeye.com/blog/threat-research/2014/11/operation_doubletap.html) | [IOCs](https://github.com/FireEye/iocs/tree/master/APT3) | [:closed_book:](../../blob/master//2014/2014.11.21.Operation_Double_Tap)
|
||||
* Nov 20 - [[] EvilBunny: Suspect #4](http://0x1338.blogspot.co.uk/2014/11/hunting-bunnies.html) | [:closed_book:](../../blob/master//2014/2014.11.20.EvilBunny)
|
||||
* Nov 14 - [[] Roaming Tiger (Slides)](http://2014.zeronights.ru/assets/files/slides/roaming_tiger_zeronights_2014.pdf) | [:closed_book:](../../blob/master/2014/2014.11.14.Roaming_Tiger)
|
||||
* Nov 20 - [[0x1338] EvilBunny: Suspect #4](http://0x1338.blogspot.co.uk/2014/11/hunting-bunnies.html) | [:closed_book:](../../blob/master//2014/2014.11.20.EvilBunny)
|
||||
* Nov 14 - [[ESET] Roaming Tiger (Slides)](http://2014.zeronights.ru/assets/files/slides/roaming_tiger_zeronights_2014.pdf) | [:closed_book:](../../blob/master/2014/2014.11.14.Roaming_Tiger)
|
||||
* Nov 14 - [[F-Secure] OnionDuke: APT Attacks Via the Tor Network](http://www.f-secure.com/weblog/archives/00002764.html) | [:closed_book:](../../blob/master/2014/2014.11.14.OnionDuke)
|
||||
* Nov 13 - [[Symantec] Operation CloudyOmega: Ichitaro 0-day targeting Japan](http://www.symantec.com/connect/blogs/operation-cloudyomega-ichitaro-zero-day-and-ongoing-cyberespionage-campaign-targeting-japan) | [:closed_book:](../../blob/master/2014/2014.11.13.Operation_CloudyOmega)
|
||||
* Nov 12 - [[ESET] Korplug military targeted attacks: Afghanistan & Tajikistan](http://www.welivesecurity.com/2014/11/12/korplug-military-targeted-attacks-afghanistan-tajikistan/) | [:closed_book:](../../blob/master/2014/2014.11.12.Korplug)
|
||||
* Nov 11 - [[GDATA] The Uroburos case- Agent.BTZ’s successor, ComRAT](http://blog.gdatasoftware.com/blog/article/the-uroburos-case-new-sophisticated-rat-identified.html) | [:closed_book:](../../blob/master/2014/2014.11.11.ComRAT)
|
||||
* Nov 10 - [[Kaspersky] The Darkhotel APT - A Story of Unusual Hospitality](https://securelist.com/blog/research/66779/the-darkhotel-apt/) | [:closed_book:](../../blob/master/2014/2014.11.10.Darkhotel)
|
||||
* Nov 03 - [[FireEye] Operation Poisoned Handover: Unveiling Ties Between APT Activity in Hong Kong’s Pro-Democracy Movement](http://www.fireeye.com/blog/technical/2014/11/operation-poisoned-handover-unveiling-ties-between-apt-activity-in-hong-kongs-pro-democracy-movement.html) | [:closed_book:](../../blob/master/2014/2014.11.03.Operation_Poisoned_Handover)
|
||||
* Nov 03 - [New observations on BlackEnergy2 APT activity](https://securelist.com/blog/research/67353/be2-custom-plugins-router-abuse-and-target-profiles/)
|
||||
* Nov 03 - [[Kaspersky] New observations on BlackEnergy2 APT activity](https://securelist.com/blog/research/67353/be2-custom-plugins-router-abuse-and-target-profiles/) | [:closed_book:](../../blob/master/2014/2014.11.03.BlackEnergy2_APT)
|
||||
* Oct 31 - [[GData] Operation TooHash](https://blog.gdatasoftware.com/blog/article/operation-toohash-how-targeted-attacks-work.html) | [:closed_book:](../../blob/master/2014/2014.10.31.Operation_TooHash)
