mirror of
https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
synced 2024-06-28 09:51:38 +00:00
2013 fix. part 2
This commit is contained in:
parent
028cca7d28
commit
38a2838188
0
2013/Dark_Seoul_Cyberattack.pdf → 2013/2013.00.00.Dark_Seoul_Cyber_Attack/Dark_Seoul_Cyberattack.pdf
0
2013/Dark_Seoul_Cyberattack.pdf → 2013/2013.00.00.Dark_Seoul_Cyber_Attack/Dark_Seoul_Cyberattack.pdf
BIN
2013/2013.07.01.Gulf_States_APT/kashifali.ca-Targeted Campaign Steals Credentials in Gulf States and Caribbean.pdf
Normal file
BIN
2013/2013.07.01.Gulf_States_APT/kashifali.ca-Targeted Campaign Steals Credentials in Gulf States and Caribbean.pdf
Normal file
Binary file not shown.
0
2013/Surtr_Malware_Tibetan.pdf → 2013/2013.08.02.Surtr_Targeting_Tibetan/Surtr_Malware_Tibetan.pdf
0
2013/Surtr_Malware_Tibetan.pdf → 2013/2013.08.02.Surtr_Targeting_Tibetan/Surtr_Malware_Tibetan.pdf
23
2013/2013.08.21.POISON_IVY/LICENSE
Normal file
23
2013/2013.08.21.POISON_IVY/LICENSE
Normal file
@ -0,0 +1,23 @@
|
||||
Copyright (c) 2013, FireEye, Inc.
|
||||
All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without modification,
|
||||
are permitted provided that the following conditions are met:
|
||||
|
||||
Redistributions of source code must retain the above copyright notice, this
|
||||
list of conditions and the following disclaimer.
|
||||
|
||||
Redistributions in binary form must reproduce the above copyright notice, this
|
||||
list of conditions and the following disclaimer in the documentation and/or
|
||||
other materials provided with the distribution.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||||
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
|
||||
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
||||
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
|
||||
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
BIN
2013/2013.08.21.POISON_IVY/PIVY-Appendix.pdf
Normal file
BIN
2013/2013.08.21.POISON_IVY/PIVY-Appendix.pdf
Normal file
Binary file not shown.
BIN
2013/2013.08.21.POISON_IVY/PIVY-Calamine-HOWTO.mp4
Normal file
BIN
2013/2013.08.21.POISON_IVY/PIVY-Calamine-HOWTO.mp4
Normal file
Binary file not shown.
BIN
2013/2013.08.21.POISON_IVY/PIVY-Graph.mtgx
Normal file
BIN
2013/2013.08.21.POISON_IVY/PIVY-Graph.mtgx
Normal file
Binary file not shown.
4
2013/2013.08.21.POISON_IVY/README.md
Normal file
4
2013/2013.08.21.POISON_IVY/README.md
Normal file
@ -0,0 +1,4 @@
|
||||
pivy-report
|
||||
===========
|
||||
|
||||
Poison Ivy Appendix/Extras
|
BIN
2013/2013.08.21.POISON_IVY/rpt-poison-ivy.pdf
Normal file
BIN
2013/2013.08.21.POISON_IVY/rpt-poison-ivy.pdf
Normal file
Binary file not shown.
