2009-06-18,f56db4d90d6d5aa8f3bf52b1239cdbe41d6a4268,DECLAWING THE DRAGON,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/historical/2009/DECLAWING%20THE%20DRAGON.pdf
2012-04-10,5dba7529dfdcd435578dad0c219da02da54b28a0,Know Your Digital Enemy,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.04.10.Gh0st_RAT/Know%20Your%20Digital%20Enemy.pdf
2012-08-19,2ca545418f9fefe1c4dd96feeeff256adbb97e6f,ByeBye Shell and the targeting of Pakistan,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.08.19.ByeBye_Shell/ByeBye%20Shell%20and%20the%20targeting%20of%20Pakistan.pdf
2013-01-14,10c2d6c60b4a34422a12c7583624c4764b815ba6,securelist.com-Red October Detailed Malware Description 3 Second Stage of Attack,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Detailed%20Malware%20Description%203%20Second%20Stage%20of%20Attack.pdf
2013-01-14,89cfdc989240721e191029bc3636aabaddaa84b8,securelist.com-Red October Detailed Malware Description 1 First Stage of Attack,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Detailed%20Malware%20Description%201%20First%20Stage%20of%20Attack.pdf
2013-01-14,9fd39a98ef48a12695acf4bc6e1c595055c471eb,securelist.com-Red October Detailed Malware Description 5 Second Stage of Attack,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Detailed%20Malware%20Description%205%20Second%20Stage%20of%20Attack.pdf
2013-01-14,c38d19048cb7d66480d4e12c61fc0c3c8ebbc78d,securelist.com-Red October Detailed Malware Description 4 Second Stage of Attack,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Detailed%20Malware%20Description%204%20Second%20Stage%20of%20Attack.pdf
2013-01-14,caaf84ec5a1f8b12a1d849660e25bf304baec135,securelist.com-Red October Diplomatic Cyber Attacks Investigation,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Diplomatic%20Cyber%20Attacks%20Investigation.pdf
2013-01-14,e2b327a479a7e3c4fa7a3a34782bf7bca51f597d,securelist.com-Red October Detailed Malware Description 2 Second Stage of Attack,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Detailed%20Malware%20Description%202%20Second%20Stage%20of%20Attack.pdf
2013-05-16,ac49429483d9005f38f5202b77e8bf79c524e22b,welivesecurity.com-Targeted information stealing attacks in South Asia use email signed binaries,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.05.16.targeted-threat-pakistan-india/welivesecurity.com-Targeted%20information%20stealing%20attacks%20in%20South%20Asia%20use%20email%20signed%20binaries.pdf
2013-05-20,ffdfed40c5b1e08a6469c2f38e6a51347a37dd1b,Unveiling an Indian Cyberattack Infrastructure - appendixes,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.05.20.Operation_Hangover/Unveiling%20an%20Indian%20Cyberattack%20Infrastructure%20-%20appendixes.pdf
2013-07-01,11b8d957363188bd334bd88b1f5630abc263523b,kashifali.ca-Targeted Campaign Steals Credentials in Gulf States and Caribbean,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.07.01.Gulf_States_APT/kashifali.ca-Targeted%20Campaign%20Steals%20Credentials%20in%20Gulf%20States%20and%20Caribbean.pdf
2013-08-23,9b5acf068da8b4a28ff995eaf542d798b58eabef,fireeye.com-Operation Molerats Middle East Cyber Attacks Using Poison Ivy,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.08.23.Operation_Molerats/fireeye.com-Operation%20Molerats%20Middle%20East%20Cyber%20Attacks%20Using%20Poison%20Ivy.pdf
2014-01-06,c2858ffd02ad542ed014c93de03d1dda17a65ca9,airbus-cyber-security.com-PlugX some uncovered points,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.01.06.PlugX/airbus-cyber-security.com-PlugX%20some%20uncovered%20points.pdf
2014-01-14,3cf67c051ba29f706367860714b2c7ce56889ea6,securelist.com-The Icefog APT Hits US Targets With Java Backdoor,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.01.14.Icefog_APT/securelist.com-The%20Icefog%20APT%20Hits%20US%20Targets%20With%20Java%20Backdoor.pdf
2014-01-15,9767abff87b137695ab8481729ed7130499a0c80,FTA 1001 FINAL 1.15.14,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.01.15.Sneakernet_Trojan/FTA%201001%20FINAL%201.15.14.pdf
2014-02-20,7bd2229f4908ae1cd6b4e19c21d709948c3616ed,Mo' Shells Mo' Problems - Web Server Log Analysis »,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.20.deep-panda-webshells/Mo%27%20Shells%20Mo%27%20Problems%20-%20Web%20Server%20Log%20Analysis%20%C2%BB.pdf
2014-02-20,c7afca26feabcb0374cbbe2cee010696212d4f85,Mo' Shells Mo' Problems - File List Stacking »,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.20.deep-panda-webshells/Mo%27%20Shells%20Mo%27%20Problems%20-%20File%20List%20Stacking%20%C2%BB.pdf
2014-05-28,7dc9b7bbe8ba2d0ca2579d6ca1a60d84c1773a07,Iranian Hackers Targeted US Officials in Elaborate Social Media Attack Operation _ SecurityWeek,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.05.28.NewsCaster_An_Iranian_Threat_Within_Social_Networks/Iranian%20Hackers%20Targeted%20US%20Officials%20in%20Elaborate%20Social%20Media%20Attack%20Operation%20_%20SecurityWeek.pdf
2014-07-07,f9e86e04d2b5c8a28ec4e69ec9f8ea15c46892ad,Deep in Thought_ Chinese Targeting of National Security Think Tanks »,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.07.07.Deep_in_Thought/Deep%20in%20Thought_%20Chinese%20Targeting%20of%20National%20Security%20Think%20Tanks%20%C2%BB.pdf
2014-08-18,c37138f865175952f8b96ea057aa1c9a2cb207cc,The Syrian Malware House of Cards - Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.18.Syrian_Malware_House_of_Cards/The%20Syrian%20Malware%20House%20of%20Cards%20-%20Securelist.pdf
2014-09-17,1f89e8ba75a9e4d5d957fadc71074bfe1d53b2a9,armed-services.senate.gov-Press Release Press United States Commitee on Armed Services,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.17.Chinese_APT_defense_contractors/armed-services.senate.gov-Press%20Release%20%20Press%20%20United%20States%20Commitee%20on%20Armed%20Services.pdf
2014-10-23,ffac1bcec0a990cdf9e995766efd19b473e4785a,leviathansecurity.com-The Case of the Modified Binaries,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.23.Modified_Binaries/leviathansecurity.com-The%20Case%20of%20the%20Modified%20Binaries.pdf
2014-12-05,741f2f131cf70bb62cd9ba3a4a298b12a5a74877,blogs.blackberry.com-Operation Cleaver The Notepad Files,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.05.Operation_Cleaver/blogs.blackberry.com-Operation%20Cleaver%20The%20Notepad%20Files.pdf
2015-02-27,326f9133be497ec98132e9d6744ac26481a3d1c2,The Anthem Hack_ All Roads Lead to China - ThreatConnect _ Enterprise Threat Intelligence Platform,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.27.The_Anthem_Hack_All_Roads_Lead_to_China/The%20Anthem%20Hack_%20All%20Roads%20Lead%20to%20China%20-%20ThreatConnect%20_%20Enterprise%20Threat%20Intelligence%20Platform.pdf
2015-03-06,e9498a24509614d88c38311f45c1550eff79f8f5,Animals in the APT Farm,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.03.06.Animals_APT_Farm/Animals%20in%20the%20APT%20Farm.pdf
2015-04-15,3991aeb7aa51f81e0742f06b833b055aae662bf9,The Chronicles of the Hellsing APT_ the Empire Strikes Back - Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.04.15.Hellsing_APT/The%20Chronicles%20of%20the%20Hellsing%20APT_%20the%20Empire%20Strikes%20Back%20-%20Securelist.pdf
2015-05-13,2c19d922bfa84a0205d9142124caaa51dc2021f5,Cylance SPEAR Team_ A Threat Actor Resurfaces,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.13.Spear_Threat/Cylance%20SPEAR%20Team_%20A%20Threat%20Actor%20Resurfaces.pdf
2015-05-27,34c0983b58ba25a4a3066ae9871b12b2958af506,antiy.net-ANALYSIS ON APT-TO-BE ATTACK THAT FOCUSING ON CHINAS GOVERNMENT AGENCY,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.27.APT_to_be/antiy.net-ANALYSIS%20ON%20APT-TO-BE%20ATTACK%20THAT%20FOCUSING%20ON%20CHINAS%20GOVERNMENT%20AGENCY.pdf
2015-06-30,fdf388b793a73c47a7caab35a5c4645c83c0931a,Dino – the latest spying malware from an allegedly French espionage group analyzed,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.30.dino-spying-malware-analyzed/Dino%20%E2%80%93%20the%20latest%20spying%20malware%20from%20an%20allegedly%20French%20espionage%20group%20analyzed.pdf
2015-08-08,a850834f5ff8253d70a709a3d18b3cbfc05ce27c,Threat Analysis_ Poison Ivy and Links to an Extended PlugX Campaign – CYINT Analysis,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.08.08.Poison_Ivy_and_Links_to_an_Extended_PlugX_Campaign/Threat%20Analysis_%20Poison%20Ivy%20and%20Links%20to%20an%20Extended%20PlugX%20Campaign%20%E2%80%93%20CYINT%20Analysis.pdf
2015-08-19,68f5e800be94213b5fec499754aef6fe60ef13fe,New Internet Explorer zero-day exploited in Hong Kong attacks,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.08.19.new-internet-explorer-zero-day-exploited-hong-kong-attacks/New%20Internet%20Explorer%20zero-day%20exploited%20in%20Hong%20Kong%20attacks.pdf
2015-08-20,9035c1a0e8ec5b4eb632c0feb39a86600dce7d26,ASERT Threat Intelligence Brief 2015-05 PlugX Threat Activity in Myanmar,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.08.20.PlugX_Threat_Activity_in_Myanmar/ASERT%20Threat%20Intelligence%20Brief%202015-05%20PlugX%20Threat%20Activity%20in%20Myanmar.pdf
2015-09-09,1cc6d8e2ad98b3b816c39ef19da2c0eeb561050a,"Shadow Force Uses DLL Hijacking, Targets South Korean Company",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.09.Shadow_Force/Shadow%20Force%20Uses%20DLL%20Hijacking%2C%20Targets%20South%20Korean%20Company.pdf
2015-09-09,320456d541590567eec647d887462186ba90e979,Satellite Turla_ APT Command and Control in the Sky - Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.09.satellite-turla-apt/Satellite%20Turla_%20APT%20Command%20and%20Control%20in%20the%20Sky%20-%20Securelist.pdf
2015-09-15,11ce27412676f3584b8e9abefc629e2b90735056,In Pursuit of Optical Fibers and Troop Intel_ Targeted Attack Distributes PlugX in Russia _ Proofpoint,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.15.PlugX_in_Russia/In%20Pursuit%20of%20Optical%20Fibers%20and%20Troop%20Intel_%20Targeted%20Attack%20Distributes%20PlugX%20in%20Russia%20_%20Proofpoint.pdf
2015-09-17,3e45a371a5d1ada49c0e193372e3e1fe12191049,Operation Iron Tiger Appendix,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.17.Operation_Iron_Tiger/Operation%20Iron%20Tiger%20Appendix.pdf
2015-11-18,1ffa0aaf1e29ef02734e49bfab41c4ec18b3b839,Russian financial cybercrime_ how it works - Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.18.Russian_financial_cybercrime_how_it_works/Russian%20financial%20cybercrime_%20how%20it%20works%20-%20Securelist.pdf
2015-11-18,fbb18bcb00080008184c6e99c378a8da721b43bf,Damballa discovers new toolset linked to Destover,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.18.Destover/Damballa%20discovers%20new%20toolset%20linked%20to%20Destover.pdf
2015-11-23,78f88b00380fd4e888325439ab2591babda98fcc,Prototype Nation_ The Chinese Cybercriminal Underground in 2015 - Security News - Trend Micro USA,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.23.Prototype_Nation_The_Chinese_Cybercriminal_Underground_in_2015/Prototype%20Nation_%20The%20Chinese%20Cybercriminal%20Underground%20in%202015%20-%20Security%20News%20-%20Trend%20Micro%20USA.pdf
2015-12-08,0732f30d54b0bb6bd260dd3e34889bc6ec89c5ec,Packrat_ Seven Years of a South American Threat Actor,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.08.Packrat/Packrat_%20Seven%20Years%20of%20a%20South%20American%20Threat%20Actor.pdf
2015-12-16,aae628909f813e344b30470fae5d2a26619c4706,Operation Black Atlas_Indicators_of_Compromise,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.16.Operation_Black_Atlas/Operation%20Black%20Atlas_Indicators_of_Compromise.pdf
2016-04-12,8f9ced352ae35a97e06c0066ee2092b28b5f32d8,Platinum feature article - Targeted attacks in South and Southeast Asia April 2016,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.12.PLATINUM_Targeted_attacks_in_South_and_Southeast_Asia/Platinum%20feature%20article%20-%20Targeted%20attacks%20in%20South%20and%20Southeast%20Asia%20April%202016.pdf
2016-04-18,b76678677495b10baf122ba531f6957e9dd0b292,Between Hong Kong and Burma_ Tracking UP007 and SLServer Espionage Campaigns - The Citizen Lab,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.18.UP007/Between%20Hong%20Kong%20and%20Burma_%20Tracking%20UP007%20and%20SLServer%20Espionage%20Campaigns%20-%20The%20Citizen%20Lab.pdf
2016-04-26,19a24110ffa0758f2a47a48d5bedb2d47851db29,Cyber warfare_ Iran opens a new front - FT,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.26.Iran_Opens_a_New_Front/Cyber%20warfare_%20Iran%20opens%20a%20new%20front%20-%20FT.pdf
2016-04-26,87d857d7ce1ab46f4ad8808067b2f7cd43ac8fb2,"New Poison Ivy Activity Targeting Myanmar, Asian Countries",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.26.New_Poison_Ivy_Activity_Targeting_Myanmar_Asian_Countries/New%20Poison%20Ivy%20Activity%20Targeting%20Myanmar%2C%20Asian%20Countries.pdf
2016-04-27,f110830417b2cd564f2f0e00eedb20e43ea20d50,Freezer Paper around Free Meat - Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.27.Repackaging_Open_Source_BeEF/Freezer%20Paper%20around%20Free%20Meat%20-%20Securelist.pdf
2016-06-16,fece91ff2b729e25f30229b2c9fb43e4a4089dc3,Bears in the Midst_ Intrusion into the Democratic National Committee »,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.16.DNC/Bears%20in%20the%20Midst_%20Intrusion%20into%20the%20Democratic%20National%20Committee%20%C2%BB.pdf
2016-07-13,b928b0a2e0c93ccfbb1590bc0f4460a9389089ce,Furtim_ The Ultra-Cautious Malware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.13.State-Sponsored_SCADA_Malware_targeting_European_Energy_Companies/Furtim_%20The%20Ultra-Cautious%20Malware.pdf
2016-08-02,3939d4a4048e0ad0e4416e32763c8f69dc83af56,Group5_ Syria and the Iranian Connection - The Citizen Lab,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.02.group5-syria/Group5_%20Syria%20and%20the%20Iranian%20Connection%20-%20The%20Citizen%20Lab.pdf
2016-09-28,85b30d108bfd5951bb93730c2656346a967cbe21,Confucius Says...Malware Families Get Further By Abusing Legitimate Websites,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.09.28.Confucius_Says/Confucius%20Says...Malware%20Families%20Get%20Further%20By%20Abusing%20Legitimate%20Websites.pdf
2016-10-27,c7f1af600ea574490820cb2d86c1585a4908623d,"TrendLabs Security Intelligence BlogBLACKGEAR Espionage Campaign Evolves, Adds Japan To Target List - TrendLabs Security Intelligence Blog",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.27.BLACKGEAR_Espionage_Campaign_Evolves/TrendLabs%20Security%20Intelligence%20BlogBLACKGEAR%20Espionage%20Campaign%20Evolves%2C%20Adds%20Japan%20To%20Target%20List%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf
2016-10-31,3773109fc3b0607f90b13d91f3c57da2b6aa618d,Emissary Trojan Changelog_ Did Operation Lotus Blossom Cause It to Evolve_ - Palo Alto Networks Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.31.Emissary_Trojan_Changelog/Emissary%20Trojan%20Changelog_%20Did%20Operation%20Lotus%20Blossom%20Cause%20It%20to%20Evolve_%20-%20Palo%20Alto%20Networks%20Blog.pdf
2016-11-09,0640ebb4e8649c9ae93cb0bba624deb30bbebc8e,Down the H-W0rm Hole with Houdini's RAT - Threat Geek,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.11.09_down-the-h-w0rm-hole-with-houdinis-rat/Down%20the%20H-W0rm%20Hole%20with%20Houdini%27s%20RAT%20-%20Threat%20Geek.pdf
2017-01-05,bc1f173e272722c900afb3bbba0c7bd44f4c9a19,"Iranian Threat Agent OilRig Delivers Digitally Signed Malware, Impersonates University of Oxford _ ClearSky Cybersecurity",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.05.Iranian_Threat_Agent_OilRig/Iranian%20Threat%20Agent%20OilRig%20Delivers%20Digitally%20Signed%20Malware%2C%20Impersonates%20University%20of%20Oxford%20_%20ClearSky%20Cybersecurity.pdf
2017-01-18,d24be75959478224c4010d195a3db784a9dc56ca,Operation Grand Mars,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.18.Operation-Grand-Mars/Operation%20Grand%20Mars.pdf
2017-02-14,0cf03f3cf71ebd7edc4aa9996fa43138624bd302,Operation Kingphish_ Uncovering a Campaign of Cyber Attacks against Civil Society in Qatar and… – Amnesty Insights – Medium,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.14.Operation_Kingphish/Operation%20Kingphish_%20Uncovering%20a%20Campaign%20of%20Cyber%20Attacks%20against%20Civil%20Society%20in%20Qatar%20and%E2%80%A6%20%E2%80%93%20Amnesty%20Insights%20%E2%80%93%20Medium.pdf
2017-02-16,a6c62ce04ae30424f380773023950d94455fc349,Technical analysis of recent attacks against Polish banks – BadCyber,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.16.Technical_analysis_Polish_banks/Technical%20analysis%20of%20recent%20attacks%20against%20Polish%20banks%20%E2%80%93%20BadCyber.pdf