|
||||
* Oct 30 - [[Sophos] The Rotten Tomato Campaign](http://blogs.sophos.com/2014/10/30/the-rotten-tomato-campaign-new-sophoslabs-research-on-apts/) | [:closed_book:](../../blob/master/2014/2014.10.30.Rotten_Tomato_Campaign)
|
||||
* Oct 28 - [[CISCO] Group 72, Opening the ZxShell](http://blogs.cisco.com/talos/opening-zxshell/) | [:closed_book:](../../blob/master/2014/2014.10.28.Group_72_ZxShell)
|
||||
@ -997,25 +997,25 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
||||
* Oct 14 - [[Novetta] Derusbi Preliminary Analysis](http://www.novetta.com/wp-content/uploads/2014/11/Derusbi.pdf) | [:closed_book:](../../blob/master/2014/2014.10.14.Derusbi_Analysis)
|
||||
* Oct 14 - [[Novetta] Hikit Preliminary Analysis](http://www.novetta.com/wp-content/uploads/2014/11/HiKit.pdf) | [:closed_book:](../../blob/master/2014/2014.10.14.Hikit_Preliminary_Analysis)
|
||||
* Oct 14 - [[Novetta] ZoxPNG Preliminary Analysis](http://www.novetta.com/wp-content/uploads/2014/11/ZoxPNG.pdf) | [:closed_book:](../../blob/master/2014/2014.10.14.ZoxPNG)
|
||||
* Oct 09 - [Democracy in Hong Kong Under Attack](http://www.volexity.com/blog/?p=33)
|
||||
* Oct 09 - [[Volexity] Democracy in Hong Kong Under Attack](http://www.volexity.com/blog/?p=33) | [:closed_book:](../../blob/master/2014/2014.10.09.Democracy_Hong_Kong_Under_Attack)
|
||||
* Oct 03 - [[Palo Alto Networks] New indicators for APT group Nitro](http://researchcenter.paloaltonetworks.com/2014/10/new-indicators-compromise-apt-group-nitro-uncovered/) | [:closed_book:](../../blob/master/2014/2014.10.03.Nitro_APT)
|
||||
* Sep 26 - [[F-Secure] BlackEnergy & Quedagh](https://www.f-secure.com/documents/996508/1030745/blackenergy_whitepaper.pdf) | [:closed_book:](../../blob/master/2014/2014.09.26.BlackEnergy_Quedagh)
|
||||
* Sep 26 - [Aided Frame, Aided Direction (Sunshop Digital Quartermaster)](http://www.fireeye.com/blog/technical/2014/09/aided-frame-aided-direction-because-its-a-redirect.html)
|
||||
* Sep 26 - [[FireEye] Aided Frame, Aided Direction (Sunshop Digital Quartermaster)](http://www.fireeye.com/blog/technical/2014/09/aided-frame-aided-direction-because-its-a-redirect.html) | [:closed_book:](../../blob/master/2014/2014.09.26.Aided_Frame_Aided_Direction)
|
||||
* Sep 23 - [Ukraine and Poland Targeted by BlackEnergy (video)](https://www.youtube.com/watch?v=I77CGqQvPE4)
|
||||
* Sep 19 - [[Palo Alto Networks] Watering Hole Attacks using Poison Ivy by "th3bug" group](http://researchcenter.paloaltonetworks.com/2014/09/recent-watering-hole-attacks-attributed-apt-group-th3bug-using-poison-ivy/) | [:closed_book:](../../blob/master/2014/2014.09.19.th3bug_Poison_Ivy)
|
||||
* Sep 18 - [[F-Secure] COSMICDUKE: Cosmu with a twist of MiniDuke](http://www.f-secure.com/documents/996508/1030745/cosmicduke_whitepaper.pdf) | [:closed_book:](../../blob/master/2014/2014.09.18.COSMICDUKE)
|
||||
* Sep 17 - [Chinese intrusions into key defense contractors](http://www.armed-services.senate.gov/press-releases/sasc-investigation-finds-chinese-intrusions-into-key-defense-contractors)
