valitydev/APT_CyberCriminal_Campagin_Collections
14
0
Fork 0
mirror of https://github.com/valitydev/APT_CyberCriminal_Campagin_Collections.git synced 2024-11-06 08:45:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

2017.11.02.Energetic_Bear_on_Turkish_Critical_Infrastructure

Browse Source
This commit is contained in:
CyberMonitor 2018-03-16 16:54:35 +08:00
parent 3fdb61886d
commit 7a97f9af2b
3 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
2017/2017.11.02.Energetic_Bear_on_Turkish_Critical_Infrastructure/New Insights into Energetic Bear's Attacks on Turkish Critical Infrastructure.pdf Normal file
View File

Binary file not shown.

6
2017/2017.11.02.Energetic_Bear_on_Turkish_Critical_Infrastructure/passivetotal_[object-Object]_artifacts.csv Normal file
View File

@ -0,0 +1,6 @@
103.41.177.58,Domain,2017-11-02,@passivetotal.org,direct : 103.41.177.58 added from Project Details,leaseweb-netherlands-b.v.|routable|energetic bear|espionage|leaseweb-nlleaseweb_bv|russia,Monitoring
184.154.150.66,Domain,2017-11-02,@passivetotal.org,direct : 184.154.150.66 added from Project Details,routable|singlehop-inc.|energetic bear|espionage|russia,Monitoring
turcas.com.tr,Domain,2017-11-02,@passivetotal.org,direct : turcas.com.tr added from Project Details,compromised|energetic bear|energy|watering hole,Monitoring
www.controleng.com,Domain,2017-11-02,@passivetotal.org,direct : www.controleng.com added from Project Details,compromised|watering hole,Monitoring
www.csemag.com,Domain,2017-11-02,@passivetotal.org,direct : www.csemag.com added from Project Details,compromised|watering hole,Monitoring
www.plantengineering.com,Domain,2017-11-02,@passivetotal.org,direct : www.plantengineering.com added from Project Details,compromised|watering hole,Monitoring
1 103.41.177.58 Domain 2017-11-02 @passivetotal.org direct : 103.41.177.58 added from Project Details leaseweb-netherlands-b.v.|routable|energetic bear|espionage|leaseweb-nlleaseweb_bv|russia Monitoring
2 184.154.150.66 Domain 2017-11-02 @passivetotal.org direct : 184.154.150.66 added from Project Details routable|singlehop-inc.|energetic bear|espionage|russia Monitoring
3 turcas.com.tr Domain 2017-11-02 @passivetotal.org direct : turcas.com.tr added from Project Details compromised|energetic bear|energy|watering hole Monitoring
4 www.controleng.com Domain 2017-11-02 @passivetotal.org direct : www.controleng.com added from Project Details compromised|watering hole Monitoring
5 www.csemag.com Domain 2017-11-02 @passivetotal.org direct : www.csemag.com added from Project Details compromised|watering hole Monitoring
6 www.plantengineering.com Domain 2017-11-02 @passivetotal.org direct : www.plantengineering.com added from Project Details compromised|watering hole Monitoring

3
README.md
View File

@ -14,7 +14,7 @@ Please fire issue to me if any lost APT/Malware events/campaigns.
## 2018
* Mar 15 - [[US-CERT] Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors](https://www.us-cert.gov/ncas/alerts/TA18-074A)| [Local](../../blob/master/2018/2018.03.15.Russian_Government_Cyber_Activity_TA18-074A)
* Mar 15 - [[US-CERT] Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors](https://www.us-cert.gov/ncas/alerts/TA18-074A) | [Local](../../blob/master/2018/2018.03.15.Russian_Government_Cyber_Activity_TA18-074A)
* Mar 14 - [[Symantec] Inception Framework: Alive and Well, and Hiding Behind Proxies](https://www.symantec.com/blogs/threat-intelligence/inception-framework-hiding-behind-proxies) | [Local](../../blob/master/2018/2018.03.14.Inception_Framework)
* Mar 14 - [[Trend Micro] Tropic Troopers New Strategy](https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-trooper-new-strategy/) | [Local](../../blob/master/2018/2018.03.14.tropic-trooper-new-strategy)
* Mar 13 - [[Proofpoint] Drive-by as a service: BlackTDS](https://www.proofpoint.com/us/threat-insight/post/drive-service-blacktds) | [Local](../../blob/master/2018/2018.03.13.BlackTDS)
@ -76,6 +76,7 @@ Please fire issue to me if any lost APT/Malware events/campaigns.
* Nov 06 - [[Trend Micro] ChessMasters New Strategy: Evolving Tools and Tactics](http://blog.trendmicro.com/trendlabs-security-intelligence/chessmasters-new-strategy-evolving-tools-tactics/) | [Local](../../blob/master/2017/2017.11.06.ChessMaster_New_Strategy)
* Nov 02 - [[PwC] The KeyBoys are back in town](http://www.pwc.co.uk/issues/cyber-security-data-privacy/research/the-keyboys-are-back-in-town.html) | [Local](../../blob/master/2017/2017.11.02.KeyBoys_are_back)
* Nov 02 - [[Clearsky] LeetMX a Yearlong Cyber-Attack Campaign Against Targets in Latin America](http://www.clearskysec.com/leetmx/) | [Local](../../blob/master/2017/2017.11.02.LeetMX)
* Nov 02 - [[RISKIQ] New Insights into Energetic Bears Watering Hole Attacks on Turkish Critical Infrastructure](https://www.riskiq.com/blog/labs/energetic-bear/) | [Local](../../blob/master/2017/2017.11.02.Energetic_Bear_on_Turkish_Critical_Infrastructure)
* Oct 31 - [[Cybereason] Night of the Devil: Ransomware or wiper? A look into targeted attacks in Japan using MBR-ONI](https://www.cybereason.com/blog/night-of-the-devil-ransomware-or-wiper-a-look-into-targeted-attacks-in-japan) | [Local](../../blob/master/2017/2017.10.31.MBR-ONI.Japan)
* Oct 30 - [[Kaspersky] Gaza Cybergang updated activity in 2017](https://securelist.com/gaza-cybergang-updated-2017-activity/82765/) | [Local](../../blob/master/2017/2017.10.30.Gaza_Cybergang)
* Oct 27 - [[Bellingcat] Bahamut Revisited, More Cyber Espionage in the Middle East and South Asia](https://www.bellingcat.com/resources/case-studies/2017/10/27/bahamut-revisited-cyber-espionage-middle-east-south-asia/) | [Local](../../blob/master/2017/2017.10.27.bahamut-revisited)