2017-02-27,7c7567206d222546376079a19c07b615d9538cf3,The Gamaredon Group Toolset Evolution - Palo Alto Networks Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.27.gamaredon-group-toolset-evolution/The%20Gamaredon%20Group%20Toolset%20Evolution%20-%20Palo%20Alto%20Networks%20Blog.pdf
2017-02-28,841e63f842029a2a45047edee7312cae9a3e1353,AtomBombing_ Brand New Code Injection for Windows - Breaking Malware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_%20Brand%20New%20Code%20Injection%20for%20Windows%20-%20Breaking%20Malware.pdf
2017-02-28,8b3ebc21903c070ac70264bd8dd7ecd681e9b78e,Dridex's Cold War_ Enter AtomBombing,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.28.dridexs-cold-war-enter-atombombing/Dridex%27s%20Cold%20War_%20Enter%20AtomBombing.pdf
2017-02-28,8ffce0fd5ec946cbb5da03a5a0f2796525aa600a,AtomBombing_ A Code Injection that Bypasses Current Security Solutions,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_%20A%20Code%20Injection%20that%20Bypasses%20Current%20Security%20Solutions.pdf
2017-03-08,f8e850c0d5b3db84e2271da13afb043d2c55819d,Targeted Attack Campaigns with Multi-Variate Malware Observed in the Cloud - Netskope,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.03.08.Targeted_Attack_Campaigns/Targeted%20Attack%20Campaigns%20with%20Multi-Variate%20Malware%20Observed%20in%20the%20Cloud%20-%20Netskope.pdf
2017-04-05,b2f76581b1f81deb6f482301f120bf103dfee7fe,Targeted Attacks in the Middle East Using KASPERAGENT and MICROPSIA - Palo Alto Networks Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.04.05.KASPERAGENT_and_MICROPSIA/Targeted%20Attacks%20in%20the%20Middle%20East%20Using%20KASPERAGENT%20and%20MICROPSIA%20-%20Palo%20Alto%20Networks%20Blog.pdf
2017-04-10,d4ac9a7d29ae849228c231d4a329a0de75db03f5,Longhorn_ Tools used by cyberespionage group linked to Vault 7,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.04.10_Longhorn/Longhorn_%20Tools%20used%20by%20cyberespionage%20group%20linked%20to%20Vault%207.pdf
2017-04-11,fc7f3b5e0274380f2dcbf1314e416156782749b2,Unraveling the Lamberts Toolkit,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.04.11.Lamberts_Toolkit/Unraveling%20the%20Lamberts%20Toolkit.pdf
2017-06-15,9d01db23f6ca3a44838c7ece1e023878807c9b35,North Korea Is Not Crazy,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.15.north-korea-cyber-activity/North%20Korea%20Is%20Not%20Crazy.pdf
2017-06-30,a00e87b7c84b238136e6b7e03faa7032a1f1462b,From BlackEnergy to ExPetr - Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.30.From_BlackEnergy_to_ExPetr/From%20BlackEnergy%20to%20ExPetr%20-%20Securelist.pdf
2017-06-30,e3f17c26a1e9baf918a27b23ed3e6b7e972f0fb1,TeleBots are back_ supply-chain attacks against Ukraine,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.30.telebots-back-supply-chain/TeleBots%20are%20back_%20supply-chain%20attacks%20against%20Ukraine.pdf
2017-09-06,1ed7aca75422d01c464e9786e6a156d1fb6e7720,Dragonfly_ Western energy sector targeted by sophisticated attack group _ Symantec Connect Community,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.06.dragonfly-western-energy-sector-targeted-sophisticated-attack-group/Dragonfly_%20Western%20energy%20sector%20targeted%20by%20sophisticated%20attack%20group%20_%20Symantec%20Connect%20Community.pdf
2017-09-18,fa92c0e06a7469a3dab6a34d37528bc173d517eb,An (un)documented Word feature abused by attackers _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.18.Windows_branch_of_the_Cloud_Atlas/An%20%28un%29documented%20Word%20feature%20abused%20by%20attackers%20_%20Securelist.pdf
2017-09-20,a39f0d00e020ea4eb9e104a3aeed959c01bf8306,Insights into Iranian Cyber Espionage_ APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware « Threat Research Blog _ FireEye Inc,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.20.apt33-insights-into-iranian-cyber-espionage/Insights%20into%20Iranian%20Cyber%20Espionage_%20APT33%20Targets%20Aerospace%20and%20Energy%20Sectors%20and%20has%20Ties%20to%20Destructive%20Malware%20%C2%AB%20Threat%20Research%20Blog%20_%20FireEye%20Inc.pdf
2017-09-28,2de8ba6f7036c042204203b326a2d4b28596b5a4,Threat Actors Target Government of Belarus Using CMSTAR Trojan,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.28.Belarus_CMSTAR_Trojan/Threat%20Actors%20Target%20Government%20of%20Belarus%20Using%20CMSTAR%20Trojan.pdf
2017-10-27,a7aeb82c38c24d916f743f63d8dd3a44245f8824,"bellingcat - Bahamut Revisited, More Cyber Espionage in the Middle East and South Asia - bellingcat",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.27.bahamut-revisited/bellingcat%20-%20Bahamut%20Revisited%2C%20More%20Cyber%20Espionage%20in%20the%20Middle%20East%20and%20South%20Asia%20-%20bellingcat.pdf
2017-10-30,8fa264721c32e66ec94ceb77645c22edbffc9259,Gaza Cybergang - updated activity in 2017_ - Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.30.Gaza_Cybergang/Gaza%20Cybergang%20-%20updated%20activity%20in%202017_%20-%20Securelist.pdf
2017-11-02,3e8197de6b5d3ee28900addba58d37693ab48c35,New Insights into Energetic Bear's Attacks on Turkish Critical Infrastructure,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.02.Energetic_Bear_on_Turkish_Critical_Infrastructure/New%20Insights%20into%20Energetic%20Bear%27s%20Attacks%20on%20Turkish%20Critical%20Infrastructure.pdf
2017-11-02,7cc47ac6e2afeaccc7f6b81e7aee36a98b2fcc08,LeetMX - a Yearlong Cyber-Attack Campaign Against Targets in Latin America - ClearSky Cyber Security,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.02.LeetMX/LeetMX%20-%20a%20Yearlong%20Cyber-Attack%20Campaign%20Against%20Targets%20in%20Latin%20America%20-%20ClearSky%20Cyber%20Security.pdf
2017-11-02,8a525f0a9399a4c2a02e14d9bdaa98992be9c07d,Recent InPage Exploits Lead to Multiple Malware Families,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.02.InPage_Exploits/Recent%20InPage%20Exploits%20Lead%20to%20Multiple%20Malware%20Families.pdf
2017-11-02,f7b0f598b3b294086661de8ff38a25cffd626845,The KeyBoys are back in town,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.02.KeyBoys_are_back/The%20KeyBoys%20are%20back%20in%20town.pdf
2018-01-16,a72a88d6a9cc5739aad7802ffb6b29f63af16bc4,Skygofree_ Following in the footsteps of HackingTeam - Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.16.skygofree/Skygofree_%20Following%20in%20the%20footsteps%20of%20HackingTeam%20-%20Securelist.pdf
2018-01-29,0bece4337b4372e52cf6b23dd4f9da12f8175fa7,VERMIN_ Quasar RAT and Custom Malware Used In Ukraine,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.29.VERMIN_Quasar_RAT_and_Custom_Malware_Used_In_Ukraine/VERMIN_%20Quasar%20RAT%20and%20Custom%20Malware%20Used%20In%20Ukraine.pdf
2018-02-20,ba3b8e6a764ce36c0826bbc39a5012caf7048ecb,Musical Chairs Playing Tetris,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.20.musical-chairs-playing-tetris/Musical%20Chairs%20Playing%20Tetris.pdf
2018-02-21,19b2258d841699869a494c3752d0f7ec9b1ba3d2,Avast tracks down Tempting Cedar Spyware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.21.Tempting_Cedar/Avast%20tracks%20down%20Tempting%20Cedar%20Spyware.pdf
2018-02-28,c8e577f6df534895f4b9e25a8da67a7b32d381af,Sofacy Attacks Multiple Government Entities,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.28.sofacy-attacks-multiple-government-entities/Sofacy%20Attacks%20Multiple%20Government%20Entities.pdf
2018-03-08,a6a5420dfb31ba77269ecf7fec57c2524308f131,Donot Team in South Asia,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.08.donot-team-leverages-new-modular/Donot%20Team%20in%20South%20Asia.pdf
2018-03-09,2ce1536757accf7b76da6cc2900300e702ac7f3a,New tools uncovered from hacking group APT15,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.09.APT15_is_alive_and_strong/New%20tools%20uncovered%20from%20hacking%20group%20APT15.pdf
2018-03-09,57eb61b0d2d2e8b62ea44f6ce4e108e85d9facb6,BAD TRAFFIC_ Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads_,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.09.Sandvine_PacketLogic_Devices_APT/BAD%20TRAFFIC_%20Sandvine%E2%80%99s%20PacketLogic%20Devices%20Used%20to%20Deploy%20Government%20Spyware%20in%20Turkey%20and%20Redirect%20Egyptian%20Users%20to%20Affiliate%20Ads_.pdf
2018-03-09,f4024179748d1abc9e6bfe6e2f0536fc42003b91,An analysis of RoyalCli and RoyalDNS,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.09.APT15_is_alive_and_strong/An%20analysis%20of%20RoyalCli%20and%20RoyalDNS.pdf
2018-03-14,4965ed073067deeb6e8d354301e6f9923fb2687e,Tropic Trooper’s New Strategy,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.14.tropic-trooper-new-strategy/Tropic%20Trooper%E2%80%99s%20New%20Strategy.pdf
2018-03-14,740dfa57dee188f7e1e086b5ba87ddef5460ce4e,"Inception Framework_ Alive and Well, and Hiding Behind Proxies _ Symantec Blogs",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.14.Inception_Framework/Inception%20Framework_%20Alive%20and%20Well%2C%20and%20Hiding%20Behind%20Proxies%20_%20Symantec%20Blogs.pdf
2018-03-29,5afff604991deb7f3ab7d035f5b4090011c4a10c,ChessMaster Adds Updated Tools to Its Arsenal,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.29.ChessMaster_Adds_Updated_Tools/ChessMaster%20Adds%20Updated%20Tools%20to%20Its%20Arsenal.pdf
2018-04-17,36f3657d3cc0cf94d1287e49874008e839c9151a,nccgroup.trust-Decoding network data from a Gh0st RAT variant,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.17.Iron_Tiger_Gh0st_RAT_variant/nccgroup.trust-Decoding%20network%20data%20from%20a%20Gh0st%20RAT%20variant.pdf
2018-06-15,411a7ffe8c11fbe9edd49575bcf4e94270e3b7be,Mustang Panda _ Threat Actor Profile _ CrowdStrike,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.15.Mustang_Panda/Mustang%20Panda%20_%20Threat%20Actor%20Profile%20_%20CrowdStrike.pdf
2018-06-22,dd16552805b96e7cafc27d7edcd05e15014e4091,Tick Group Weaponized Secure USB Drives to Target Air-Gapped Critical Systems,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.22.Iick.Group-weaponized-secure-usb/Tick%20Group%20Weaponized%20Secure%20USB%20Drives%20to%20Target%20Air-Gapped%20Critical%20Systems.pdf
2018-07-27,e8a3316d1aa5c9c81aa0fe685014ac3a3f6c66a2,New Threat Actor Group DarkHydrus Targets Middle East Government,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.07.27.DarkHydrus/New%20Threat%20Actor%20Group%20DarkHydrus%20Targets%20Middle%20East%20Government.pdf
2018-08-02,4a22ceafcbdd3e8b7a349e8c80792be8377ff4d2,The Gorgon Group Slithering Between Nation State and Cybercrime,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.02.Gorgon_Group/The%20Gorgon%20Group%20Slithering%20Between%20Nation%20State%20and%20Cybercrime.pdf
2018-08-29,1614224bb566bb4c8e82501440d26fb707108757,The Urpage Connection to Bahamut Confucius and Patchwork,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.29.Bahamut_Confucius_Patchwork/The%20Urpage%20Connection%20to%20Bahamut%20Confucius%20and%20Patchwork.pdf
2018-08-30,0e7109f06710132f6e6db736a9628fd394412204,Two Birds One STONE PANDA,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.30.Stone_Panda/Two%20Birds%20One%20STONE%20PANDA.pdf
2018-08-30,3a8b95623bfbca0404372fe5d4a9fa89dbfa3aa8,In the Trails of WINDSHIFT APT,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.30.WINDSHIFT_APT/In%20the%20Trails%20of%20WINDSHIFT%20APT.pdf
2018-08-30,b36210fbdd48447cc39ec77e317f1f3ec43b8ae6,Reversing malware in a custom format_ Hidden Bee elements,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.30.Hidden_Bee_Custom_format/Reversing%20malware%20in%20a%20custom%20format_%20Hidden%20Bee%20elements.pdf
2018-08-30,b6d1d7e93428e9ee1d8ce9ca8d21cad84c983077,Double the Infection Double the Fun,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.30.Cobalt_Group_Fun/Double%20the%20Infection%20Double%20the%20Fun.pdf
2018-09-07,05ded0be2899badb166a94ef2855569121c60a82,Targeted Attack on Indian Ministry of External Affairs using Crimson RAT,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.07.indian-ministry_crimson-rat/Targeted%20Attack%20on%20Indian%20Ministry%20of%20External%20Affairs%20using%20Crimson%20RAT.pdf
2018-09-13,cd622003433b7744a621fc95a1902e3df81c3059,APT10 Targeting Japanese Corporations Using Updated TTPs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.13.APT10_Targeting_Japanese/APT10%20Targeting%20Japanese%20Corporations%20Using%20Updated%20TTPs.pdf
2018-10-11,d26e508ee0247d9cb909e0fe9cd542488c0396fa,Gallmaker New Attack Group Eschews Malware to Live off the Land,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.11.Gallmaker/Gallmaker%20New%20Attack%20Group%20Eschews%20Malware%20to%20Live%20off%20the%20Land.pdf
2018-10-15,86b482a16690c51947f30b16dbe692dba2850897,Russian-language actor exploits hype over Telegram ban in Central Asia,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.15.Octopus_Central_Asia/Russian-language%20actor%20exploits%20hype%20over%20Telegram%20ban%20in%20Central%20Asia.pdf
2018-10-17,b8a1f025fec78996380d3e1045fea11c877610e2,Cyber-Espionage Campaign Targeting the Naval Industry MartyMcFly,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.17.Targeting_the_Naval_Industry/Cyber-Espionage%20Campaign%20Targeting%20the%20Naval%20Industry%20MartyMcFly.pdf
2018-10-18,9867f20bf345ae417068e4e248f3ca610679ab67,Tracking Tick Through Recent Campaigns Targeting East Asia,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.18.Datper_Bronze_Butler/Tracking%20Tick%20Through%20Recent%20Campaigns%20Targeting%20East%20Asia.pdf
2018-10-18,ad122d87969c575dd5e33baa8fb1d9c81ba87a37,APT Sidewinder changes theirs TTPs to install their backdoor,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.18.APT_Sidewinder_changes/APT%20Sidewinder%20changes%20theirs%20TTPs%20to%20install%20their%20backdoor.pdf
2018-11-01,e484a67cc8eea37971aca97bbd9b4a82f33d6867,Perl-Based Shellbot Looks to Target Organizations via C&C - TrendLabs Security Intelligence Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.01_Outlaw_group/Perl-Based%20Shellbot%20Looks%20to%20Target%20Organizations%20via%20C%26C%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf
2018-11-05,edb93a3ba0243acaaff29dc0534fcd8c51485210,Inception Attackers Target Europe with Year-old Office Vulnerability,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.05.Inception_Attackers_Target_Europe/Inception%20Attackers%20Target%20Europe%20with%20Year-old%20Office%20Vulnerability.pdf
2018-11-08,28bff667e0ace1f45ae14494dc87eb0bec7706b1,FASTCash How the Lazarus Group is Emptying Millions from ATMs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.08.FASTCash/FASTCash%20How%20the%20Lazarus%20Group%20is%20Emptying%20Millions%20from%20ATMs.pdf
2018-11-20,132278dbc802a2ada7f65716e8838627bee0e34e,blog.trendmicro.com-Lazarus Continues Heists Mounts Attacks on Financial Organizations in Latin America,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.20.lazarus-in-latin-america/blog.trendmicro.com-Lazarus%20Continues%20Heists%20Mounts%20Attacks%20on%20Financial%20Organizations%20in%20Latin%20America.pdf
2018-11-30,23c0a1812535edbe41637784380ff52e7f9fb777,PowerShell-based Backdoor Found in Turkey Strikingly Similar to MuddyWater Tools,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.30.MuddyWater_Turkey/PowerShell-based%20Backdoor%20Found%20in%20Turkey%20Strikingly%20Similar%20to%20MuddyWater%20Tools.pdf
2018-12-11,a8dce1d441f06cebb3143ab16b50b4e227334433,Poking the Bear Three-Year Campaign Targets Russian Critical Infrastructure,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.11.Poking_the_Bear/Poking%20the%20Bear%20Three-Year%20Campaign%20Targets%20Russian%20Critical%20Infrastructure.pdf
2018-12-13,26d05e39aa461719fe2b2cf00ac510e976374624,The Return of The Charming Kitten,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.13.Charming_Kitten_Return/The%20Return%20of%20The%20Charming%20Kitten.pdf
2018-12-13,9aaded6d8c889c00bb1f185c511815ecdaba7c29,Shamoon 3 Targets Oil and Gas Organization,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.13.Shamoon_3/Shamoon%203%20Targets%20Oil%20and%20Gas%20Organization.pdf
2018-12-18,eb626a52cbeb7c4a61000db8969ff6b7b0b3fdb4,"URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.18.ursnif-emotet-dridex-and-bitpaymer-gangs/URSNIF%2C%20EMOTET%2C%20DRIDEX%20and%20BitPaymer%20Gangs%20Linked%20by%20a%20Similar%20Loader.pdf
2018-12-28,2373a41ce9dd7c86d4491d978fddf887d9a1fc87,Goblin Panda changes the dropper and reuses the old infrastructure,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.28.Goblin_Panda/Goblin%20Panda%20changes%20the%20dropper%20and%20reuses%20the%20old%20infrastructure.pdf
2019-01-15,ac2bcbe0818c394ec66612060f81d4f6860ade30,2018_ A Year of Cyber Attacks – HACKMAGEDDON,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2019.01.15.2018-a-year-of-cyber-attacks/2018_%20A%20Year%20of%20Cyber%20Attacks%20%E2%80%93%20HACKMAGEDDON.pdf