|
||||
* Sep 17 - [[U.S. Senate Committee] Chinese intrusions into key defense contractors](http://www.armed-services.senate.gov/press-releases/sasc-investigation-finds-chinese-intrusions-into-key-defense-contractors) | [:closed_book:](../../blob/master/2014/2014.09.17.Chinese_APT_defense_contractors)
|
||||
* Sep 10 - [[FireEye] Operation Quantum Entanglement](http://www.fireeye.com/resources/pdfs/white-papers/FireEye-operation-quantum-entanglement.pdf) | [:closed_book:](../../blob/master/2014/2014.09.10.Operation_Quantum_Entanglement)
|
||||
* Sep 08 - [[Usenix] When Governments Hack Opponents: A Look at Actors and Technology](https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-marczak.pdf) [video](https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/marczak) | [:closed_book:](../../blob/master/2014/2014.09.08.When_Governments_Hack_Opponents)
|
||||
* Sep 08 - [[Usenix] Targeted Threat Index: Characterizingand Quantifying Politically-MotivatedTargeted Malware](https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-hardy.pdf) [video](https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/hardy) | [:closed_book:](../../blob/master/2014/2014.09.08.Targeted_Threat_Index)
|
||||
* Sep 04 - [Gholee – a “Protective Edge” themed spear phishing campaign](http://www.clearskysec.com/gholee-a-protective-edge-themed-spear-phishing-campaign/) | [:closed_book:](../../blob/master/2014/2014.09.04.Gholee)
|
||||
* Sep 04 - [[ClearSky] Gholee – a “Protective Edge” themed spear phishing campaign](http://www.clearskysec.com/gholee-a-protective-edge-themed-spear-phishing-campaign/) | [:closed_book:](../../blob/master/2014/2014.09.04.Gholee)
|
||||
* Sep 04 - [[FireEye] Forced to Adapt: XSLCmd Backdoor Now on OS X](http://www.fireeye.com/blog/technical/malware-research/2014/09/forced-to-adapt-xslcmd-backdoor-now-on-os-x.html) | [:closed_book:](../../blob/master/2014/2014.09.04.XSLCmd_OSX)
|
||||
* Sep 03 - [Darwin’s Favorite APT Group (APT12)](http://www.fireeye.com/blog/technical/botnet-activities-research/2014/09/darwins-favorite-apt-group-2.html)
|
||||
* Sep 04 - [[Netresec] Analysis of Chinese MITM on Google](https://paper.seebug.org/papers/APT/APT_CyberCriminal_Campagin/2014/Chinese_MITM_Google.pdf) | [:closed_book:](../../blob/master/2014/2014.09.04.Analysis_of_Chinese_MITM_on_Google)
|
||||
* Sep 03 - [[FireEye] Darwin’s Favorite APT Group (APT12)](http://www.fireeye.com/blog/technical/botnet-activities-research/2014/09/darwins-favorite-apt-group-2.html) | [:closed_book:](../../blob/master/2014/2014.09.03.Darwin_APT)
|
||||
* Aug 29 - [[FireEye] Syrian Malware Team Uses BlackWorm for Attacks](http://www.fireeye.com/blog/technical/2014/08/connecting-the-dots-syrian-malware-team-uses-blackworm-for-attacks.html) | [:closed_book:](../../blob/master/2014/2014.08.29.BlackWorm_Syrian)
|
||||
* Aug 28 - [Scanbox: A Reconnaissance Framework Used with Watering Hole Attacks](https://www.alienvault.com/open-threat-exchange/blog/scanbox-a-reconnaissance-framework-used-on-watering-hole-attacks)