BIN
2013/2013.08.23.Operation_Molerats/fireeye.com-Operation Molerats Middle East Cyber Attacks Using Poison Ivy.pdf
Normal file
BIN
2013/2013.08.23.Operation_Molerats/fireeye.com-Operation Molerats Middle East Cyber Attacks Using Poison Ivy.pdf
Normal file
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
57
README.md
57
README.md
@ -1049,43 +1049,41 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
||||
* Jan 06 - [PlugX: some uncovered points](http://blog.cassidiancybersecurity.com/2014/01/plugx-some-uncovered-points.html)
|
||||
|
||||
## 2013
|
||||
* XXX XX - [[CERT-ISAC] Inside Report – APT Attacks on Indian Cyber Space]() | [:closed_book:](../../blob/master/2013/2013.00.00.APT_Attacks_on_Indian_Cyber_Space)
|
||||
* XXX XX - [[KPMG] Energy at Risk: A Study of IT Security in the Energy and Natural Resources Industry]() | [:closed_book:](../../blob/master/2013/2013.00.00.Energy_at_Risk)
|
||||
* XXX XX - [[FireEye] THE LITTLE MALWARE THAT COULD: Detecting and Defeating the China Chopper Web Shell](https://www.fireeye.com/content/dam/FireEye-www/global/en/current-threats/pdfs/rpt-china-chopper.pdf) | [:closed_book:](../../blob/master/2013/2013.00.00.China_Chopper_Web_Shell)
|
||||
* ??? ?? - [Deep Panda](http://www.crowdstrike.com/sites/default/files/AdversaryIntelligenceReport_DeepPanda_0.pdf) (OFFLINE) | [:closed_book:](../../blob/master//2013/2013.Deep.Panda)
|
||||
* ??? ?? - [[Fireeye] OPERATION SAFFRON ROSE](https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-operation-saffron-rose.pdf) | [:closed_book:](../../blob/master/2013/2013.OPERATION_SAFFRON_ROSE)
|
||||
* XXX XX - [[CrowdStrike] Deep Panda](http://www.crowdstrike.com/sites/default/files/AdversaryIntelligenceReport_DeepPanda_0.pdf) | [:closed_book:](../../blob/master/2013/2013.00.00.Deep.Panda)
|
||||
* XXX XX - [[CISAK] Dark Seoul Cyber Attack: Could it be worse?](http://cisak.perpika.kr/2013/wp-content/uploads/2013/06/Accepted-Papers.xlsx) | [:closed_book:](../../blob/master/2013/2013.00.00.Dark_Seoul_Cyber_Attack)
|
||||
* XXX XX - [[Fireeye] OPERATION SAFFRON ROSE](https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-operation-saffron-rose.pdf) | [:closed_book:](../../blob/master/2013/2013.00.00.OPERATION_SAFFRON_ROSE)
|
||||
* Dec 20 - [ETSO APT Attacks Analysis](http://image.ahnlab.com/global/upload/download/documents/1401223631603288.pdf) | [:closed_book:](../../blob/master/2013/2013.12.20.ETSO)
|
||||
* Dec 12 - [[FireEye] Operation Ke3chang: Targeted Attacks Against Ministries of Foreign Affairs](https://www.fireeye.com/blog/executive-perspective/2013/12/operation-ke3chang-targeted-attacks-against-ministries-of-foreign-affairs.html) | [:closed_book:](../../blob/master/2013/2013.12.12.Operation_Ke3chang)
|
||||
* Dec 11 - [Operation "Ke3chang"](http://www.fireeye.com/resources/pdfs/FireEye-operation-ke3chang.pdf)
|
||||
* Dec 02 - [njRAT, The Saga Continues](http://www.fidelissecurity.com/files/files/FTA%201010%20-%20njRAT%20The%20Saga%20Continues.pdf)
|
||||
* Nov 11 - [[FireEye] Supply Chain Analysis](http://www.fireeye.com/resources/pdfs/FireEye-malware-supply-chain.pdf)
|
||||
* Nov 10 - [[FireEye] Operation Ephemeral Hydra: IE Zero-Day Linked to DeputyDog Uses Diskless Method](http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/operation-ephemeral-hydra-ie-zero-day-linked-to-deputydog-uses-diskless-method.html)
|
||||
* Oct 24 - [[FireEye] Terminator RAT](https://www.fireeye.com/blog/threat-research/2013/10/evasive-tactics-terminator-rat.html) or [FakeM RAT](http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-fakem-rat.pdf) | [:closed_book:](../../blob/master//2013/2013.10.24)
|
||||
* Sep 30 - [[FireEye] World War C: State of affairs in the APT world](https://www.fireeye.com/blog/threat-research/2013/09/new-FireEye-report-world-war-c.html)
|
||||