2019-01-17,878dfa6ec75c711215f74a8761c62bd1fbbcf130,Malware Used by Rocke Group Evolves to Evade Detection by Cloud Security Products,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.17.Rocke_Group/Malware%20Used%20by%20Rocke%20Group%20Evolves%20to%20Evade%20Detection%20by%20Cloud%20Security%20Products.pdf
2019-01-18,3dfeb09452c6e80bcde7e900ed00034245bc7e98,DarkHydrus delivers new Trojan that can use Google Drive for C2 communications,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.18.DarkHydrus/DarkHydrus%20delivers%20new%20Trojan%20that%20can%20use%20Google%20Drive%20for%20C2%20communications.pdf
2019-01-18,9242d06642b234904eae8d1d9535e8b97a7ac902,[Lab52] WIRTE Group attacking the Middle East,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.18.WIRTE_Group_attacking_the_Middle_East/%5BLab52%5D%20WIRTE%20Group%20attacking%20the%20Middle%20East.pdf
2019-01-24,4873e2465fc56fca681074f5069788baa80841fb,GandCrab and Ursnif Campaign,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.24.GandCrab_and_Ursnif/GandCrab%20and%20Ursnif%20Campaign.pdf
2019-01-30,9707e48b8b7bdca8d17e74292142a5a4dd344f64,Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.30.Chafer_APT_Spy_Iran/Chafer%20used%20Remexi%20malware%20to%20spy%20on%20Iran-based%20foreign%20diplomatic%20entities.pdf
2019-02-05,b8827637dc77db1c5fbe8b5f83ca0e517cfe6742,Analyzing Digital Quartermasters in Asia Do Chinese and Indian APTs Have a Shared Supply Chain,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.05.China_India_APT_shared/Analyzing%20Digital%20Quartermasters%20in%20Asia%20%20Do%20Chinese%20and%20Indian%20APTs%20Have%20a%20Shared%20Supply%20Chain.pdf
2019-02-06,06cd0e5cf1092f8950dd6736f684ad5d4c9c4d63,APT10 Targeted Norwegian MSP and US Companies in Sustained Campaign,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.06.APT10_Sustained_Campaign/APT10%20Targeted%20Norwegian%20MSP%20and%20US%20Companies%20in%20Sustained%20Campaign.pdf
2019-02-20,43107b5d8f5782f17154718c9ba4de0487bcfc8e,LAZARUS GROUP DIRECTED TO ORGANIZATIONS IN RUSSIA_google_translate,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.20.LAZARUS_to_RUSSIA/LAZARUS%20GROUP%20DIRECTED%20TO%20ORGANIZATIONS%20IN%20RUSSIA_google_translate.pdf
2019-02-20,ac9f460fc3837cd78ae7f801a5879186e0fe486d,SE IDENTIFICÓ ATAQUES DEL GRUPO CIBERCRIMINAL LAZARUS DIRIGIDOS A ORGANIZACIONES EN RUSIA,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.20.LAZARUS_to_RUSSIA/SE%20IDENTIFIC%C3%93%20ATAQUES%20DEL%20GRUPO%20CIBERCRIMINAL%20LAZARUS%20DIRIGIDOS%20A%20ORGANIZACIONES%20EN%20RUSIA.pdf
2019-02-25,e8da32324db0d8ffd0eefdaf2b3e68ed75920bd4,Defeating Compiler-Level Obfuscations Used in APT10 Malware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.25.APT10_Defeating_Compiler_Level/Defeating%20Compiler-Level%20Obfuscations%20Used%20in%20APT10%20Malware.pdf
2019-02-26,ed64dc87623be86dd2022c5e54468c28ba346579,The Arsenal Behind the Australian Parliament Hack,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.26.Australian_Parliament_Hack/The%20Arsenal%20Behind%20the%20Australian%20Parliament%20Hack.pdf
2019-02-27,fe1ecb3fe582b44e53db1af17692b656a85e7a71,A Peek into BRONZE UNION’s Toolbox,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.27.BRONZE_UNION_Toolbox/A%20Peek%20into%20BRONZE%20UNION%E2%80%99s%20Toolbox.pdf
2019-02-28,1e1e10f905ed8c228a9f2d12da860c7f7defa1f1,"Ransomware, Trojan and Miner together against “PIK-Group”",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.28_RIK_Group/Ransomware%2C%20Trojan%20and%20Miner%20together%20against%20%E2%80%9CPIK-Group%E2%80%9D.pdf
2019-03-04,6c3b0f70362d993f6d48d87bcb2013a237ab4dc0,APT40 Examining a China-Nexus Espionage Actor APT40 Examining a China-Nexus Espionage Actor,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.04.APT40/APT40%20Examining%20a%20China-Nexus%20Espionage%20Actor%20%20APT40%20Examining%20a%20China-Nexus%20Espionage%20Actor.pdf
2019-03-06,85447c9971470c2e679bb3d87d2244d1e75bf208,Whitefly_ Espionage Group has Singapore in Its Sights,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.06.Whitefly/Whitefly_%20Espionage%20Group%20has%20Singapore%20in%20Its%20Sights.pdf
2019-03-07,d5fb10e16b4f2346fe2fcbeac9f8f2beccc914e3,New SLUB Backdoor Uses GitHub Communicates via Slack,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.07.SLUB_Backdoor/New%20SLUB%20Backdoor%20Uses%20GitHub%20Communicates%20via%20Slack.pdf
2019-03-08,edbd146351a40f307247b887b8f95e625cb62336,Supply Chain – The Major Target of Cyberespionage Groups,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.08.Supply_Chain_Groups/Supply%20Chain%20%E2%80%93%20The%20Major%20Target%20of%20Cyberespionage%20Groups.pdf
2019-03-27,6feab33a7a268f5e3b6facf38d46d0db42cfb664,Elfin Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and US,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.27.Elfin/Elfin%20Relentless%20Espionage%20Group%20Targets%20Multiple%20Organizations%20in%20Saudi%20Arabia%20and%20US.pdf
2019-03-28,04a318c39f4453a0ccab6901c8558035fb28c88e,"Desktop, Mobile Phishing Campaign Targets South Korean Websites, Steals Credentials Via Watering Hole",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.28.Desktop_Mobile_Phishing_Campaign/Desktop%2C%20Mobile%20Phishing%20Campaign%20Targets%20South%20Korean%20Websites%2C%20Steals%20Credentials%20Via%20Watering%20Hole.pdf
2019-03-28,bc9559486d50da1b8b146b9e79eac54a3f687ad9,Threat Actor Group using UAC Bypass Module to run BAT File,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.28.UAC_Bypass_BAT_APT/Threat%20Actor%20Group%20using%20UAC%20Bypass%20Module%20to%20run%20BAT%20File.pdf
2019-04-10,dbc6091818e127de82037d85aacb7c481c4f5cf9,The Muddy Waters of APT Attacks,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.10.Muddy_Waters/The%20Muddy%20Waters%20of%20APT%20Attacks.pdf
2019-04-17,63d59610f60df26243e333a3b55f0b24e4b277ce,DNS Hijacking Abuses Trust In Core Internet Service,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.17.Operation_Sea_Turtle/DNS%20Hijacking%20Abuses%20Trust%20In%20Core%20Internet%20Service.pdf
2019-04-17,85bcaafddb3ff5885c24b6c80dbb6a400225c7e7,"Aggah Campaign_ Bit.ly, BlogSpot, and Pastebin Used for C2 in Large Scale Campaign",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.17.Aggah_Campaign/Aggah%20Campaign_%20Bit.ly%2C%20BlogSpot%2C%20and%20Pastebin%20Used%20for%20C2%20in%20Large%20Scale%20Campaign.pdf
2019-04-19,0acc6bd7228fe5a1b059de2ba51e76cbe9717fc4,Funky malware format found in Ocean Lotus sample,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.19.Funky_malware_format/Funky%20malware%20format%20found%20in%20Ocean%20Lotus%20sample.pdf
2019-04-22,0a977831b7d744518f28166129f70d575f59c706,FINTEAM Trojanized TeamViewer Against Government Targets,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.22.FINTEAM/FINTEAM%20Trojanized%20TeamViewer%20Against%20Government%20Targets.pdf
2019-04-24,caac870b8cbd272994634d3816596b7cffaf3a65,CyberInt_Legit Remote Access Tools Turn Into Threat Actors' Tools_Report,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.24.TA505_Abusing_Legit_Remote_Admin_Tool/CyberInt_Legit%20Remote%20Access%20Tools%20Turn%20Into%20Threat%20Actors%27%20Tools_Report.pdf
2019-04-30,ebffba8a872949b48dfccc012ab5ddb43e72ec32,SectorB06 using Mongolian language in lure document,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.30.SectorB06_Mongolian/SectorB06%20using%20Mongolian%20language%20in%20lure%20document.pdf
2019-05-07,2a04fb97ff89595bc49dd71a7246402e3b355cc6,ATMitch_ New Evidence Spotted In The Wild,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.07.ATMitch/ATMitch_%20New%20Evidence%20Spotted%20In%20The%20Wild.pdf
2019-05-07,cc79d68f7bbad680581f53cc4a797e27ff7f2d6d,Buckeye_ Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.07.Buckeye/Buckeye_%20Espionage%20Outfit%20Used%20Equation%20Group%20Tools%20Prior%20to%20Shadow%20Brokers%20Leak.pdf
2019-05-08,30c64f7061efd41ebb2621201ff7bcda966b9bf4,FIN7.5_ the infamous cybercrime rig “FIN7” continues its activities,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.08.Fin7.5/FIN7.5_%20the%20infamous%20cybercrime%20rig%20%E2%80%9CFIN7%E2%80%9D%20continues%20its%20activities.pdf
2019-05-08,619395650b3c940cb49565b2d3ec3f720aab829c,OceanLotus Attacks to Indochinese Peninsula,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.08.OceanLotus/OceanLotus%20Attacks%20to%20Indochinese%20Peninsula.pdf
2019-05-11,41c70ebe7812a4294dd57b68c88f759a5e0ce383,Chineses Actor APT target Ministry of Justice Vietnamese,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.11.Chinese_APT_Vietnamese/Chineses%20Actor%20APT%20target%20Ministry%20of%20Justice%20Vietnamese.pdf
2019-05-13,9d46bb706eb0d5d43dc905423023e9aff6991c55,"ScarCruft continues to evolve, introduces Bluetooth harvester _ Securelist",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.13.ScarCruft_Bluetooth/ScarCruft%20continues%20to%20evolve%2C%20introduces%20Bluetooth%20harvester%20_%20Securelist.pdf
2019-05-15,62d22fd778d5bf335028f9386e92f8b9aa9811a3,Winnti_ More than just Windows and Gates,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.15.Winnti_More/Winnti_%20More%20than%20just%20Windows%20and%20Gates.pdf
2019-05-19,c8ff7fe5837302a788e0d7f6c3fa24c05085399f,HiddenWasp Malware Stings Targeted Linux Systems,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.19.HiddenWasp_Linux/HiddenWasp%20Malware%20Stings%20Targeted%20Linux%20Systems.pdf
2019-05-22,292a82b4d699244f339dfa66e7e8d0f7661a2c8f,A journey to Zebrocy land,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.22.Zebrocy_Land/A%20journey%20to%20Zebrocy%20land.pdf
2019-05-24,fe7fcff34a36daaf1e988c0f20d828109848738f,Uncovering New Activity By APT10,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.24_APT10_New_Activity/Uncovering%20New%20Activity%20By%20APT10.pdf
2019-05-28,9ddcf2053edf7a3ec8fb74ab679878d82c6641e7,Emissary Panda Attacks Middle East Government Sharepoint Servers,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.28.Emissary_Panda/Emissary%20Panda%20Attacks%20Middle%20East%20Government%20Sharepoint%20Servers.pdf
2019-05-29,3aaa08c08ae5f7adadadc35a1e4302dc943be6c2,TA505 is Expanding its Operations,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.29.TA505/TA505%20is%20Expanding%20its%20Operations.pdf
2019-05-29,a6ba7a30e00dec1c0341a901572825a60753e53b,A dive into Turla PowerShell usage,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.29.Turla_PowerShell/A%20dive%20into%20Turla%20PowerShell%20usage.pdf
2019-05-30,76e14cfaa39d05af8d921b02aab1016b5d998f1a,Talos Blog __ Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ 10 years of virtual dynamite_ A high-level retrospective of ATM malware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.30.10_Years_ATM_Malware/Talos%20Blog%20__%20Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%2010%20years%20of%20virtual%20dynamite_%20A%20high-level%20retrospective%20of%20ATM%20malware.pdf
2019-06-11,400e04bf19bcfa10af7df51240f27bab15f12644,The Discovery of Fishwrap_ A New Social Media Information Operation Methodology,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.11.Fishwrap_Group/The%20Discovery%20of%20Fishwrap_%20A%20New%20Social%20Media%20Information%20Operation%20Methodology.pdf
2019-06-12,995f3a4bce373530924a55e84cc574ee6d3fcfbf,Threat Group Cards,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.12.Threat_Group_Cards/Threat%20Group%20Cards.pdf
2019-06-21,59a715d0a7248235ea9291d0ff374cc9036ce956,Waterbug_ Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.21.Waterbug/Waterbug_%20Espionage%20Group%20Rolls%20Out%20Brand-New%20Toolset%20in%20Attacks%20Against%20Governments.pdf
2019-06-25,fa04b0ea75e68099ee012da02872f9138b6362c0,Operation Soft Cell_ A Worldwide Campaign Against Telecommunications Providers,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.25.Operation_Soft_Cell/Operation%20Soft%20Cell_%20A%20Worldwide%20Campaign%20Against%20Telecommunications%20Providers.pdf
2019-06-27,f48dd456559ef8f158786535e70c8fb86f193086,ShadowGate Returns to Worldwide Operations With Evolved Greenflash Sundown Exploit Kit,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.27.ShadowGate_Returns/ShadowGate%20Returns%20to%20Worldwide%20Operations%20With%20Evolved%20Greenflash%20Sundown%20Exploit%20Kit.pdf
2019-07-01,ac7434961a98d0994f352e917c30b1bf118cbb7f,New Network Vermin from OceanLotus,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.01.OceanLotus_Ratsnif/New%20Network%20Vermin%20from%20OceanLotus.pdf
2019-07-03,b2d41d9df27085f0362d6ce402bd438191e44611,Multiple Chinese Threat Groups Exploiting CVE-2018-0798 Equation Editor Vulnerability Since Late 2018,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.03.Chinese_APT_CVE-2018-0798/Multiple%20Chinese%20Threat%20Groups%20Exploiting%20CVE-2018-0798%20Equation%20Editor%20Vulnerability%20Since%20Late%202018.pdf
2019-07-04,04da12e4c212bd727bc80d7fd34b99a99fbc01f0,Twas the night before,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.04.NewsBeef_APT/Twas%20the%20night%20before.pdf
2019-07-04,64aaf1f5805a05b764dce466e56b95d949384d3d,Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.04.TA505_Gelup_FlowerPippi/Latest%20Spam%20Campaigns%20from%20TA505%20Now%20Using%20New%20Malware%20Tools%20Gelup%20and%20FlowerPippi.pdf
2019-07-09,395d694e53af9f7d880ea552184d73da10113932,"Sea Turtle keeps on swimming, finds new victims, DNS hijacking techniques",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.09.SeaTurtle_swimming/Sea%20Turtle%20keeps%20on%20swimming%2C%20finds%20new%20victims%2C%20DNS%20hijacking%20techniques.pdf
2019-07-11,93a54e05256a696ca20d04ad96cac47ff217fe46,Buhtrap group uses zero‑day in latest espionage campaigns,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.11.Buhtrap_Group/Buhtrap%20group%20uses%20zero%E2%80%91day%20in%20latest%20espionage%20campaigns.pdf
2019-07-15,f70124b7928375bd7bcfaacfc82a3ce0c2f915b9,Comprehensive Threat Intelligence_ SWEED_ Exposing years of Agent Tesla campaigns,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.15.SWEED/Comprehensive%20Threat%20Intelligence_%20SWEED_%20Exposing%20years%20of%20Agent%20Tesla%20campaigns.pdf
2019-07-16,55126780b716d34c5c6008e532a90033d711b9ce,"SLUB Gets Rid of GitHub, Intensifies Slack Use",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.16.SLUB/SLUB%20Gets%20Rid%20of%20GitHub%2C%20Intensifies%20Slack%20Use.pdf
2019-07-18,ab5a3d917c59c67a94fde5589a312a8e6ad8226b,Hard Pass_ Declining APT34’s Invite to Join Their Professional Network,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.18.APT34_Hard_Pass/Hard%20Pass_%20Declining%20APT34%E2%80%99s%20Invite%20to%20Join%20Their%20Professional%20Network.pdf
2019-07-18,d1a406b5f3f4da0e835a7a2615a75c39dc97625e,Spam Campaign Targets Colombian Entities with Custom-made Proyecto RAT,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.18.Proyecto_RAT_Colombian/Spam%20Campaign%20Targets%20Colombian%20Entities%20with%20Custom-made%20Proyecto%20RAT.pdf
2019-07-24,a5d4f0b2aee94d71881c40b25ef7e195397c1238,Winnti_ Attacking the Heart of the German Industry,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.24.Winnti_German/Winnti_%20Attacking%20the%20Heart%20of%20the%20German%20Industry.pdf
2019-07-24,e4772882fe35af3650068b0665a2d12c24999e51,Resurgent Iron Liberty Targeting Energy Sector,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.24.Resurgent_Iron_Liberty/Resurgent%20Iron%20Liberty%20Targeting%20Energy%20Sector.pdf
2019-08-05,c7a8c2597269ab369b4f0527056f9bb13c65a2a6,blog_Sharpening the Machete,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.05.Sharpening_the_Machete/blog_Sharpening%20the%20Machete.pdf
2019-08-05,fd101f08963e1a83893fb0b6d4c9a87fa767366f,Latest Trickbot Campaign Delivered via Highly Obfuscated JS File ,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.05.Trickbot_Obfuscated_JS/Latest%20Trickbot%20Campaign%20Delivered%20via%20Highly%20Obfuscated%20JS%20File%20.pdf
2019-08-08,9ec45ba171c3e3e0553aa587c0ea245ee641e624,Suspected BITTER APT Continues Targeting Government of China and Chinese Organizations _ Anomali,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.08.BITTER_APT/Suspected%20BITTER%20APT%20Continues%20Targeting%20Government%20of%20China%20and%20Chinese%20Organizations%20_%20Anomali.pdf
2019-08-14,36044243987dace8e439a54a8d4fce6f3508126a,"In the Balkans, businesses are under fire from a double‑barreled weapon",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.14.Balkans_Campaign/In%20the%20Balkans%2C%20businesses%20are%20under%20fire%20from%20a%20double%E2%80%91barreled%20weapon.pdf