|
||||
* Aug 27 - [North Korea’s cyber threat landscape](http://h30499.www3.hp.com/hpeb/attachments/hpeb/off-by-on-software-security-blog/388/2/HPSR%20SecurityBriefing_Episode16_NorthKorea.pdf)
|
||||
* Aug 28 - [[AlienVault] Scanbox: A Reconnaissance Framework Used with Watering Hole Attacks](https://www.alienvault.com/open-threat-exchange/blog/scanbox-a-reconnaissance-framework-used-on-watering-hole-attacks) | [:closed_book:](../../blob/master/2014/2014.08.28.Scanbox_Framework_Watering_Hole_Attack)
|
||||
* Aug 27 - [[Kaspersky] NetTraveler APT Gets a Makeover for 10th Birthday](https://securelist.com/blog/research/66272/nettraveler-apt-gets-a-makeover-for-10th-birthday/) | [:closed_book:](../../blob/master/2014/2014.08.27.NetTraveler)
|
||||
* Aug 25 - [Vietnam APT Campaign](http://blog.malwaremustdie.org/2014/08/another-country-sponsored-malware.html)
|
||||
* Aug 25 - [[Malware Must Die] Vietnam APT Campaign](http://blog.malwaremustdie.org/2014/08/another-country-sponsored-malware.html) | [:closed_book:](../../blob/master/2014/2014.08.25.Vietnam_APT)
|
||||
* Aug 20 - [[Kaspersky] El Machete](https://securelist.com/blog/research/66108/el-machete/) | [:closed_book:](../../blob/master/2014/2014.08.20.El_Machete)
|
||||
* Aug 18 - [[Kaspersky] The Syrian Malware House of Cards](https://securelist.com/blog/research/66051/the-syrian-malware-house-of-cards/) | [:closed_book:](../../blob/master/2014/2014.08.18.Syrian_Malware_House_of_Cards)
|
||||
* Aug 16 - [[HP] Profiling an enigma: The mystery of North Korea’s cyber threat landscape](https://time.com/wp-content/uploads/2014/12/hpsr_securitybriefing_episode16_northkorea.pdf) | [:closed_book:](../../blob/master/2014/2014.08.16.North_Korea_cyber_threat_landscape)
|
||||
@ -1028,18 +1028,18 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
||||
* Jul 31 - [[Kaspersky] Energetic Bear/Crouching Yeti](https://kasperskycontenthub.com/securelist/files/2014/07/EB-YetiJuly2014-Public.pdf) | [:closed_book:](../../blob/master/2014/2014.07.31.Energetic_Bear)
|
||||
* Jul 29 - [[Dell] Threat Group-3279 Targets the Video Game Industry](https://www.secureworks.com/research/threat-group-3279-targets-the-video-game-industry) | [:closed_book:](../../blob/master/2014/2014.07.29.Threat_Group-3279_Targets_the_Video_Game_Industry)
|
||||
* Jul 20 - [[Vinsula] Sayad (Flying Kitten) Analysis & IOCs](http://vinsula.com/2014/07/20/sayad-flying-kitten-infostealer-malware/) | [:closed_book:](../../blob/master/2014/2014.07.20.Flying_Kitten)
|
||||
* Jul 11 - [Pitty Tiger](https://bitbucket.org/cybertools/whitepapers/downloads/Pitty%20Tiger%20Final%20Report.pdf) | [:closed_book:](../../blob/master/2014/2014.07.11.Pitty_Tiger)
|
||||
* Jul 11 - [[AirBus] Pitty Tiger](https://bitbucket.org/cybertools/whitepapers/downloads/Pitty%20Tiger%20Final%20Report.pdf) | [:closed_book:](../../blob/master/2014/2014.07.11.Pitty_Tiger)
|
||||
* Jul 10 - [[CIRCL] TR-25 Analysis - Turla / Pfinet / Snake/ Uroburos](http://www.circl.lu/pub/tr-25/) | [:closed_book:](../../blob/master/2014/2014.07.10.Turla_Pfinet_Snake_Uroburos)