2019-08-27,07056592eb633d1fb9a42b38da28d3fd2fcc5c95,China Chopper still active 9 years later,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.27.China_Chopper/China%20Chopper%20still%20active%209%20years%20later.pdf
2019-08-27,588b19b571321e82e811aaf1179803da45f8c6cf,Cyber Threat Group LYCEUM Takes Center Stage in Middle East Campaign,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.27.LYCEUM_threat_group/Cyber%20Threat%20Group%20LYCEUM%20Takes%20Center%20Stage%20in%20Middle%20East%20Campaign.pdf
2019-08-27,9ced6cf135cc62446e18b0fb170b3b6fe8441047,TA505 At It Again_ Variety is the Spice of ServHelper and FlawedAmmyy,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.27.TA505_Again/TA505%20At%20It%20Again_%20Variety%20is%20the%20Spice%20of%20ServHelper%20and%20FlawedAmmyy.pdf
2019-08-27,b9e9c9068ccf57ff43360db27a1e992a313c7514,Malware analysis about sample of APT Patchwork,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.27.Patchwork_Malware_Analysis/Malware%20analysis%20about%20sample%20of%20APT%20Patchwork.pdf
2019-08-29,61ab7b454558c8b432bda47f784667aa11f5a074,SectorJ04 Group’s Increased Activity in 2019,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.29.SectorJ04_2019/SectorJ04%20Group%E2%80%99s%20Increased%20Activity%20in%202019.pdf
2019-08-29,bcbd65daf124728e6731e0decb7b4e01b64864dc,Heatstroke Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.29.Heatstroke_Campaign/Heatstroke%20Campaign%20Uses%20Multistage%20Phishing%20Attack%20to%20Steal%20PayPal%20and%20Credit%20Card%20Information.pdf
2019-09-04,8cde271eb5fe7b54b667ee88368518c7b2fdbacc,Glupteba Campaign Hits Network Routers and Updates C&C Servers with Data from Bitcoin Transactions,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.04.Glupteba_Campaign/Glupteba%20Campaign%20Hits%20Network%20Routers%20and%20Updates%20C%26C%20Servers%20with%20Data%20from%20Bitcoin%20Transactions.pdf
2019-09-05,5b6bccee4b358c195ea7d80c118d6e9a793f3ed7,UPSynergy_ Chinese-American Spy vs. Spy Story,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.05.UPSynergy/UPSynergy_%20Chinese-American%20Spy%20vs.%20Spy%20Story.pdf
2019-09-06,cf011cca773f812145c8e81d8f1bade04e716732,BITTER APT_ Not So Sweet,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.06.BITTER_APT_Not_So_Sweet/BITTER%20APT_%20Not%20So%20Sweet.pdf
2019-09-09,537bd87d34bbeab8077bb7e199475a9dffa9f58f,Thrip_ Ambitious Attacks Against High Level Targets Continue,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.09.Thrip/Thrip_%20Ambitious%20Attacks%20Against%20High%20Level%20Targets%20Continue.pdf
2019-09-11,a873e9f1ba1904911a92497f949b9b10c701d931,RANCOR APT_ Suspected targeted attacks against South East Asia,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.11.RANCOR_APT/RANCOR%20APT_%20Suspected%20targeted%20attacks%20against%20South%20East%20Asia.pdf
2019-09-18,1932e05dd6ba26e752fb89960c24fee7afe7a42b,Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.18.Magecart_Hotel_Chain_Booking/Magecart%20Skimming%20Attack%20Targets%20Mobile%20Users%20of%20Hotel%20Chain%20Booking%20Websites.pdf
2019-09-18,5d08b29ec4f76e1a6bce6d1507de01df1b188666,Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.18.Tortoiseshell-APT/Tortoiseshell%20Group%20Targets%20IT%20Providers%20in%20Saudi%20Arabia%20in%20Probable%20Supply%20Chain%20Attacks.pdf
2019-09-24,d1592835be4b0370146d53603f6eddd0681131a3,Mapping the connections inside Russia APT Ecosystem,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.24_Russia_APT_Ecosystem/Mapping%20the%20connections%20inside%20Russia%20APT%20Ecosystem.pdf
2019-09-24,e4129398913943732e62a603877b9bb70b998fd9,How Tortoiseshell created a fake veteran hiring website to host malware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.24_New_Tortoiseshell/How%20Tortoiseshell%20created%20a%20fake%20veteran%20hiring%20website%20to%20host%20malware.pdf
2019-09-26,4231fdbb3b27a90a81d25f8bd60bff7904e910f8,Chinese APT Hackers Attack Windows Users via FakeNarrator Malware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.26_China_APT_FakeNarrator_To_PcShare/Chinese%20APT%20Hackers%20Attack%20Windows%20Users%20via%20FakeNarrator%20Malware.pdf
2019-09-30,3b57873600b96e7474e6aa88f6c924dd81775b41,HELO Winnti_ Attack or Scan,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.30_HELO_Winnti/HELO%20Winnti_%20Attack%20or%20Scan.pdf
2019-10-01,095871915af386b3addb87036dfca584473b283c,New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.01.kovcoreg-malvertising-campaign/New%20Fileless%20Botnet%20Novter%20Distributed%20by%20KovCoreG%20Malvertising%20Campaign.pdf
2019-10-03,0c794545e8fa5eba2e1e806d9817b85ea12cdd88,PKPLUG_ Chinese Cyber Espionage Group Attacking Asia,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.03.PKPLUG/PKPLUG_%20Chinese%20Cyber%20Espionage%20Group%20Attacking%20Asia.pdf
2019-10-07,426093a99e7a45aa88da697cd1503fb3a5fd745d,"The Kittens Are Back in Town 2 - Charming Kitten Campaign Keeps Going on, Using New Impersonation Methods - ClearSky Cyber Security",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.07.Charming_Kitten_Back_in_Town_2/The%20Kittens%20Are%20Back%20in%20Town%202%20-%20Charming%20Kitten%20Campaign%20Keeps%20Going%20on%2C%20Using%20New%20Impersonation%20Methods%20-%20ClearSky%20Cyber%20Security.pdf
2019-10-07,d7541e81aea48ec49932896620416f0dd9f9dfde,"China-Based APT Mustang Panda Targets Minority Groups, Public and Private Sector Organizations",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.07.Panda_minority-groups/China-Based%20APT%20Mustang%20Panda%20Targets%20Minority%20Groups%2C%20Public%20and%20Private%20Sector%20Organizations.pdf
2019-10-09,9e96e893e70535aacbc087d16f73a909fd2602d9,FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.09_FIN6_Magecart/FIN6%20Compromised%20E-commerce%20Platform%20via%20Magecart%20to%20Inject%20Credit%20Card%20Skimmers%20Into%20Thousands%20of%20Online%20Shops.pdf
2019-10-14,eb99c745139bd6e46e81745dfd72e41325a02ad4,Is Emotet gang targeting companies with external SOC,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.14.Emotet_external_SOC/Is%20Emotet%20gang%20targeting%20companies%20with%20external%20SOC.pdf
2019-10-15,0511740e527c025858aa577e7b6b198f28e2a1ac,LOWKEY_ Hunting for the Missing Volume Serial ID,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.15.LOWKEY/LOWKEY_%20Hunting%20for%20the%20Missing%20Volume%20Serial%20ID.pdf
2019-10-21,7f98a609e1dcd3f69a822d3636c28f7a9e2dd105,Winnti Group’s skip‑2.0_ AMicrosoft SQL Server backdoor,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.21.Winnti_skip_2.0/Winnti%20Group%E2%80%99s%20skip%E2%80%912.0_%20A%C2%A0Microsoft%20SQL%20Server%20backdoor.pdf
2019-10-28,29d8473954434c405b838e895f2adfd734dd215b,SWEED Targeting Precision Engineering Companies in Italy,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.28_SWEED_Italy/SWEED%20Targeting%20Precision%20Engineering%20Companies%20in%20Italy.pdf
2019-10-31,cb3f46cb9def5b9bc1185e5fd60d390f77dc3834,MESSAGETAP_ Who’s Reading Your Text Messages,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.31.MESSAGETAP/MESSAGETAP_%20Who%E2%80%99s%20Reading%20Your%20Text%20Messages.pdf
2019-11-08,80b06f28ee5e364f47ca3a290b160b2de61bcc0f,Titanium_ the Platinum group strikes again,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.08_Titanium_Action_Platinum_group/Titanium_%20the%20Platinum%20group%20strikes%20again.pdf
2019-11-08,9d6dcfc9a673613fdafe7d967945a0a97308de19,Massive malicious campaign by FakeSecurity JS-sniffer,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.08_FakeSecurity_JS-sniffer/Massive%20malicious%20campaign%20by%20FakeSecurity%20JS-sniffer.pdf
2019-11-12,3836ed16ed8e861c19344558cb4bd40b6d3b6415,TA-505 Cybercrime on System Integrator Companies,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.12_TA-505_On_SI/TA-505%20Cybercrime%20on%20System%20Integrator%20Companies.pdf
2019-11-13,fe8df78646bee14a74f2f88f76bdda52a611f8b6,More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.13.APT33_Extreme%EF%BC%BFNarrow_Targeting/More%20than%20a%20Dozen%20Obfuscated%20APT33%20Botnets%20Used%20for%20Extreme%20Narrow%20Targeting.pdf
2019-11-20,cf1750865234a5840d529a498a5fa1107d79fe64,Mac Backdoor Linked to Lazarus Targets Korean Users,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.20.Mac_Lazarus/Mac%20Backdoor%20Linked%20to%20Lazarus%20Targets%20Korean%20Users.pdf
2019-11-21,f9ec0ec31ccab12f99b03f09a0882b3d30a3365a,"Registers as “Default Print Monitor”, but is a malicious downloader. Meet DePriMon",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.21.DePriMon/Registers%20as%20%E2%80%9CDefault%20Print%20Monitor%E2%80%9D%2C%20but%20is%20a%20malicious%20downloader.%20Meet%20DePriMon.pdf
2019-11-26,6226f5e623d80ddcce349e617498a339d78927d0,Insights from one year of tracking a polymorphic threat,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.26.Dexphot/Insights%20from%20one%20year%20of%20tracking%20a%20polymorphic%20threat.pdf
2019-11-28,27c033bcdacc4271b9bd9b08714026ad3832ac73,RevengeHotels_ cybercrime targeting hotel front desks worldwide,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.28.RevengeHotels/RevengeHotels_%20cybercrime%20targeting%20hotel%20front%20desks%20worldwide.pdf
2019-12-03,2e3173ba71b32d02b261f61e1194feccfd8ed085,Threat Actor Targeting Hong Kong Pro-Democracy Figures,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.03.Hong_Kong_Pro-Democracy/Threat%20Actor%20Targeting%20Hong%20Kong%20Pro-Democracy%20Figures.pdf
2019-12-04,843e820608adc7a51abb9a74a689d4c3bdb92d75,Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.04.KurdishCoder_Campaign/Obfuscation%20Tools%20Found%20in%20the%20Capesand%20Exploit%20Kit%20Possibly%20Used%20in%20%E2%80%9CKurdishCoder%E2%80%9D%20Campaign.pdf
2019-12-06,b1ec8d737865e2e7feba57c220bd62290a93ed67,Cosmic Banker campaign is still active revealing link with Banload malware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.06.Cosmic_Banker_campaign/Cosmic%20Banker%20campaign%20is%20still%20active%20revealing%20link%20with%20Banload%20malware.pdf
2019-12-11,322a9344111331462baab10d055d78f7055b3c4f,Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium ,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.1.Operation_WizardOpium/Chrome%200-day%20exploit%20CVE-2019-13720%20used%20in%20Operation%20WizardOpium%20.pdf
2019-12-11,69bf39301d6e5df6314314995c021963c7f18c94,Dropping Anchor_ From a TrickBot Infection to the Discovery of the Anchor Malware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.11_DROPPING_ANCHOR/Dropping%20Anchor_%20From%20a%20TrickBot%20Infection%20to%20the%20Discovery%20of%20the%20Anchor%20Malware.pdf
2019-12-11,f69b318bff05a1abc62c42a01b120a1e2e54d665,"Waterbear is Back, Uses API Hooking to Evade Security Product Detection",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.11.Waterbear_Back/Waterbear%20is%20Back%2C%20Uses%20API%20Hooking%20to%20Evade%20Security%20Product%20Detection.pdf
2019-12-12,54840544c79d24dace32a7a4caa8678036b4f7e7,GALLIUM_ Targeting global telecom,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.12.GALLIUM/GALLIUM_%20Targeting%20global%20telecom.pdf
2019-12-17,17c168147b6c7d7b313a6a014ae6bdb153e778e8,"Dacls, the Dual platform RAT",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.17.Dacls_RAT/Dacls%2C%20the%20Dual%20platform%20RAT.pdf
2019-12-17,c95263e812d3e831061753ff3d432e50b1c4c571,"CN_Dacls, the Dual platform RAT",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.17.Dacls_RAT/CN_Dacls%2C%20the%20Dual%20platform%20RAT.pdf
2019-12-17,e54539e7a87e229b70384bd20943c2afd689445c,Rancor_ Cyber Espionage Group Uses New Custom Malware to Attack Southeast Asia,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.17.Rancor/Rancor_%20Cyber%20Espionage%20Group%20Uses%20New%20Custom%20Malware%20to%20Attack%20Southeast%20Asia.pdf
2019-12-26,53ef5f11eca852b962543eb4c172ae012456be72,Targeting Portugal_ A new trojan 'Lampion' has spread using template emails from the Portuguese Government Finance & Tax,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.26.Trojan-Lampion/Targeting%20Portugal_%20A%20new%20trojan%20%27Lampion%27%20has%20spread%20using%20template%20emails%20from%20the%20Portuguese%20Government%20Finance%20%26%20Tax.pdf
2019-12-29,1a37382df05d162c04564b538f7bd0229f1f8e7e,BRONZE PRESIDENT Targets NGOs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.29_BRONZE_PRESIDENT_NGO/BRONZE%20PRESIDENT%20Targets%20NGOs.pdf
2020-01-06,0663cef97989f69df67f59cab5071d3b4ef742f1,"First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.06.SideWinder_Google_Play/First%20Active%20Attack%20Exploiting%20CVE-2019-2215%20Found%20on%20Google%20Play%2C%20Linked%20to%20SideWinder%20APT%20Group.pdf
2020-01-07,9df38c6e2d7d8347a0e922df462f20049f16a797,Iranian Cyber Response to Death of IRGC Head Would Likely Use Reported TTPs and Previous Access,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.07_Iranian_Cyber_Response/Iranian%20Cyber%20Response%20to%20Death%20of%20IRGC%20Head%20Would%20Likely%20Use%20Reported%20TTPs%20and%20Previous%20Access.pdf
2020-01-13,587a7a2e1f2251135b851ad40fdf13359efa9b63,Reviving MuddyC3 Used by MuddyWater (IRAN) APT,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.13.muddyc3.Revived/Reviving%20MuddyC3%20Used%20by%20MuddyWater%20%28IRAN%29%20APT.pdf
2020-01-16,59e37b1b95367583cc5cc181fee309b96f786fd0,JhoneRAT_ Cloud based python RAT targeting Middle Eastern countries,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.16.JhoneRAT/JhoneRAT_%20Cloud%20based%20python%20RAT%20targeting%20Middle%20Eastern%20countries.pdf
2020-01-31,33e67d5669920778611140f7b293a4d807de35e5,welivesecurity.com-Winnti Group targeting universities in Hong Kong,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.31.Winnti_universities_in_HK/welivesecurity.com-Winnti%20Group%20targeting%20universities%20in%20Hong%20Kong.pdf
2020-02-03,653171288c2d534959efd7c9060e178593465be9,Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.03.SharePoint_Vulnerability_Middle_East/Actors%20Still%20Exploiting%20SharePoint%20Vulnerability%20to%20Attack%20Middle%20East%20Government%20Organizations.pdf
2020-02-10,fad082e169f6f4bca710eef792f0711c6a9d98cc,"Outlaw Updates Kit to Kill Older Miner Versions, Targets More Systems",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.10_Outlaw_Updates/Outlaw%20Updates%20Kit%20to%20Kill%20Older%20Miner%20Versions%2C%20Targets%20More%20Systems.pdf
2020-02-13,b2c9a2d88fe19485808d261e58a2fca4dbbf27ed,"New Cyber Espionage Campaigns Targeting Palestinians - Part 2_ The Discovery of the New, Mysterious Pierogi Backdoor",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.13.PIEROGI_BACKDOOR_APT/New%20Cyber%20Espionage%20Campaigns%20Targeting%20Palestinians%20-%20Part%202_%20The%20Discovery%20of%20the%20New%2C%20Mysterious%20Pierogi%20Backdoor.pdf
2020-02-17,916b7687b6d0a73686f1515fe228b1c4ff95122a,CLAMBLING - A New Backdoor Base On Dropbox (EN),https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.17_CLAMBLING_Dropbox_Backdoor/CLAMBLING%20-%20A%20New%20Backdoor%20Base%20On%20Dropbox%20%28EN%29.pdf
2020-02-17,bead11e2acc0a0690136d7963bb52e8fd93bb80b,Cyberwarfare_ A deep dive into the latest Gamaredon Espionage Campaign,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.17.Cyberwarfare_Gamaredon_Campaign/Cyberwarfare_%20A%20deep%20dive%20into%20the%20latest%20Gamaredon%20Espionage%20Campaign.pdf
2020-02-22,e786a69583d446ea26e7151b0a534b539b7d5fc3,Weaponizing a Lazarus Group Implant,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.22_Lazarus_Group_Weaponizing/Weaponizing%20a%20Lazarus%20Group%20Implant.pdf
2020-03-03,79e7ff150be9c0d28ed50f410f2a3d682e172898,The North Korean Kimsuky APT keeps threatening South Korea evolving its TTPs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.03_Kimsuky_APT/The%20North%20Korean%20Kimsuky%20APT%20keeps%20threatening%20South%20Korea%20evolving%20its%20TTPs.pdf
2020-03-03,ec7d70f1abbdff4227a39b98306a490085cb5bf6,New Perl Botnet (Tuyul) Found with Possible Indonesian Attribution,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.03_Tuyul_Botnet_Indonesian/New%20Perl%20Botnet%20%28Tuyul%29%20Found%20with%20Possible%20Indonesian%20Attribution.pdf
2020-03-05,96d1ff403eb0306a6afce709bc54b16480635775,Guildma_ The Devil drives electric _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.05_Guildma/Guildma_%20The%20Devil%20drives%20electric%20_%20WeLiveSecurity.pdf
2020-03-05,ae511e37067348208579e7fcf8da0389626b2044,Dissecting Geost_ Exposing the Anatomy of the Android Trojan Targeting Russian Banks - TrendLabs Security Intelligence Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.05_Dissecting_Geost/Dissecting%20Geost_%20Exposing%20the%20Anatomy%20of%20the%20Android%20Trojan%20Targeting%20Russian%20Banks%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf
2020-03-10,865d88a8d0c6bf1dff0accd241bc1f06a7f22616,Who's Hacking the Hackers_ No Honor Among Thieves,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.10.WHO_HACKING_THE_HACKERS/Who%27s%20Hacking%20the%20Hackers_%20No%20Honor%20Among%20Thieves.pdf
2020-03-11,9fafe6bd3615077295cfb7cc07059df42e187c14,Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.11.Operation_Overtrap/Operation%20Overtrap%20Targets%20Japanese%20Online%20Banking%20Users%20Via%20Bottle%20Exploit%20Kit%20and%20Brand-New%20Cinobi%20Banking%20Trojan.pdf
2020-03-11,daa952eb7f9cd9f938255053657d4e8a9271d6c5,Tech Brief_Operation Overtrap Targets Japanese Online Banking Users,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.11.Operation_Overtrap/Tech%20Brief_Operation%20Overtrap%20Targets%20Japanese%20Online%20Banking%20Users.pdf
2020-03-12,40347605cbd5510bb0371309456dc1805780c368,Vicious Panda_ The COVID Campaign - Check Point Research,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.12_Vicious_Panda/Vicious%20Panda_%20The%20COVID%20Campaign%20-%20Check%20Point%20Research.pdf
2020-03-12,68b971b44c01fa3821825e239cf6b227673106ea,Tracking Turla_ New backdoor delivered via Armenian watering holes _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.12_Tracking_Turla/Tracking%20Turla_%20New%20backdoor%20delivered%20via%20Armenian%20watering%20holes%20_%20WeLiveSecurity.pdf
2020-03-15,ca7fb7c0312305d20e41bff716082169ff5f5a01,"APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT _ Malwarebytes Labs",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.15_APT36_Crimson_RAT/APT36%20jumps%20on%20the%20coronavirus%20bandwagon%2C%20delivers%20Crimson%20RAT%20_%20Malwarebytes%20Labs.pdf
2020-03-24,d71ad8ea9e4809433ec87615aafbc7e20e77b9a4,WildPressure targets industrial-related entities in the Middle East _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.24_WildPressure/WildPressure%20targets%20industrial-related%20entities%20in%20the%20Middle%20East%20_%20Securelist.pdf
2020-03-24,f516eade0319946e52c88ee6f44b01aa8e832fd2,Operation Poisoned News_ Hong Kong Users Targeted With Mobile Malware via Local News Links - TrendLabs Security Intelligence Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.24_Operation_Poisoned_News/Operation%20Poisoned%20News_%20Hong%20Kong%20Users%20Targeted%20With%20Mobile%20Malware%20via%20Local%20News%20Links%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf
2020-03-25,60cdab19b8f87a9d3b1aa0dde91f9cf945cbfb76,This IsNot a Test_ APT41 Initiates Global Intrusion Campaign Using Multiple Exploits _ FireEye Inc,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.25_APT41-initiates-global-intrusion-campaign/This%20Is%C2%A0Not%20a%20Test_%20APT41%20Initiates%20Global%20Intrusion%20Campaign%20Using%20Multiple%20Exploits%20_%20FireEye%20Inc.pdf
2020-04-07,f6199ae7db7a2adfc28fa8b751fec7a88639fca2,New Ursnif campaign_ a shift from PowerShell to Mshta,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.07_New_Ursnif_Campaign/New%20Ursnif%20campaign_%20a%20shift%20from%20PowerShell%20to%20Mshta.pdf
2020-04-15,2841ceea5cc8310669b24e4bba16f7bd9a1eb804,Nation-state Mobile Malware Targets Syrians with COVID-19 Lures,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.15_COVID-19_Lures_Syrians/Nation-state%20Mobile%20Malware%20Targets%20Syrians%20with%20COVID-19%20Lures.pdf
2020-04-16,3aeba28cf0cbea7e4f635139516e5a3ab0b3966e,White Ops _ Inside the Largest Connected TV Botnet Attack,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.16_ICEBUCKET_TV_Bot_Attack/White%20Ops%20_%20Inside%20the%20Largest%20Connected%20TV%20Botnet%20Attack.pdf
2020-04-16,a7ef251336a636626f97a4ebbedc6894c67481b4,"Exposing Modular Adware_ How DealPly, IsErIk, and ManageX Persist in Systems - TrendLabs Security Intelligence Blog",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.16_Exposing_Modular_Adware/Exposing%20Modular%20Adware_%20How%20DealPly%2C%20IsErIk%2C%20and%20ManageX%20Persist%20in%20Systems%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf
2020-04-17,ed8af7aaa54ed27c726f0ca8f2c9377b4dfd534e,Gamaredon APT Group Use Covid-19 Lure in Campaigns - TrendLabs Security Intelligence Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.17_Gamaredon_APT_Covid-19/Gamaredon%20APT%20Group%20Use%20Covid-19%20Lure%20in%20Campaigns%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf
2020-04-20,1936abcedd5c269851436ed6e042df7db8b618e1,WINNTI GROUP_ Insights From the Past,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.20_Winnti_from_the_past/WINNTI%20GROUP_%20Insights%20From%20the%20Past.pdf
2020-04-21,1df98e647d64ef01bdc29e2530e611effe5e895b,Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.21.evil-eye-threat-actor/Evil%20Eye%20Threat%20Actor%20Resurfaces%20with%20iOS%20Exploit%20and%20Updated%20Implant.pdf
2020-04-28,690050958d76252df27f19728b3608a3f9011a15,yoroi.company-Outlaw is Back a New Crypto-Botnet Targets European Organizations,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.28_Outlaw_is_Back/yoroi.company-Outlaw%20is%20Back%20a%20New%20Crypto-Botnet%20Targets%20European%20Organizations.pdf
2020-04-28,d72c4c798984d38fd23124d3c5adff2a0ac65262,Grandoreiro_ How engorged can an EXE get_ _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.28.Grandoreiro/Grandoreiro_%20How%20engorged%20can%20an%20EXE%20get_%20_%20WeLiveSecurity.pdf
2020-05-05,8f5591c1ec9f6b2911112c53dc551374a00b66c3,Nazar_ Spirits of the Past - Check Point Research,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.05.Nazar_APT/Nazar_%20Spirits%20of%20the%20Past%20-%20Check%20Point%20Research.pdf
2020-05-06,38e2947b2131a0e1cf3ac0868dad5f6c0c3a034e,Prevailion Blog_ Phantom in the Command Shell,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.06_Phantom_EVILNUM/Prevailion%20Blog_%20Phantom%20in%20the%20Command%20Shell.pdf
2020-05-11,b2eab25e33718c6f5114a4260c41b22d96938842,zscaler.com-Attack on Indian Government Financial Institutions,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.11.JsOutProx_RAT_Targeted_Attacks/zscaler.com-Attack%20on%20Indian%20Government%20Financial%20Institutions.pdf
2020-05-11,d0acc76ee3510cbde8145e5c7d83e42f8b863123,Updated BackConfig Malware Targeting Government and Military Organizations in South Asia,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.11_BackConfig_South_Asia/Updated%20BackConfig%20Malware%20Targeting%20Government%20and%20Military%20Organizations%20in%20South%20Asia.pdf
2020-05-13,efee6cb22f537f81daeba1c34ca6a42030567d2e,Ramsay_ A cyber‑espionage toolkit tailored for air‑gapped networks _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.13.Ramsay/Ramsay_%20A%20cyber%E2%80%91espionage%20toolkit%20tailored%20for%20air%E2%80%91gapped%20networks%20_%20WeLiveSecurity.pdf
2020-05-14,005000464a9f344017647ae24c95407f58b0187d,RATicate_ an attacker’s waves of information-stealing malware – Sophos News,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.RATicate/RATicate_%20an%20attacker%E2%80%99s%20waves%20of%20information-stealing%20malware%20%E2%80%93%20Sophos%20News.pdf
2020-05-14,0c2e280bc8a52ed683fa6e5c85d6bbea835ac067,COMpfun authors spoof visa application with HTTP status-based Trojan _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.COMpfun/COMpfun%20authors%20spoof%20visa%20application%20with%20HTTP%20status-based%20Trojan%20_%20Securelist.pdf
2020-05-14,16c81da78979a1a9feb92d07aadc89061cfea4d3,Mikroceen_ Spying backdoor leveraged in high‑profile networks in Central Asia _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.Mikroceen/Mikroceen_%20Spying%20backdoor%20leveraged%20in%20high%E2%80%91profile%20networks%20in%20Central%20Asia%20_%20WeLiveSecurity.pdf
2020-05-14,75e4bbb86baca9834df9a238120a9dcff82c2c46,APT Group Planted Backdoors Targeting High Profile Networks in Central Asia - Avast Threat Labs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.Central_Asia_APT/APT%20Group%20Planted%20Backdoors%20Targeting%20High%20Profile%20Networks%20in%20Central%20Asia%20-%20Avast%20Threat%20Labs.pdf
2020-05-14,e76e58648d529f7171fe87500cfe5b8ce2813e0b,Cybersecurity_ Tool leaks are very interesting occurrences in cyber security. _ Deutsche Telekom,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.LOLSnif/Cybersecurity_%20Tool%20leaks%20are%20very%20interesting%20occurrences%20in%20cyber%20security.%20_%20Deutsche%20Telekom.pdf
2020-05-19,1784a9f7457b052811e96d6467f1b6f32fa29a7a,Sophisticated Espionage Group Turns Attention to Telecom Providers in South Asia _ Symantec Blogs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.19.Greenbug_South_Asia/Sophisticated%20Espionage%20Group%20Turns%20Attention%20to%20Telecom%20Providers%20in%20South%20Asia%20_%20Symantec%20Blogs.pdf
2020-05-21,0953a87a680ee134d2a8eaedec907f5c27028f32,No “Game over” for the Winnti Group _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.21.No_Game_Over_Winnti/No%20%E2%80%9CGame%20over%E2%80%9D%20for%20the%20Winnti%20Group%20_%20WeLiveSecurity.pdf
2020-05-21,b2960938fa9e99613d211c440e2ee48c55c5648f,Intezer - The Evolution of APT15's Codebase 2020,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.21.APT15_Codebase_2020/Intezer%20-%20The%20Evolution%20of%20APT15%27s%20Codebase%202020.pdf
2020-06-03,5687700fffca8bb7c37d2ac6ea7b375916a4907b,Cycldek_ Bridging the (air) gap _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.03.Cycldek/Cycldek_%20Bridging%20the%20%28air%29%20gap%20_%20Securelist.pdf
2020-06-08,1c6623db3c2b89f3d02c27dbfe556fa16d2787a2,"GuLoader_ No, CloudEyE. - Check Point Research",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.08.GuLoader_CloudEyE/GuLoader_%20No%2C%20CloudEyE.%20-%20Check%20Point%20Research.pdf
2020-06-08,77eba65a1f4e631d789ce46a273cbbf91e03ea04,TA410_ The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware _ Proofpoint US,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.08.TA410/TA410_%20The%20Group%20Behind%20LookBack%20Attacks%20Against%20U.S.%20Utilities%20Sector%20Returns%20with%20New%20Malware%20_%20Proofpoint%20US.pdf
2020-06-11,07f675fbe36baae92e4ba5f2e87aeb80a9022b3a,Gamaredon group grows its game _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.11.Gamaredon_group/Gamaredon%20group%20grows%20its%20game%20_%20WeLiveSecurity.pdf
2020-06-11,d7eb46c7b708a6638eaec45c8707a7f171daef5a,New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa - TrendLabs Security Intelligence Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.11.Earth_Empusa/New%20Android%20Spyware%20ActionSpy%20Revealed%20via%20Phishing%20Attacks%20from%20Earth%20Empusa%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf
2020-06-15,e4c9189b12b624d00aebddce020dc21235824382,India_ Human Rights Defenders Targeted by a Coordinated Spyware Operation _ Amnesty International,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.15.india-human-rights-defenders-targeted/India_%20Human%20Rights%20Defenders%20Targeted%20by%20a%20Coordinated%20Spyware%20Operation%20_%20Amnesty%20International.pdf
2020-06-16,8eb01ca0fecc1b0f5ce51c40907e4299f6819d58,Cobalt tactics and tools update,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.16.Cobalt_Update/Cobalt%20tactics%20and%20tools%20update.pdf
2020-06-23,b31245aa28777ce928ce0325c7a77db3a42edc1a,WastedLocker_ A New Ransomware Variant Developed By The Evil Corp Group – NCC Group Research,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.23.WastedLocker_Evil_Corp_Group/WastedLocker_%20A%20New%20Ransomware%20Variant%20Developed%20By%20The%20Evil%20Corp%20Group%20%E2%80%93%20NCC%20Group%20Research.pdf
2020-06-25,6d040ce46d5e965b3307831e8e60e579f717b533,Leviathan APT campaign in 2020 Malaysian political crisis _ Elastic Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.25.Malaysian-focused-APT_campaign/Leviathan%20APT%20campaign%20in%202020%20Malaysian%20political%20crisis%20_%20Elastic%20Blog.pdf
2020-06-26,5e6cfc1c4120b7e4816fb45ed6d4df1716020c90,WastedLocker_ Symantec Identifies Wave of Attacks Against U.S. Organizations _ Symantec Blogs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.26_WastedLocker_Attack/WastedLocker_%20Symantec%20Identifies%20Wave%20of%20Attacks%20Against%20U.S.%20Organizations%20_%20Symantec%20Blogs.pdf
2020-06-29,fd80d881cea6a3b5f1c67d95e923993c5f54c56e,Talos Blog __ Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ PROMETHIUM extends global reach with StrongPity3 APT,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.29.PROMETHIUM_StrongPity3_APT/Talos%20Blog%20__%20Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20PROMETHIUM%20extends%20global%20reach%20with%20StrongPity3%20APT.pdf
2020-07-06,fd213cf3ad977d04889c1f4bf9d36023270f12fe,North Korean hackers are skimming US and European shoppers – Sansec,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.06_North_Korean_Magecart/North%20Korean%20hackers%20are%20skimming%20US%20and%20European%20shoppers%20%E2%80%93%20Sansec.pdf
2020-07-08,84838de308f10054250e737881e8882ed3115a9e,"Copy cat of APT Sidewinder _. In tweeter this weekend,@Timele9527… _ by Sebdraven _ Medium",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.08.Copy_Cat_of_Sidewinder/Copy%20cat%20of%20APT%20Sidewinder%20_.%20In%20tweeter%20this%20weekend%2C%40Timele9527%E2%80%A6%20_%20by%20Sebdraven%20_%20Medium.pdf
2020-07-08,9f8dda7367cccce4857167350a81827265457f12,Operation ‘Honey Trap’_ APT36 Targets Defense Organizations in India,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.08_Operation_Honey_Trap/Operation%20%E2%80%98Honey%20Trap%E2%80%99_%20APT36%20Targets%20Defense%20Organizations%20in%20India.pdf
2020-07-09,b2431a336059c7dca596d6f2195b08f084129dc6,More evil_ A deep look at Evilnum and its toolset _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.09_Evilnum_Toolset/More%20evil_%20A%20deep%20look%20at%20Evilnum%20and%20its%20toolset%20_%20WeLiveSecurity.pdf
2020-07-14,19cf361089a302524207249a3c86c2a390ce19a4,Turla _ Venomous Bear updates its arsenal_ _NewPass_ appears on the APT threat scene - Telsy,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.14_Turla_VENOMOUS_BEAR/Turla%20_%20Venomous%20Bear%20updates%20its%20arsenal_%20_NewPass_%20appears%20on%20the%20APT%20threat%20scene%20-%20Telsy.pdf
2020-07-14,555840514267ef3183af84b886b7e25da4bd41aa,Welcome Chat as a secure messaging app_ Nothing could be further from the truth _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.14_Molerats_Middle_East_APT/Welcome%20Chat%20as%20a%20secure%20messaging%20app_%20Nothing%20could%20be%20further%20from%20the%20truth%20_%20WeLiveSecurity.pdf
2020-07-22,11dec46f1e037a4be8fdb1c7308385776697b456,OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.22.OilRig_Middle_Eastern_Telecommunication/OilRig%20Targets%20Middle%20Eastern%20Telecommunications%20Organization%20and%20Adds%20Novel%20C2%20Channel%20with%20Steganography%20to%20Its%20Inventory.pdf
2020-07-29,9270d79d9568ff5effdec6b1bcdfae2b35122ee3,mcafee.com-Operation 노스 스타 North Star A Job Offer Thats Too Good to be True,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.29.Operation_North_Star/mcafee.com-Operation%20%EB%85%B8%EC%8A%A4%20%EC%8A%A4%ED%83%80%20North%20Star%20A%20Job%20Offer%20Thats%20Too%20Good%20to%20be%20True.pdf
2020-08-03,4fa97bcbbda216a683c7b1b4105870086422bc8a,MAR-10292089-1.v2 – Chinese Remote Access Trojan_ TAIDOOR _ CISA,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.03.TAIDOOR/MAR-10292089-1.v2%20%E2%80%93%20Chinese%20Remote%20Access%20Trojan_%20TAIDOOR%20_%20CISA.pdf
2020-08-10,0a1374273e78f5de1ee2df446cdfad6326cc09ff,Gorgon APT targeting MSME sector in India,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.10.Gorgon_APT/Gorgon%20APT%20targeting%20MSME%20sector%20in%20India.pdf
2020-08-12,4dd82280ab1b8286e7a15a6712d8aa51cea5717e,Internet Explorer and Windows zero-day exploits used in Operation PowerFall _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.12.Operation_PowerFall/Internet%20Explorer%20and%20Windows%20zero-day%20exploits%20used%20in%20Operation%20PowerFall%20_%20Securelist.pdf
2020-08-24,15d4cbcd158a1d481d50df98c0bab7c7320b9204,"Lifting the veil on DeathStalker, a mercenary triumvirate _ Securelist",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.24_DeathStalker/Lifting%20the%20veil%20on%20DeathStalker%2C%20a%20mercenary%20triumvirate%20_%20Securelist.pdf
2020-09-03,a61dd692af601982998502a3f199395a118ed59b,No Rest for the Wicked_ Evilnum Unleashes PyVil RAT,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.03.Evilnum_Pyvil/No%20Rest%20for%20the%20Wicked_%20Evilnum%20Unleashes%20PyVil%20RAT.pdf