|
||||
* Jul 07 - [Deep Pandas, Deep in Thought: Chinese Targeting of National Security Think Tanks](http://blog.crowdstrike.com/deep-thought-chinese-targeting-national-security-think-tanks/) | [:closed_book:](../../blob/master/2014/2014.07.07.Deep_in_Thought)
|
||||
* Jul 07 - [[CrowdStrike] Deep Pandas, Deep in Thought: Chinese Targeting of National Security Think Tanks](http://blog.crowdstrike.com/deep-thought-chinese-targeting-national-security-think-tanks/) | [:closed_book:](../../blob/master/2014/2014.07.07.Deep_in_Thought)
|
||||
* Jul 10 - [[TrapX] Anatomy of the Attack: Zombie Zero](http://www.trapx.com/wp-content/uploads/2014/07/TrapX_ZOMBIE_Report_Final.pdf) | [:closed_book:](../../blob/master/2014/2014.07.10.Zombie_Zero)
|
||||
* Jun 30 - [[Symantec] Dragonfly: Cyberespionage Attacks Against Energy Suppliers](http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf) | [:closed_book:](../../blob/master/2014/2014.06.30.Dragonfly)
|
||||
* Jun 20 - [Embassy of Greece Beijing](http://thegoldenmessenger.blogspot.de/2014/06/blitzanalysis-embassy-of-greece-beijing.html)
|
||||
* Jun 20 - [[Blitzanalysis] Embassy of Greece Beijing](http://thegoldenmessenger.blogspot.de/2014/06/blitzanalysis-embassy-of-greece-beijing.html) | [:closed_book:](../../blob/master/2014/2014.06.20.Embassy_of_Greece_Beijing)
|
||||
* Jun 09 - [[CrowdStrike] Putter Panda](http://cdn0.vox-cdn.com/assets/4589853/crowdstrike-intelligence-report-putter-panda.original.pdf) | [:closed_book:](../../blob/master/2014/2014.06.09.Putter_Panda)
|
||||
* Jun 06 - [Illuminating The Etumbot APT Backdoor (APT12)](http://www.arbornetworks.com/asert/wp-content/uploads/2014/06/ASERT-Threat-Intelligence-Brief-2014-07-Illuminating-Etumbot-APT.pdf)
|
||||
* May 28 - [NewsCaster_An_Iranian_Threat_Within_Social_Networks](https://www.isightpartners.com/2014/05/newscaster-iranian-threat-inside-social-media/) | [:closed_book:](../../blob/master/2014/2014.05.28.NewsCaster_An_Iranian_Threat_Within_Social_Networks)
|
||||
* Jun 06 - [[Arbor] Illuminating The Etumbot APT Backdoor (APT12)](http://www.arbornetworks.com/asert/wp-content/uploads/2014/06/ASERT-Threat-Intelligence-Brief-2014-07-Illuminating-Etumbot-APT.pdf) | [:closed_book:](../../blob/master/2014/2014.06.06.Etumbot_APT_Backdoor)
|
||||
* May 28 - [[iSightPartners] NewsCaster_An_Iranian_Threat_Within_Social_Networks](https://www.isightpartners.com/2014/05/newscaster-iranian-threat-inside-social-media/) | [:closed_book:](../../blob/master/2014/2014.05.28.NewsCaster_An_Iranian_Threat_Within_Social_Networks)
|
||||
* May 21 - [[Fidelis] RAT in jar: A phishing campaign using Unrecom](http://www.fidelissecurity.com/sites/default/files/FTA_1013_RAT_in_a_jar.pdf) | [:closed_book:](../../blob/master/2014/2014.05.21.Unrecom_Rat)
|
||||
* May 20 - [[ESET] Miniduke Twitter C&C](http://www.welivesecurity.com/2014/05/20/miniduke-still-duking/) | [:closed_book:](../../blob/master/2014/2014.05.20.Miniduke_Twitter_CnC)
|
||||