2020-09-16,e31ec8645ecd065f317e9b6ac0f0e83849c1ecc9,Partners in crime_ North Koreans and elite Russian-speaking cybercriminals - Intel 471,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.16.Partners_in_crime/Partners%20in%20crime_%20North%20Koreans%20and%20elite%20Russian-speaking%20cybercriminals%20-%20Intel%20471.pdf
2020-09-22,e08daeb493b2dd368eaf56261dc50d1a320c1a54,APT28 Delivers Zebrocy Malware Campaign Using NATO Theme as Lure,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.22.APT28_Zebrocy_Malware_Campaign/APT28%20Delivers%20Zebrocy%20Malware%20Campaign%20Using%20NATO%20Theme%20as%20Lure.pdf
2020-09-24,b68432d09718bec3dcd78a55d09dc826f249f425,Microsoft Security—detecting empires in the cloud - Microsoft Security,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.24.Empires_in_the_Cloud/Microsoft%20Security%E2%80%94detecting%20empires%20in%20the%20cloud%20-%20Microsoft%20Security.pdf
2020-09-25,37b32bf2d55a94ac7991302ba9b19f19cd4ea4dc,"German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed _ Amnesty International",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.25.Finspy_in_Egypt/German-made%20FinSpy%20spyware%20found%20in%20Egypt%2C%20and%20Mac%20and%20Linux%20versions%20revealed%20_%20Amnesty%20International.pdf
2020-09-29,57e8d714b5d438ce9e92de0b265e73d7e9f44956,"Palmerworm_ Espionage Gang Targets the Media, Finance, and Other Sectors _ Symantec Blogs",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.29.Palmerworm/Palmerworm_%20Espionage%20Gang%20Targets%20the%20Media%2C%20Finance%2C%20and%20Other%20Sectors%20_%20Symantec%20Blogs.pdf
2020-09-29,964d1402954f35daa80c32477d96673bd3e8d9e3,2020.09.29_ShadowPad - new activity from the Winnti group,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.29_ShadowPad_-_new_activity_from_the_Winnti_group/2020.09.29_ShadowPad%20-%20new%20activity%20from%20the%20Winnti%20group.pdf
2020-09-30,c19c3cf6fc7f11ece1d8db1f0eaf19dd9017d91a,APT‑C‑23 group evolves its Android spyware _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.30.APT%E2%80%91C%E2%80%9123_Android/APT%E2%80%91C%E2%80%9123%20group%20evolves%20its%20Android%20spyware%20_%20WeLiveSecurity.pdf
2020-10-14,8406efff010535b5b3970c90f1c66c48cd42a334,Silent Librarian APT right on schedule for 20_21 academic year - Malwarebytes Labs _ Malwarebytes Labs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.14.Silent_Librarian_APT/Silent%20Librarian%20APT%20right%20on%20schedule%20for%2020_21%20academic%20year%20-%20Malwarebytes%20Labs%20_%20Malwarebytes%20Labs.pdf
2020-11-01,ff7e1ff5b450cfab95e1d2efeed6173e6f752658,cyberstanc.com-A look into APT36s Transparent Tribe tradecraft,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.01.Transparent_Tribe_APT/cyberstanc.com-A%20look%20into%20APT36s%20Transparent%20Tribe%20tradecraft.pdf
2020-11-02,060d5bead69abda2843568e023e2da9b79f30728,fireeye.com-Live off the Land How About Bringing Your Own Island An Overview of UNC1945,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.02.UNC1945/fireeye.com-Live%20off%20the%20Land%20How%20About%20Bringing%20Your%20Own%20Island%20An%20Overview%20of%20UNC1945.pdf
2020-11-12,0059d38480ba7bf97b0eca30fe489c3a41d8862e,"Hungry for data, ModPipe backdoor hits POS software used in hospitality sector _ WeLiveSecurity",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.12.ModPipe_POS_Hospitality-Sector/Hungry%20for%20data%2C%20ModPipe%20backdoor%20hits%20POS%20software%20used%20in%20hospitality%20sector%20_%20WeLiveSecurity.pdf
2020-11-12,e9f32f7b199787f8b8bb42c90054f2db6a1fee0f,Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ CRAT wants to plunder your endpoints,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.12.CRAT_Lazarus/Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20CRAT%20wants%20to%20plunder%20your%20endpoints.pdf
2020-11-16,5c1c65e34650e0d891d23fbf362a7f160db8fe67,TA505_ A Brief History Of Their Time – Fox-IT International blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.16.TA505_History/TA505_%20A%20Brief%20History%20Of%20Their%20Time%20%E2%80%93%20Fox-IT%20International%20blog.pdf
2020-11-23,680326f4ffb2f446f27f40fb66eaaae9fd0254fd,[S2W LAB] Analysis of Clop Ransomware suspiciously related to the Recent Incident (English),https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.23.Clop_Campaign/%5BS2W%20LAB%5D%20Analysis%20of%20Clop%20Ransomware%20suspiciously%20related%20to%20the%20Recent%20Incident%20%28English%29.pdf
2020-11-26,507f014ec7d5d00cdfe894e9f4a8e5d6363aa73f,Bandook_ Signed & Delivered - Check Point Research,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.26.Bandook/Bandook_%20Signed%20%26%20Delivered%20-%20Check%20Point%20Research.pdf
2020-11-27,ad2ea5b4d217a569389d450ff52aa167961484cb,Investigation with a twist_ an accidental APT attack and averted data destruction,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.27.Twist_APT27/Investigation%20with%20a%20twist_%20an%20accidental%20APT%20attack%20and%20averted%20data%20destruction.pdf
2020-11-30,15fe81e24bfbb3b20b2deddd8beeb6c137956a79,Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them - Microsoft Security,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.30.BISMUTH_CoinMiner/Threat%20actor%20leverages%20coin%20miner%20techniques%20to%20stay%20under%20the%20radar%20%E2%80%93%20here%E2%80%99s%20how%20to%20spot%20them%20-%20Microsoft%20Security.pdf
2020-11-30,5e45c51ac37f98d5a77773448007d5c2d47b28f6,yoroi.company-Shadows From the Past Threaten Italian Enterprises,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.30.UNC1945/yoroi.company-Shadows%20From%20the%20Past%20Threaten%20Italian%20Enterprises.pdf
2020-12-02,201269ab296c57608c21f5dc2db15738b73409da,Turla Crutch_ Keeping the “back door” open _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.02.Turla_Crutch/Turla%20Crutch_%20Keeping%20the%20%E2%80%9Cback%20door%E2%80%9D%20open%20_%20WeLiveSecurity.pdf
2020-12-07,13c7d3da1d1cec27f6bf4730227557837d0191da,The footprints of Raccoon_ a story about operators of JS-sniffer FakeSecurity distributing Raccoon stealer,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.07.FakeSecurity/The%20footprints%20of%20Raccoon_%20a%20story%20about%20operators%20of%20JS-sniffer%20FakeSecurity%20distributing%20Raccoon%20stealer.pdf
2020-12-09,5fbc6d29a61db83e0aaa5262e68751d0fc91aae7,"SideWinder Uses South Asian Issues for Spear Phishing, Mobile Attacks",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.09.SideWinder/SideWinder%20Uses%20South%20Asian%20Issues%20for%20Spear%20Phishing%2C%20Mobile%20Attacks.pdf
2020-12-09,731f807cbab23d94b4fb3b2fab99a2ff6ff0394a,Russian APT Uses COVID-19 Lures to Deliver Zebrocy - Intezer,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.09.Sofacy_APT/Russian%20APT%20Uses%20COVID-19%20Lures%20to%20Deliver%20Zebrocy%20-%20Intezer.pdf
2020-12-13,46758aa98959fdc1ae34dd3ef0ab1303879cc692,fireeye.com-Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With ,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.13.SolarWinds_Supply_Chain_SUNBURST_Backdoor/fireeye.com-Highly%20Evasive%20Attacker%20Leverages%20SolarWinds%20Supply%20Chain%20to%20Compromise%20Multiple%20Global%20Victims%20With%20.pdf
2020-12-16,75609cca39e6bd39390f11e23753c951fd5f0f7e,Mapping out AridViper Infrastructure Using Augury’s Malware Module – Team Cymru,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.16.AridViper_Augury/Mapping%20out%20AridViper%20Infrastructure%20Using%20Augury%E2%80%99s%20Malware%20Module%20%E2%80%93%20Team%20Cymru.pdf
2020-12-17,22d4bacae3cb4eda41d3b3ddf44843e8c5902db8,Operation SignSight_ Supply‑chain attack against a certification authority in Southeast Asia _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.17.Operation_SignSight/Operation%20SignSight_%20Supply%E2%80%91chain%20attack%20against%20a%20certification%20authority%20in%20Southeast%20Asia%20_%20WeLiveSecurity.pdf
2020-12-19,f1a02cdc30e256d40d50aa8939f9aa79313324b7,blog.vincss.net-RE018-1 Analyzing new malware of China Panda hacker group used to attack supply chain against Vietnam,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.19.Panda_Vietnam/blog.vincss.net-RE018-1%20Analyzing%20new%20malware%20of%20China%20Panda%20hacker%20group%20used%20to%20attack%20supply%20chain%20against%20Vietnam.pdf
2020-12-22,50fa2057d9ebe2ccb52a3d0bda82abf3ec5e8e2b,blog.truesec.com-Collaboration between FIN7 and the RYUK group a Truesec Investigation,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.22.FIN7_RYUK/blog.truesec.com-Collaboration%20between%20FIN7%20and%20the%20RYUK%20group%20a%20Truesec%20Investigation.pdf
2020-12-29,c16375fdd9f0f4b81b76df0c4f0d09967d040ab7,Revenge RAT targeting users in South America,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.29.Revenge_RAT/Revenge%20RAT%20targeting%20users%20in%20South%20America.pdf
2021-01-04,433f0b9bf25b149d226eee3c3405805cbcae3ad0,research.checkpoint.com-Stopping Serial Killer Catching the Next Strike,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.04.Dridex_Next_Strike/research.checkpoint.com-Stopping%20Serial%20Killer%20Catching%20the%20Next%20Strike.pdf
2021-01-05,425780581a76b844dce4c8817d1878171f138507,quointelligence.eu-ReconHellcat Uses NIST Theme as Lure To Deliver New BlackSoul Malware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.05.ReconHellcat_APT_BlackSoul_Malware/quointelligence.eu-ReconHellcat%20Uses%20NIST%20Theme%20as%20Lure%20To%20Deliver%20New%20BlackSoul%20Malware.pdf
2021-01-05,7ea2f0f7fad95346ee6624677767693dceca75ce,trendmicro.com-Earth Wendigo Injects JavaScript Backdoor for Mailbox Exfiltration,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.05.Earth_Wendigo_Mailbox_Exfiltration/trendmicro.com-Earth%20Wendigo%20Injects%20JavaScript%20Backdoor%20for%20Mailbox%20Exfiltration.pdf
2021-01-06,9dafe61a944ded91b92124368c6095997beaa6c3,blog.talosintelligence.com-A Deep Dive into Lokibot Infection Chain,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.06.Lokibot_Infection_Chain/blog.talosintelligence.com-A%20Deep%20Dive%20into%20Lokibot%20Infection%20Chain.pdf
2021-01-06,bdd99082714507efe1e61cb50369f0bcdf2f729f,blog.malwarebytes.com-Retrohunting APT37 North Korean APT used VBA self decode technique to inject RokRat,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.06.APT37_North_Korean_APT_RokRat/blog.malwarebytes.com-Retrohunting%20APT37%20North%20Korean%20APT%20used%20VBA%20self%20decode%20technique%20to%20inject%20RokRat.pdf
2021-01-08,2e84ade1e1bea56ea53967234f083557877053c8,Charming Kitten’s Christmas Gift - Certfa Lab,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.08.Charming_Kitten_Christmas_Gift/Charming%20Kitten%E2%80%99s%20Christmas%20Gift%20-%20Certfa%20Lab.pdf
2021-01-11,0749d18014ca22469e3ded51cbdca9f836e6f52b,SUNSPOT Malware A Technical Analysis,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.11.SUNSPOT/SUNSPOT%20Malware%20A%20Technical%20Analysis.pdf
2021-01-11,08046eda34296ae9856dbe879fa7529af2448279,crowdstrike.com-SUNSPOT An Implant in the Build Process,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2021.01.11.SUNSPOT/crowdstrike.com-SUNSPOT%20An%20Implant%20in%20the%20Build%20Process.pdf
2021-01-11,61a27be290976447f72c35a58fb1b76481b08adb,unit42.paloaltonetworks.com-xHunt Campaign New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2021.01.11.xHunt_Campaign/unit42.paloaltonetworks.com-xHunt%20Campaign%20New%20BumbleBee%20Webshell%20and%20SSH%20Tunnels%20Used%20for%20Lateral%20Movement.pdf
2021-01-11,9077800dc0e2dbbb57d9c9a90a3619c68d718b13,securelist.com-Sunburst backdoor code overlaps with Kazuar,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.11.Sunburst_Kazuar/securelist.com-Sunburst%20backdoor%20%20code%20overlaps%20with%20Kazuar.pdf
2021-01-11,d236226592ada17c3181d9c1eb42f6f6ca52f9bc,xHunt Campaign_ New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.11.xHunt_Campaign/xHunt%20Campaign_%20New%20BumbleBee%20Webshell%20and%20SSH%20Tunnels%20Used%20for%20Lateral%20Movement.pdf
2021-01-12,d5cf4e80ac62b5e17eaf837484b6e99c5a7e1c34,research.nccgroup.com-Abusing cloud services to fly under the radar,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.12.Abusing_cloud_services_Chimera/research.nccgroup.com-Abusing%20cloud%20services%20to%20fly%20under%20the%20radar.pdf
2021-01-12,e53b5732b76f4478577c591d9baec717e35adc3b,welivesecurity.com-Operation Spalax Targeted malware attacks in Colombia,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.12.Operation_Spalax/welivesecurity.com-Operation%20Spalax%20Targeted%20malware%20attacks%20in%20Colombia.pdf
2021-01-12,ec83db1b099ad2e211b9633f66ebed82f8bb93e5,yoroi.company-Opening STEELCORGI A Sophisticated APT Swiss Army Knife,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.12.STEELCORGI/yoroi.company-Opening%20STEELCORGI%20A%20Sophisticated%20APT%20Swiss%20Army%20Knife.pdf
2021-01-14,df2b0c38d578d431b4b112be019a28af408c96dd,ptsecurity.com-Higaisa or Winnti APT41 backdoors old and new,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.14.Higaisa_or_Winnti_APT41/ptsecurity.com-Higaisa%20or%20Winnti%20APT41%20backdoors%20old%20and%20new.pdf
2021-01-20,0aca0b66d032d240ffcc074bc43e57cefb835967,Commonly Known Tools Used by Lazarus - JPCERT_CC Eyes _ JPCERT Coordination Center official Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.20.Commonly_Known_Tools_Lazarus/Commonly%20Known%20Tools%20Used%20by%20Lazarus%20-%20JPCERT_CC%20Eyes%20_%20JPCERT%20Coordination%20Center%20official%20Blog.pdf
2021-01-20,9dfed529039907f4bb300d0281839de2de0a0058,A Deep Dive Into Patchwork APT Group _ Cyble,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.20.Deep_Dive_Patchwork/A%20Deep%20Dive%20Into%20Patchwork%20APT%20Group%20_%20Cyble.pdf
2021-01-25,701322599004ff14f9ec088b3b910f9e28c0eef7,A detailed analysis of ELMER Backdoor used by APT16 – CYBER GEEKS,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.25.APT16_Elmer_backdoor/A%20detailed%20analysis%20of%20ELMER%20Backdoor%20used%20by%20APT16%20%E2%80%93%20CYBER%20GEEKS.pdf
2021-02-01,1776a3f9f29651f6de2f458c0a14afb79c3bfb81,VinCSS Blog_ [RE020] ElephantRAT (Kunming version)_ our latest discovered RAT of Panda and the similarities with recently Smanager RAT,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.01.ElephantRAT/VinCSS%20Blog_%20%5BRE020%5D%20ElephantRAT%20%28Kunming%20version%29_%20our%20latest%20discovered%20RAT%20of%20Panda%20and%20the%20similarities%20with%20recently%20Smanager%20RAT.pdf
2021-02-01,2306d03d7e80ab6e90c753e55ed363904371a6ff,blog.vincss.net-RE020 ElephantRAT Kunming version our latest discovered RAT of Panda and the similarities with recent,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2021.02.01.ElephantRAT/blog.vincss.net-RE020%20ElephantRAT%20Kunming%20version%20our%20latest%20discovered%20RAT%20of%20Panda%20and%20the%20similarities%20with%20recent.pdf
2021-02-03,b075b3490db2935c09d7b942e2c1ae079cf0a29f,Hildegard_ New TeamTNT Malware Targeting Kubernetes,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.03.Hildegard/Hildegard_%20New%20TeamTNT%20Malware%20Targeting%20Kubernetes.pdf
2021-02-08,bcc2ff0e9e6bfbc5b2d54610dede3be8a49f1331,research.checkpoint.com-Domestic Kitten An Inside Look at the Iranian Surveillance Operations,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.08.Domestic_Kitten/research.checkpoint.com-Domestic%20Kitten%20%20An%20Inside%20Look%20at%20the%20Iranian%20Surveillance%20Operations.pdf
2021-02-09,cd98ff1cf9217495ce3ccc27c189298278841548,unit42.paloaltonetworks.com-BendyBear Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.09.BendyBear/unit42.paloaltonetworks.com-BendyBear%20Novel%20Chinese%20Shellcode%20Linked%20With%20Cyber%20Espionage%20Group%20BlackTech.pdf
2021-02-10,f44953a930898e647b8220eec076c1274ca34851,Novel Confucius APT Android Spyware Linked to India-Pakistan Conflict,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.10.Confucius_India-Pakistan/Novel%20Confucius%20APT%20Android%20Spyware%20Linked%20to%20India-Pakistan%20Conflict.pdf
2021-02-17,4b91d90ea50514d038257a729599bddfa7a16bbb,Confucius APT Android Spyware Targets Pakistani and Other South Asian Regions — Cyble,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.17.Confucius_Pakistani_South_Asian/Confucius%20APT%20Android%20Spyware%20Targets%20Pakistani%20and%20Other%20South%20Asian%20Regions%20%E2%80%94%20Cyble.pdf
2021-02-17,7f777067bb7c374bc58a37819c510788819ab46c,cybleinc.com-Confucius APT Android Spyware Targets Pakistani and Other South Asian Regions,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2021.02.17.Confucius_Pakistani_South_Asian/cybleinc.com-Confucius%20APT%20Android%20Spyware%20Targets%20Pakistani%20and%20Other%20South%20Asian%20Regions.pdf
2021-02-22,98742dcad26eb4051bba977be4fe8bd6c6b140b1,research.checkpoint.com-The Story of Jian How APT31 Stole and Used an Unknown Equation Group 0-Day,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.22.APT31_Equation_Group/research.checkpoint.com-The%20Story%20of%20Jian%20%20How%20APT31%20Stole%20and%20Used%20an%20Unknown%20Equation%20Group%200-Day.pdf
2021-02-24,aad302df572c61e3f31f09ceac912cc6b4cf2e9f,amnesty.org-Click and Bait Vietnamese Human Rights Defenders Targeted with Spyware Attacks,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.24.Click_and_Bait/amnesty.org-Click%20and%20Bait%20Vietnamese%20Human%20Rights%20Defenders%20Targeted%20with%20Spyware%20Attacks.pdf
2021-02-25,6a688916cf8672f92df48613cd092add20cb383d,proofpoint.com-TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organiz,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.25.TA413_FriarFox/proofpoint.com-TA413%20Leverages%20New%20FriarFox%20Browser%20Extension%20to%20Target%20the%20Gmail%20Accounts%20of%20Global%20Tibetan%20Organiz.pdf
2021-03-02,71b7670f7c8e59dbaea64acb39a796862c6b05c1,Operation Exchange Marauder_ Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities _ Volexity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.02.Operation_Exchange_Marauder/Operation%20Exchange%20Marauder_%20Active%20Exploitation%20of%20Multiple%20Zero-Day%20Microsoft%20Exchange%20Vulnerabilities%20_%20Volexity.pdf
2021-03-02,ecc7718e285eba15ee5c9d610dc10fed75227bf3,HAFNIUM targeting Exchange Servers with 0-day exploits - Microsoft Security,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.02.HAFNIUM_APT/HAFNIUM%20targeting%20Exchange%20Servers%20with%200-day%20exploits%20-%20Microsoft%20Security.pdf
2021-03-10,b2470335bf38bddcffac494b053edf80751d74d9,Linux Backdoor RedXOR Likely Operated by Chinese Nation-State,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.10.RedXOR/Linux%20Backdoor%20RedXOR%20Likely%20Operated%20by%20Chinese%20Nation-State.pdf
2021-03-30,6da3d044daff6bb24ef18b3e013b1f17c3548dbf,BadBlood_ TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns _ Proofpoint US,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.30.BadBlood_TA453/BadBlood_%20TA453%20Targets%20US%20and%20Israeli%20Medical%20Research%20Personnel%20in%20Credential%20Phishing%20Campaigns%20_%20Proofpoint%20US.pdf
2021-04-06,6de388bbce11428b2491f5c5de501303b50770ce,Threat Group Uses Voice Changing Software in Espionage Attempt - Cado Security _ Cloud Native Digital Forensics,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.06.APT-C-23_Voice_Changing/Threat%20Group%20Uses%20Voice%20Changing%20Software%20in%20Espionage%20Attempt%20-%20Cado%20Security%20_%20Cloud%20Native%20Digital%20Forensics.pdf
2021-04-07,865a943119a51537413db6f558af76559237a1ee,Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ Sowing Discord_ Reaping the benefits of collaboration app abuse,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.07.Sowing_Discord/Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20Sowing%20Discord_%20Reaping%20the%20benefits%20of%20collaboration%20app%20abuse.pdf
2021-04-08,358418d6665af6173055b08fad48e56540c50190,Iran’s APT34 Returns with an Updated Arsenal - Check Point Research,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.08.APT34_Returns/Iran%E2%80%99s%20APT34%20Returns%20with%20an%20Updated%20Arsenal%20-%20Check%20Point%20Research.pdf
2021-04-08,fa51e4fc31413cc11e93b0245b93dc0dd36b07ce,"(Are you) afreight of the dark_ Watch out for Vyveva, new Lazarus backdoor _ WeLiveSecurity",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.08.Vyveva_Lazarus/%28Are%20you%29%20afreight%20of%20the%20dark_%20Watch%20out%20for%20Vyveva%2C%20new%20Lazarus%20backdoor%20_%20WeLiveSecurity.pdf
2021-04-09,01d5f589f56547de69752f135d32c6723a4b3055,Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.09.Iron_Tiger_SysUpdate/Iron%20Tiger%20APT%20Updates%20Toolkit%20With%20Evolved%20SysUpdate%20Malware.pdf
2021-04-13,5cac1187b758faac5a0874c199b4ff928590b8ed,"eSentire _ Hackers Flood the Web with 100,000 Malicious Pages,…",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.13.Hackers_Flood/eSentire%20_%20Hackers%20Flood%20the%20Web%20with%20100%2C000%20Malicious%20Pages%2C%E2%80%A6.pdf
2021-04-13,61cbc94ba10fa02aa103a45c681a5cf52c74b402,Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.13.CVE-2021-28310_APT/Zero-day%20vulnerability%20in%20Desktop%20Window%20Manager%20%28CVE-2021-28310%29%20used%20in%20the%20wild%20_%20Securelist.pdf
2021-04-23,c6737d903675ae6e4ae9531ee6dab7b1a0cd3126,APT35 ‘Charming Kitten' discovered in a pre-infected environment _ Blog _ Darktrace,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.23.Charming_Kitten/APT35%20%E2%80%98Charming%20Kitten%27%20discovered%20in%20a%20pre-infected%20environment%20_%20Blog%20_%20Darktrace.pdf
2021-04-27,e89c63fb8f2b2e868b4e3159ae6a70671399e48e,Lazarus Group Recruitment_ Threat Hunters vs Head Hunters,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.27.Lazarus_Group_Recruitment/Lazarus%20Group%20Recruitment_%20Threat%20Hunters%20vs%20Head%20Hunters.pdf
2021-04-28,4847ac85009d57c2f3b32022f5da496afbe97663,Water Pamola Attacked Online Shops Via Malicious Orders,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.28.Water_Pamola/Water%20Pamola%20Attacked%20Online%20Shops%20Via%20Malicious%20Orders.pdf
2021-05-01,cbf2c8b08c7445c3b7dfbbb4d2d07b5ce1b6d709,MuddyWater Binder Project Part 1,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.01.MuddyWater_Binder_1/MuddyWater%20Binder%20Project%20Part%201.pdf
2021-05-07,54e368656f8c1ec2ea9279668731bc1563ac0c93,Advisory Further TTPs associated with SVR cyber actors,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.07.SVR_TTPs/Advisory%20Further%20TTPs%20associated%20with%20SVR%20cyber%20actors.pdf
2021-05-07,c09e4404fe00745c657cdbdaf5b1b65d3cf11403,MuddyWater Binder Project Part 2,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.07.MuddyWater_Binder_2/MuddyWater%20Binder%20Project%20Part%202.pdf
2021-05-13,ec6a5ea95cca0fdb10be0bfbd44c95b2e2ad12a4,blog.talosintelligence.com-Transparent Tribe APT expands its Windows malware arsenal,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.13.Transparent_Tribe_APT/blog.talosintelligence.com-Transparent%20Tribe%20APT%20expands%20its%20Windows%20malware%20arsenal.pdf
2021-05-27,714b97855b6bca61266ae5a43f01443c5ab49570,New sophisticated email-based attack from NOBELIUM - Microsoft Security,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.27.NOBELIUM_New/New%20sophisticated%20email-based%20attack%20from%20NOBELIUM%20-%20Microsoft%20Security.pdf
2021-05-28,158c584a037e8a315ce4089356c213174c46baf4,Breaking down NOBELIUM’s latest early-stage toolset - Microsoft Security,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.28.NOBELIUM_toolset/Breaking%20down%20NOBELIUM%E2%80%99s%20latest%20early-stage%20toolset%20-%20Microsoft%20Security.pdf
2021-06-03,06d0aec6c9a8aa4ef0a72f17d82006471f34d427,SharpPanda_ Chinese APT Group Targets Southeast Asian Government With Previously Unknown Backdoor - Check Point Research,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.06.03.SharpPanda_APT/SharpPanda_%20Chinese%20APT%20Group%20Targets%20Southeast%20Asian%20Government%20With%20Previously%20Unknown%20Backdoor%20-%20Check%20Point%20Research.pdf
2021-06-08,ac0591591ca8eabd198c118d307d5626e635c0dc,PuzzleMaker attacks with Chrome zero-day exploit chain _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.06.08.PuzzleMaker_APT/PuzzleMaker%20attacks%20with%20Chrome%20zero-day%20exploit%20chain%20_%20Securelist.pdf
2021-06-16,3ef10b0ab15e09aa93d78ade0cdc1d316b4849c2,Ferocious Kitten_ 6 years of covert surveillance in Iran _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.06.16.Ferocious_Kitten/Ferocious%20Kitten_%206%20years%20of%20covert%20surveillance%20in%20Iran%20_%20Securelist.pdf
2021-07-01,1e0588628d0a59185f79dcd422a3c0b9e0ec4a19,IndigoZebra APT continues to attack Central Asia with evolving tools - Check Point Research,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.01.IndigoZebra_APT/IndigoZebra%20APT%20continues%20to%20attack%20Central%20Asia%20with%20evolving%20tools%20-%20Check%20Point%20Research.pdf
2021-07-05,592860ae544200835fbe47e24e2f8120260064f6,Tracking Cobalt Strike_ A Trend Micro Vision One Investigation,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.05.cobalt_strike_tracking/Tracking%20Cobalt%20Strike_%20A%20Trend%20Micro%20Vision%20One%20Investigation.pdf
2021-07-06,47b5872e770ab60fbb0567c160ebd2fd71de9d5a,Lazarus campaign TTPs and evolution _ AT&T Alien Labs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.06.Lazarus_TTPs_evolution/Lazarus%20campaign%20TTPs%20and%20evolution%20_%20AT%26T%20Alien%20Labs.pdf
2021-07-09,134f2e202dfedcb1bc0cf378237b52aebfdf6bce,BIOPASS RAT New Malware Sniffs Victims via Live Streaming,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.09.BIOPASS_RAT/BIOPASS%20RAT%20New%20Malware%20Sniffs%20Victims%20via%20Live%20Streaming.pdf
2021-07-12,c8c216936ab67e42fe240e50ae1e0edb42c445c9,#NoFilter_ Exposing the Tactics of Instagram Account Hackers,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.12.NoFilter/%23NoFilter_%20Exposing%20the%20Tactics%20of%20Instagram%20Account%20Hackers.pdf
2021-07-14,4929da9c7a9f48feec74f9e95942cc4bcae558e1,How we protect users from 0-day attacks,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.14.Candiru_0Day/How%20we%20protect%20users%20from%200-day%20attacks.pdf
2021-07-26,1d8afcb0a27dd36ac103ce50236577d9b066b01c,FM 3-12 Cyberspace Operations and Electromagnetic Warfare 20,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/FM%203-12%20Cyberspace%20Operations%20and%20Electromagnetic%20Warfare%2020.pdf
2021-07-27,742607b5902b16a84a818c26fa5c7919d7642639,THOR_ Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.27.THOR_PKPLUG_Group/THOR_%20Previously%20Unseen%20PlugX%20Variant%20Deployed%20During%20Microsoft%20Exchange%20Server%20Attacks%20by%20PKPLUG%20Group.pdf
2021-07-28,6fa5641b366ea3cb82097902227cd9a6c2682607,I Knew You Were Trouble_ TA456 Targets Defense Contractor with Alluring Social Media Persona _ Proofpoint US,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.28.TA456/I%20Knew%20You%20Were%20Trouble_%20TA456%20Targets%20Defense%20Contractor%20with%20Alluring%20Social%20Media%20Persona%20_%20Proofpoint%20US.pdf
2021-08-03,11ceeb439a68322cf4e558528e7c1c1c07650b26,DeadRinger_ Exposing Chinese Threat Actors Targeting Major Telcos,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.03.DeadRinger/DeadRinger_%20Exposing%20Chinese%20Threat%20Actors%20Targeting%20Major%20Telcos.pdf
2021-08-03,836d38706da0649008cfec7363adb8afdd865e65,"APT31 new dropper. Target destinations_ Mongolia, Russia, the U.S., and elsewhere",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.03.APT31_new_dropper/APT31%20new%20dropper.%20Target%20destinations_%20Mongolia%2C%20Russia%2C%20the%20U.S.%2C%20and%20elsewhere.pdf
2021-08-03,baeb67b65db49abaa6006edff1ab3c2027f6646a,A step-by-step analysis of the new malware used by APT28_Sofacy called SkinnyBoy – CYBER GEEKS,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.03.SKINNYBOY/A%20step-by-step%20analysis%20of%20the%20new%20malware%20used%20by%20APT28_Sofacy%20called%20SkinnyBoy%20%E2%80%93%20CYBER%20GEEKS.pdf
2021-08-03,f75539e7eea8d63a92a7c27b1bc5ba7f36cb73c7,The Art of Cyberwarfare,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.03.Chinese_APTs_attackRussia/The%20Art%20of%20Cyberwarfare.pdf
2021-08-09,a1c41f7fdb6f7c8fb6b716eadb1ed38acc825e56,Cinobi Banking Trojan Targets Users of Cryptocurrency Exchanges with New Malvertising Campaign,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.09.Cinobi_Banking_Trojan/Cinobi%20Banking%20Trojan%20Targets%20Users%20of%20Cryptocurrency%20Exchanges%20with%20New%20Malvertising%20Campaign.pdf
2021-08-10,543a366fa1fa63ff8f723bacbdd87cc8fb645c15,UNC215_ Spotlight on a Chinese Espionage Campaign in Israel _ FireEye Inc,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.10.UNC215_Chinese_Israel/UNC215_%20Spotlight%20on%20a%20Chinese%20Espionage%20Campaign%20in%20Israel%20_%20FireEye%20Inc.pdf
2021-08-12,cd1679b297d1649491047771ba3a048192e577c7,Uncovering Tetris – a Full Surveillance Kit Running in your Browser – imp0rtp3,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.12.Full-Surveillance-Kit-China/Uncovering%20Tetris%20%E2%80%93%20a%20Full%20Surveillance%20Kit%20Running%20in%20your%20Browser%20%E2%80%93%20imp0rtp3.pdf
2021-08-14,757ef48a54cef102a118185232edaf29063efa2d,Indra — Hackers Behind Recent Attacks on Iran - Check Point Research,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.14.Indra_Iran/Indra%20%E2%80%94%20Hackers%20Behind%20Recent%20Attacks%20on%20Iran%20-%20Check%20Point%20Research.pdf
2021-08-17,0ac0607c1ca7b3c37963078ca00d7b42678b7bdb,volexity.com-North Korean APT InkySquid Infects Victims Using Browser Exploits,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.17.NK_APT_InkySquid/volexity.com-North%20Korean%20APT%20InkySquid%20Infects%20Victims%20Using%20Browser%20Exploits.pdf
2021-08-17,8aa09365daf1885aba46f3f46d07582ae06754d9,Confucius Uses Pegasus Spyware-related Lures to Target Pakistani Military,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.17.Confucius_Pegasus/Confucius%20Uses%20Pegasus%20Spyware-related%20Lures%20to%20Target%20Pakistani%20Military.pdf
2021-08-24,82faf0f8be075ee1f3efaba5089fd9962328811f,volexity.com-North Korean BLUELIGHT Special InkySquid Deploys RokRAT,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.24.NK_APT_InkySquid_RokRAT/volexity.com-North%20Korean%20BLUELIGHT%20Special%20InkySquid%20Deploys%20RokRAT.pdf
2021-09-02,1eb5501d5d7378576a757794de2b1731cedfca98,North Korean Cyberattacks A Dangerous and Evolving Threat 2,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/North%20Korean%20Cyberattacks%20%20A%20Dangerous%20and%20Evolving%20Threat%202.pdf
2021-09-08,7d10596b5dd3375e6100b3370438a9fb9dc8e7a8,"Pro-PRC Influence Campaign Expands to Dozens of Social Media Platforms, Websites, and Forums in at Least Seven Languages, Attempted to Physically Mobilize Protesters in the U.S. _ FireEye Inc",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.09.08.Pro-PRC_Campaign/Pro-PRC%20Influence%20Campaign%20Expands%20to%20Dozens%20of%20Social%20Media%20Platforms%2C%20Websites%2C%20and%20Forums%20in%20at%20Least%20Seven%20Languages%2C%20Attempted%20to%20Physically%20Mobilize%20Protesters%20in%20the%20U.S.%20_%20FireEye%20Inc.pdf
2021-09-13,2e715005ca1bc480ffaf2a75a4bfc1651c3fb015,APT-C-36 Updates Its Long-term Spam Campaign Against South American Entities With Commodity RATs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.09.13.APT-C-36_South_American/APT-C-36%20Updates%20Its%20Long-term%20Spam%20Campaign%20Against%20South%20American%20Entities%20With%20Commodity%20RATs.pdf
2021-09-14,f6800cab68f7c1b95614a48cacd45ec079c32bd9,Operation ‘Harvest’_ A Deep Dive into a Long-term Campaign _ McAfee Blogs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.09.14.Operation_Harvest/Operation%20%E2%80%98Harvest%E2%80%99_%20A%20Deep%20Dive%20into%20a%20Long-term%20Campaign%20_%20McAfee%20Blogs.pdf
2021-10-04,b29056a7d71a0119d0296a203efe53692c584726,Malware Gh0stTimes Used by BlackTech - JPCERT_CC Eyes _ JPCERT Coordination Center official Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.04.Gh0stTimes_BlackTech/Malware%20Gh0stTimes%20Used%20by%20BlackTech%20-%20JPCERT_CC%20Eyes%20_%20JPCERT%20Coordination%20Center%20official%20Blog.pdf
2021-10-05,c838b993057ccdeb6cbfa25d879f891e995d1a2e,UEFI threats moving to the ESP_ Introducing ESPecter bootkit _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.05.ESPecter_bootkit/UEFI%20threats%20moving%20to%20the%20ESP_%20Introducing%20ESPecter%20bootkit%20_%20WeLiveSecurity.pdf
2021-10-06,bab9bb00d8257cc19a6053d24e649884cebcec3a,Operation GhostShell_ Novel RAT Targets Global Aerospace and Telecoms Firms,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.06.Operation_GhostShell/Operation%20GhostShell_%20Novel%20RAT%20Targets%20Global%20Aerospace%20and%20Telecoms%20Firms.pdf
2021-10-12,01a8aab8c3dae6852f09ec151cf7afb6d1cfcc77,MysterySnail attacks with Windows zero-day _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.12.MysterySnail/MysterySnail%20attacks%20with%20Windows%20zero-day%20_%20Securelist.pdf
2021-10-14,3e9e42157b00624ac9d5537837bc12139694be04,Analyzing Email Services Abused for Business Email Compromise,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.14.BEC_groups/Analyzing%20Email%20Services%20Abused%20for%20Business%20Email%20Compromise.pdf