* May 13 - [CrowdStrike's report on Flying Kitten](http://blog.crowdstrike.com/cat-scratch-fever-crowdstrike-tracks-newly-reported-iranian-actor-flying-kitten/)
|
||||
* May 13 - [[CrowdStrike] Cat Scratch Fever: CrowdStrike Tracks Newly Reported Iranian Actor as FLYING KITTEN](http://blog.crowdstrike.com/cat-scratch-fever-crowdstrike-tracks-newly-reported-iranian-actor-flying-kitten/) | [:closed_book:](../../blob/master/2014/2014.05.13.Flying.Kitten)
|
||||
* May 13 - [[FireEye] Operation Saffron Rose (aka Flying Kitten)](http://www.fireeye.com/resources/pdfs/FireEye-operation-saffron-rose.pdf) | [:closed_book:](../../blob/master/2014/2014.05.13.Operation_Saffron_Rose)
|
||||
* Apr 26 - [[FireEye] CVE-2014-1776: Operation Clandestine Fox](https://www.fireeye.com/blog/threat-research/2014/05/operation-clandestine-fox-now-attacking-windows-xp-using-recently-discovered-ie-vulnerability.html) | [:closed_book:](../../blob/master/2014/2014.04.26.Operation_Clandestine_Fox)
|
||||
* Mar 12 - [[FireEye] A Detailed Examination of the Siesta Campaign](https://www.fireeye.com/blog/threat-research/2014/03/a-detailed-examination-of-the-siesta-campaign.html) | [:closed_book:](../../blob/master/2014/2014.03.12.Detailed_Siesta_Campaign)
|
||||
@ -1047,9 +1047,9 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
||||
* Mar 07 - [[BAE] Snake Campaign & Cyber Espionage Toolkit](http://info.baesystemsdetica.com/rs/baesystems/images/snake_whitepaper.pdf) | [:closed_book:](../../blob/master/2014/2014.03.07.Snake_Campaign)
|
||||
* Mar 06 - [[Trend Micro] The Siesta Campaign](http://blog.trendmicro.com/trendlabs-security-intelligence/the-siesta-campaign-a-new-targeted-attack-awakens/) | [:closed_book:](../../blob/master/2014/2014.03.06.The_Siesta_Campaign)
|
||||
* Feb 28 - [[GData] Uroburos: Highly complex espionage software with Russian roots](https://public.gdatasoftware.com/Web/Content/INT/Blog/2014/02_2014/documents/GData_Uroburos_RedPaper_EN_v1.pdf) | [:closed_book:](../../blob/master/2014/2014.02.28.Uroburos)
|
||||
* Feb 25 - [The French Connection: French Aerospace-Focused CVE-2014-0322 Attack Shares Similarities with 2012 Capstone Turbine Activity](http://blog.crowdstrike.com/french-connection-french-aerospace-focused-cve-2014-0322-attack-shares-similarities-2012/) | [:closed_book:](../../blob/master/2014/2014.02.25.The_French_Connection)
|
||||
* Feb 25 - [[CrowdStrike] The French Connection: French Aerospace-Focused CVE-2014-0322 Attack Shares Similarities with 2012 Capstone Turbine Activity](http://blog.crowdstrike.com/french-connection-french-aerospace-focused-cve-2014-0322-attack-shares-similarities-2012/) | [:closed_book:](../../blob/master/2014/2014.02.25.The_French_Connection)
|
||||
* Feb 23 - [[Fidelis] Gathering in the Middle East, Operation STTEAM](http://www.fidelissecurity.com/sites/default/files/FTA%201012%20STTEAM%20Final.pdf) | [:closed_book:](../../blob/master/2014/2014.02.23.Operation_STTEAM)
|
||||
* Feb 20 - [Mo' Shells Mo' Problems - Deep Panda Web Shells](http://www.crowdstrike.com/blog/mo-shells-mo-problems-deep-panda-web-shells/) | [:closed_book:](../../blob/master/2014/2014.02.20.deep-panda-webshells)
|
||||
* Feb 20 - [[CrowdStrike] Mo' Shells Mo' Problems - Deep Panda Web Shells](http://www.crowdstrike.com/blog/mo-shells-mo-problems-deep-panda-web-shells/) | [:closed_book:](../../blob/master/2014/2014.02.20.deep-panda-webshells)
|
||||
* Feb 20 - [[FireEye] Operation GreedyWonk: Multiple Economic and Foreign Policy Sites Compromised, Serving Up Flash Zero-Day Exploit](http://www.fireeye.com/blog/technical/targeted-attack/2014/02/operation-greedywonk-multiple-economic-and-foreign-policy-sites-compromised-serving-up-flash-zero-day-exploit.html) | [:closed_book:](../../blob/master/2014/2014.02.20.Operation_GreedyWonk)
|
||||
* Feb 19 - [[FireEye] XtremeRAT: Nuisance or Threat?](http://www.fireeye.com/blog/technical/2014/02/xtremerat-nuisance-or-threat.html) | [:closed_book:](../../blob/master/2014/2014.02.19.XtremeRAT)
|
||||
* Feb 19 - [[Context Information Security] The Monju Incident](http://contextis.com/resources/blog/context-threat-intelligence-monju-incident/) | [:closed_book:](../../blob/master/2014/2014.02.19.Monju_Incident)
|
||||
@ -1058,9 +1058,9 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
||||
* Jan 31 - [[Fidelis] Intruder File Report- Sneakernet Trojan](http://www.fidelissecurity.com/sites/default/files/FTA%201011%20Follow%20UP.pdf) | [:closed_book:](../../blob/master/2014/2014.01.31.Sneakernet_Trojan)
|
||||
* Jan 21 - [[RSA] Shell_Crew (Deep Panda)](http://www.emc.com/collateral/white-papers/h12756-wp-shell-crew.pdf) | [:closed_book:](../../blob/master/2014/2014.01.21.Shell_Crew)
|
||||
* Jan 15 - [[Fidelis] New CDTO: A Sneakernet Trojan Solution](http://www.fidelissecurity.com/sites/default/files/FTA%201001%20FINAL%201.15.14.pdf) | [:closed_book:](../../blob/master/2014/2014.01.15.Sneakernet_Trojan)
|
||||
* Jan 14 - [The Icefog APT Hits US Targets With Java Backdoor](https://www.securelist.com/en/blog/208214213/The_Icefog_APT_Hits_US_Targets_With_Java_Backdoor)
|
||||
* Jan 14 - [[Kaspersky] The Icefog APT Hits US Targets With Java Backdoor](https://www.securelist.com/en/blog/208214213/The_Icefog_APT_Hits_US_Targets_With_Java_Backdoor) | [:closed_book:](../../blob/master/2014/2014.01.14.Icefog_APT)
|
||||
* Jan 13 - [[Symantec] Targeted attacks against the Energy Sector](http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/targeted_attacks_against_the_energy_sector.pdf) | [:closed_book:](../../blob/master/2014/2014.01.13.Targeted_Attacks_Energy_Sector)
|
||||
* Jan 06 - [PlugX: some uncovered points](http://blog.cassidiancybersecurity.com/2014/01/plugx-some-uncovered-points.html)
|
||||
* Jan 06 - [[AirBus] PlugX: some uncovered points](https://airbus-cyber-security.com/plugx-some-uncovered-points/) | [:closed_book:](../../blob/master/2014/2014.01.06.PlugX)
|
||||
|
||||
## 2013
|
||||
* XXX XX - [[CERT-ISAC] Inside Report – APT Attacks on Indian Cyber Space]() | [:closed_book:](../../blob/master/2013/2013.00.00.APT_Attacks_on_Indian_Cyber_Space)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user