2021-10-18,a23d0adf9427966cbd9a55d0d7a34b1046d1cd1e,Harvester_ Nation-state-backed group uses new toolset to target victims in South Asia _ Symantec Blogs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.18.Harvester_South_Asia/Harvester_%20Nation-state-backed%20group%20uses%20new%20toolset%20to%20target%20victims%20in%20South%20Asia%20_%20Symantec%20Blogs.pdf
2021-10-19,2e682dca2ba1ed2bf2ac50d0d07f22c9b6bb0359,"Whatta TA_ TA505 Ramps Up Activity, Delivers New FlawedGrace Variant _ Proofpoint US",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.19.TA505_New_FlawedGrace/Whatta%20TA_%20TA505%20Ramps%20Up%20Activity%2C%20Delivers%20New%20FlawedGrace%20Variant%20_%20Proofpoint%20US.pdf
2021-10-19,dfa5c713e19a1e537fb24955675433f4c22b3b05,PurpleFox Adds New Backdoor That Uses WebSockets,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.19.PurpleFox/PurpleFox%20Adds%20New%20Backdoor%20That%20Uses%20WebSockets.pdf
2021-10-26,4ef2ac990d902dd57573c84d2a9e32073419be36,Malware WinDealer used by LuoYu Attack Group - JPCERT_CC Eyes _ JPCERT Coordination Center official Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.26.WinDealer_LuoYu_Group/Malware%20WinDealer%20used%20by%20LuoYu%20Attack%20Group%20-%20JPCERT_CC%20Eyes%20_%20JPCERT%20Coordination%20Center%20official%20Blog.pdf
2021-11-11,ac3bc9d76279d5e7f01938bc9f93086aa946ddf0,Analyzing a watering hole campaign using macOS exploits,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.11.watering_hole_macOS_exploits/Analyzing%20a%20watering%20hole%20campaign%20using%20macOS%20exploits.pdf
2021-11-15,423f5a4c910cbb9c0c31136fa8ffbbf9dcafd0e2,FINDING BEACONS IN THE DARK 1650728751599,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/FINDING%20BEACONS%20IN%20THE%20DARK%201650728751599.pdf
2021-11-16,1f6daa02e5a9289aae807988f9f4dc3248fac1fb,Strategic web compromises in the Middle East with a pinch of Candiru _ WeLiveSecurity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.16.Pinch_of_Candiru/Strategic%20web%20compromises%20in%20the%20Middle%20East%20with%20a%20pinch%20of%20Candiru%20_%20WeLiveSecurity.pdf
2021-11-16,b2e4b4c6640dcfb1be4198cff0caee607843c149,"UNC1151 Assessed with High Confidence to have Links to Belarus, Ghostwriter Campaign Aligned with Belarusian Government Interests _ Mandiant",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.16.UNC1151/UNC1151%20Assessed%20with%20High%20Confidence%20to%20have%20Links%20to%20Belarus%2C%20Ghostwriter%20Campaign%20Aligned%20with%20Belarusian%20Government%20Interests%20_%20Mandiant.pdf
2021-12-07,8d9d36d5a0f7e1b3367f0058888e59aae58ff855,FIN13_ A Cybercriminal Threat Actor Focused on Mexico _ Mandiant,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.12.07.FIN13/FIN13_%20A%20Cybercriminal%20Threat%20Actor%20Focused%20on%20Mexico%20_%20Mandiant.pdf
2022-01-20,5430c0dc9b0469443f1725e7e8a42febadb0b31b,MoonBounce_ the dark side of UEFI firmware _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.20.MoonBounce/MoonBounce_%20the%20dark%20side%20of%20UEFI%20firmware%20_%20Securelist.pdf
2022-01-25,08fff1030cceb4ca9a10bf788cf477017a5bae9c,Prime Minister’s Office Compromised_ Details of Recent Espionage Campaign,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.25.Prime_Minister_Compromised/Prime%20Minister%E2%80%99s%20Office%20Compromised_%20Details%20of%20Recent%20Espionage%20Campaign.pdf
2022-01-27,2bdc78b3bc56515322135f0dc78c058db89ef411,"North Korea's Lazarus APT leverages Windows Update client, GitHub in latest campaign _ Malwarebytes Labs",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.27.Lazarus_APT/North%20Korea%27s%20Lazarus%20APT%20leverages%20Windows%20Update%20client%2C%20GitHub%20in%20latest%20campaign%20_%20Malwarebytes%20Labs.pdf
2022-01-31,e58ce98ef061a0c2dd538e2fe1cc6dc9df402285,"Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.31.MuddyWater_Turkish/Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20Iranian%20APT%20MuddyWater%20targets%20Turkish%20users%20via%20malicious%20PDFs%2C%20executables.pdf
2022-02-01,34ba9f0c1b7b234a95ae5d96fc574e97551a9b85,PowerLess Trojan_ Iranian APT Phosphorus Adds New PowerShell Backdoor for Espionage,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.02.01.Phosphorus_APT/PowerLess%20Trojan_%20Iranian%20APT%20Phosphorus%20Adds%20New%20PowerShell%20Backdoor%20for%20Espionage.pdf
2022-02-03,5c32c243e75a98bcbff60ec9678f6c4eb28881ce,Antlion_ Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan _ Symantec Blogs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.02.03.Antlion_APT/Antlion_%20Chinese%20APT%20Uses%20Custom%20Backdoor%20to%20Target%20Financial%20Institutions%20in%20Taiwan%20_%20Symantec%20Blogs.pdf
2022-02-23,5c61980e67a35be135305a23a49801e89fa14780,(Ex)Change of Pace_ UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware _ Mandiant,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.02.23.UNC2596/%28Ex%29Change%20of%20Pace_%20UNC2596%20Observed%20Leveraging%20Vulnerabilities%20to%20Deploy%20Cuba%20Ransomware%20_%20Mandiant.pdf
2022-03-01,248c00716584d84cbf66e6d19a4b27f28ee27c79,Asylum Ambuscade_ State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement _ Proofpoint US,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.01.Asylum_Ambuscade/Asylum%20Ambuscade_%20State%20Actor%20Uses%20Compromised%20Private%20Ukrainian%20Military%20Emails%20to%20Target%20European%20Governments%20and%20Refugee%20Movement%20_%20Proofpoint%20US.pdf
2022-03-07,cba4918a039ac19c5340c399f8828ee819275303,"The Good, the Bad, and the Web Bug_ TA416 Increases Operational Tempo Against European Governments as Conflict in Ukraine Escalates _ Proofpoint US",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.07.TA416/The%20Good%2C%20the%20Bad%2C%20and%20the%20Web%20Bug_%20TA416%20Increases%20Operational%20Tempo%20Against%20European%20Governments%20as%20Conflict%20in%20Ukraine%20Escalates%20_%20Proofpoint%20US.pdf
2022-03-17,09c4f8ef3fced7f59e58ed7b506dcd2fb2a94fdc,Cyclops Blink Sets Sights on Asus Routers,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.17.Cyclops_Blink_Voodoo_Bear/Cyclops%20Blink%20Sets%20Sights%20on%20Asus%20Routers.pdf
2022-03-17,e908e25d6553b35b8e87f04fe92f53d2dd6df732,Appendix_Cyclops Blink Sets Sights on ASUS Routers,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.17.Cyclops_Blink_Voodoo_Bear/Appendix_Cyclops%20Blink%20Sets%20Sights%20on%20ASUS%20Routers.pdf
2022-03-23,551dbf96ed7bedc5778b2bd0f0e873c14a7e842b,"Mustang Panda’s Hodur_ Old tricks, new Korplug variant _ WeLiveSecurity",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.23.Mustang_Panda/Mustang%20Panda%E2%80%99s%20Hodur_%20Old%20tricks%2C%20new%20Korplug%20variant%20_%20WeLiveSecurity.pdf
2022-03-30,ea6ce067a3a25f585984e9931b76131e254fc714,New Milestones for Deep Panda_ Log4Shell and Digitally Signed Fire Chili Rootkits,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.30.Deep_Panda_New_Milestones/New%20Milestones%20for%20Deep%20Panda_%20Log4Shell%20and%20Digitally%20Signed%20Fire%20Chili%20Rootkits.pdf
2022-05-02,67f46c74653725c4e385c800f438eb8fd8805d05,UNC3524_ Eye Spy on Your Email _ Mandiant,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.05.02.UNC3524/UNC3524_%20Eye%20Spy%20on%20Your%20Email%20_%20Mandiant.pdf
2022-05-05,9f57b345740588ac3769383ddc70ab3fe8abea8c,Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ Mustang Panda deploys a new wave of malware targeting Europe,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.05.05.Mustang_Panda_Europe/Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20Mustang%20Panda%20deploys%20a%20new%20wave%20of%20malware%20targeting%20Europe.pdf
2022-05-11,5f8c3de2c2e101c15d9c8fd9c86ca4cfcaeba07b,Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ Bitter APT adds Bangladesh to their targets,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.05.11.Bitter_APT_Bangladesh/Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20Bitter%20APT%20adds%20Bangladesh%20to%20their%20targets.pdf
2022-05-12,f36b4d4ba9a966e066d94ad15a9cc11e1c22ef1a,Threat Thursday_ Malware Rebooted - How Industroyer2 Takes Aim at Ukraine Infrastructure,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.05.12.Industroyer2_Ukraine/Threat%20Thursday_%20Malware%20Rebooted%20-%20How%20Industroyer2%20Takes%20Aim%20at%20Ukraine%20Infrastructure.pdf
2022-05-19,a1b1ab94940c4ef9fc2694b8f65bed6de440e4f7,Twisted Panda_ Chinese APT espionage operation against Russian’s state-owned defense institutes - Check Point Research,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.05.19.Twisted_Panda/Twisted%20Panda_%20Chinese%20APT%20espionage%20operation%20against%20Russian%E2%80%99s%20state-owned%20defense%20institutes%20-%20Check%20Point%20Research.pdf
2022-06-02,d05cfc990ee1f6ffe97aa7b07ea130da7a161476,WinDealer dealing on the side _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.06.02.WinDealer/WinDealer%20dealing%20on%20the%20side%20_%20Securelist.pdf
2022-06-21,d2665a6a8b82c1d4842965e79b469abe56101a2b,ToddyCat_ Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.06.21.ToddyCat_APT/ToddyCat_%20Unveiling%20an%20unknown%20APT%20actor%20attacking%20high-profile%20entities%20in%20Europe%20and%20Asia%20_%20Securelist.pdf
2022-06-27,d947eca0780ae2be64623d792989115f95b9929b,Attacks on industrial control systems using ShadowPad _ Kaspersky ICS CERT,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.06.27.ShadowPad_ICS/Attacks%20on%20industrial%20control%20systems%20using%20ShadowPad%20_%20Kaspersky%20ICS%20CERT.pdf
2022-06-27,fb8c120e618cddb8c89a2a5469d7b9983a45b703,Overview of Russian GRU and SVR Cyberespionage Campaigns 1H 2022,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Overview%20of%20Russian%20GRU%20and%20SVR%20Cyberespionage%20Campaigns%201H%202022.pdf
2022-07-25,e2ace107f8d2140b86150d76edd08cd1e14cfe56,CosmicStrand_ the discovery of a sophisticated UEFI firmware rootkit _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.07.25.CosmicStrand/CosmicStrand_%20the%20discovery%20of%20a%20sophisticated%20UEFI%20firmware%20rootkit%20_%20Securelist.pdf
2022-07-26,90c27a9a4c8b09ba026c6a112738dd7eb5fe3477,"Old cat, new tricks, bad habits",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.07.26.Charming_Kitten_APT/Old%20cat%2C%20new%20tricks%2C%20bad%20habits.pdf
2022-08-12,d44d93c12fce2403517bf53705dfd78dbb61ae51,LuckyMouse uses a backdoored Electron app to target MacOS - SEKOIA.IO Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.08.12.LuckyMouse/LuckyMouse%20uses%20a%20backdoored%20Electron%20app%20to%20target%20MacOS%20-%20SEKOIA.IO%20Blog.pdf
2022-08-12,e93fbf3bc680023e383c1179424f054b94a7e86f,"Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users",https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.08.12.Iron_Tiger_Mimi/Iron%20Tiger%20Compromises%20Chat%20Application%20Mimi%2C%20Targets%20Windows%2C%20Mac%2C%20and%20Linux%20Users.pdf
2022-09-08,0903ff6d3b598d56dc8806ebcbd48aa27a1f5df4,BRONZE PRESIDENT Targets Government Officials _ Secureworks,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.09.08.BRONZE_PRESIDENT/BRONZE%20PRESIDENT%20Targets%20Government%20Officials%20_%20Secureworks.pdf
2022-10-06,314c39ce253f68d062df9f0d9d641527da672101,Mustang Panda Abuses Legitimate Apps to Target Myanmar Based Victims,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.10.06.Mustang_Panda_Myanmar/Mustang%20Panda%20Abuses%20Legitimate%20Apps%20to%20Target%20Myanmar%20Based%20Victims.pdf
2022-11-02,d6178c8c86d3dac48ddf678e2abf3d3235d91bad,RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.11.02.RomCom_Ukraine_UK/RomCom%20Threat%20Actor%20Abuses%20KeePass%20and%20SolarWinds%20to%20Target%20Ukraine%20and%20Potentially%20the%20United%20Kingdom.pdf
2022-12-02,7f9b8506b73078f6b437f402197deadcb15e46e3,Blowing Cobalt Strike Out of the Water With Memory Analysis,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.12.02.Cobalt_Strike_Out_of_the_Water/Blowing%20Cobalt%20Strike%20Out%20of%20the%20Water%20With%20Memory%20Analysis.pdf
2022-12-05,9c2e050959ee0d8e7e979b09b0d9674e2277cd15,Message from Recorded Future,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.12.05.TAG-53_Russia/Message%20from%20Recorded%20Future.pdf
2022-12-06,20abcd71b5293e4c97768dd337b4260a88efcc7c,Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.12.06.Mustang_Panda/Mustang%20Panda%20Uses%20the%20Russian-Ukrainian%20War%20to%20Attack%20Europe%20and%20Asia%20Pacific%20Targets.pdf
2022-12-07,4d042f2898173264f3791050861eb0b4313213fe,Internet Explorer 0-day exploited by North Korean actor APT37,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.12.07.APT37_0Day/Internet%20Explorer%200-day%20exploited%20by%20North%20Korean%20actor%20APT37.pdf
2023-01-09,3efdf94296306b558b39d4b2bfab93cb944a0013,INTRINSEC - Emotet returns and deploys loaders,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.01.09.Emotet_return/INTRINSEC%20-%20Emotet%20returns%20and%20deploys%20loaders.pdf
2023-01-11,4d3fa4294df4b901a26c2f9bdbcae7c3be9f244a,Dark Pink APT unleashes malware for deeper and more sinister intrusions in the Asia-Pacific and Europe _ Group-IB Blog,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.01.11.Dark_Pink_APT/Dark%20Pink%20APT%20unleashes%20malware%20for%20deeper%20and%20more%20sinister%20intrusions%20in%20the%20Asia-Pacific%20and%20Europe%20_%20Group-IB%20Blog.pdf
2023-01-26,adc02a61be87eeccc1ea3e3c6a5db73e3946f258,Welcome to Goot Camp_ Tracking the Evolution of GOOTLOADER Operations _ Mandiant,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.01.26.GOOTLOADER_Operations/Welcome%20to%20Goot%20Camp_%20Tracking%20the%20Evolution%20of%20GOOTLOADER%20Operations%20_%20Mandiant.pdf
2023-09-19,c501ec19fa16b701ca5d314e13e09e5caec4d55f,New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.09.19.ShroudedSnooper_Middle_East/New%20ShroudedSnooper%20actor%20targets%20telecommunications%20firms%20in%20the%20Middle%20East%20with%20novel%20Implants.pdf
2023-10-31,279686f1f47cd4e182910601931d8cb66b41ae84,From Albania to the Middle East_ The Scarred Manticore is Listening - Check Point Research,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.10.31.Scarred_Manticore/From%20Albania%20to%20the%20Middle%20East_%20The%20Scarred%20Manticore%20is%20Listening%20-%20Check%20Point%20Research.pdf
2023-11-09,f68c243dde7778085472543de3e7b5eac5141e6a,Modern Asia APT groups TTPs _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.09.Modern_Asian_APT_TTPs/Modern%20Asia%20APT%20groups%20TTPs%20_%20Securelist.pdf
2023-11-23,fa03024e3a1093b0ed371ab0694131ede49c5f32,Israel-Hamas War Spotlight_ Shaking the Rust Off SysJoker - Check Point Research,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.23.israel-hamas-sysjoker/Israel-Hamas%20War%20Spotlight_%20Shaking%20the%20Rust%20Off%20SysJoker%20-%20Check%20Point%20Research.pdf
2023-11-27,359be6f14e3151f7efa230ed79d29fc01bdda962,WildCard_ The APT Behind SysJoker Targets Critical Sectors in Israel,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.27.WildCard_SysJoker_Israel/WildCard_%20The%20APT%20Behind%20SysJoker%20Targets%20Critical%20Sectors%20in%20Israel.pdf
2023-11-30,746840e505e79254363b985feb4398670af1a6dd,New SugarGh0st RAT targets Uzbekistan government and South Korea,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.30.New_SugarGh0st_RAT/New%20SugarGh0st%20RAT%20targets%20Uzbekistan%20government%20and%20South%20Korea.pdf
2023-12-19,105d2dad10219b0e6106a0fb55c6a00e7faf401d,Seedworm_ Iranian Hackers Target Telecoms Orgs in North and East Africa _ Symantec Enterprise Blogs,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.12.19.Seedworm/Seedworm_%20Iranian%20Hackers%20Target%20Telecoms%20Orgs%20in%20North%20and%20East%20Africa%20_%20Symantec%20Enterprise%20Blogs.pdf
2023-12-21,95f848ff414c5e2288448815427b9f0019449ab9,Intellexa and Cytrox_ From fixer-upper to Intel Agency-grade spyware,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.12.21.Intellexa_Cytrox/Intellexa%20and%20Cytrox_%20From%20fixer-upper%20to%20Intel%20Agency-grade%20spyware.pdf
2023-12-27,f9ebf0bee52c3bcf2193f1ab477359918b00da03,Operation Triangulation_ The last (hardware) mystery _ Securelist,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.12.27.Operation_Triangulation/Operation%20Triangulation_%20The%20last%20%28hardware%29%20mystery%20_%20Securelist.pdf
2024-01-10,e71c1c4cd3ade02e4291bb9547aa9efbd4ce1a92,Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN _ Volexity,https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2024/2024.01.10.Active_Exploitation_UTA0178/Active%20Exploitation%20of%20Two%20Zero-Day%20Vulnerabilities%20in%20Ivanti%20Connect%20Secure%20VPN%20_%20Volexity.pdf