* Sep 25 - [The 'ICEFROG' APT: A Tale of cloak and three daggers](http://www.securelist.com/en/downloads/vlpdfs/icefog.pdf) | [:closed_book:](../../blob/master//2013/2013.09.25.ICEFROG_APT)
|
||||
* Sep 17 - [Hidden Lynx - Professional Hackers for Hire](http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/hidden_lynx.pdf) | [:closed_book:](../../blob/master//2013/2013.09.17.Hidden_Lynx)
|
||||
* Sep 13 - [Operation DeputyDog: Zero-Day (CVE-2013-3893) Attack Against Japanese Targets](http://www.fireeye.com/blog/technical/cyber-exploits/2013/09/operation-deputydog-zero-day-cve-2013-3893-attack-against-japanese-targets.html)
|
||||
* Sep 11 - [The "Kimsuky" Operation](https://securelist.com/analysis/57915/the-kimsuky-operation-a-north-korean-apt/)
|
||||
* Sep 06 - [Evasive Tactics: Taidoor](https://www.fireeye.com/blog/threat-research/2013/09/evasive-tactics-taidoor-3.html) | [:closed_book:](../../blob/master//2013/2013.09.06.EvasiveTactics_Taidoor)
|
||||
* Sep ?? - [Feature: EvilGrab Campaign Targets Diplomatic Agencies](http://about-threats.trendmicro.com/cloud-content/us/ent-primers/pdf/2q-report-on-targeted-attack-campaigns.pdf)
|
||||
* Aug 23 - [Operation Molerats: Middle East Cyber Attacks Using Poison Ivy](http://www.fireeye.com/blog/technical/2013/08/operation-molerats-middle-east-cyber-attacks-using-poison-ivy.html)
|
||||
* Aug 21 - [POISON IVY: Assessing Damage and Extracting Intelligence](http://www.fireeye.com/resources/pdfs/FireEye-poison-ivy-report.pdf)
|
||||
* Aug 19 - [ByeBye Shell and the targeting of Pakistan](https://community.rapid7.com/community/infosec/blog/2013/08/19/byebye-and-the-targeting-of-pakistan)
|
||||
* Aug 02 - [Surtr: Malware Family Targeting the Tibetan Community](https://citizenlab.org/2013/08/surtr-malware-family-targeting-the-tibetan-community/)
|
||||
* Aug 02 - [Where There is Smoke, There is Fire: South Asian Cyber Espionage Heats Up](http://www.threatconnect.com/news/where-there-is-smoke-there-is-fire-south-asian-cyber-espionage-heats-up/)
|
||||
* Aug ?? - [APT Attacks on Indian Cyber Space](http://g0s.org/wp-content/uploads/2013/downloads/Inside_Report_by_Infosec_Consortium.pdf)
|
||||
* Aug ?? - [Operation Hangover - Unveiling an Indian Cyberattack Infrastructure](http://normanshark.com/wp-content/uploads/2013/08/NS-Unveiling-an-Indian-Cyberattack-Infrastructure_FINAL_Web.pdf)
|
||||
* Jul 31 - [Blackhat: In-Depth Analysis of Escalated APT Attacks (Lstudio,Elirks)](https://media.blackhat.com/us-13/US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-Slides.pdf), [video](https://www.youtube.com/watch?v=SoFVRsvh8s0)
|
||||
* Jul 31 - [Secrets of the Comfoo Masters](http://www.secureworks.com/cyber-threat-intelligence/threats/secrets-of-the-comfoo-masters/)
|
||||
* Jul 15 - [PlugX revisited: "Smoaler"](http://sophosnews.files.wordpress.com/2013/07/sophosszappanosplugxrevisitedintroducingsmoaler-rev1.pdf)
|
||||
* Jul 09 - [Dark Seoul Cyber Attack: Could it be worse?](http://cisak.perpika.kr/wp-content/uploads/2013/07/2013-08.pdf)
|
||||
* Jun 30 - [Targeted Campaign Steals Credentials in Gulf States and Caribbean](https://blogs.mcafee.com/mcafee-labs/targeted-campaign-steals-credentials-in-gulf-states-and-caribbean)
|
||||
* Jun 28 - [njRAT Uncovered](http://threatgeek.typepad.com/files/fta-1009---njrat-uncovered-1.pdf) | [:closed_book:](../../blob/master//2013/2013.06.28.njRAT_Uncovered)
|
||||
* Dec 02 - [[Fidelis] njRAT, The Saga Continues](http://www.fidelissecurity.com/files/files/FTA%201010%20-%20njRAT%20The%20Saga%20Continues.pdf) | [:closed_book:](../../blob/master/2013/2013.12.02.njRAT_Saga_Continues)
|
||||
* Nov 10 - [[FireEye] Operation Ephemeral Hydra: IE Zero-Day Linked to DeputyDog Uses Diskless Method](http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/operation-ephemeral-hydra-ie-zero-day-linked-to-deputydog-uses-diskless-method.html) | [:closed_book:](../../blob/master/2013/2013.11.10.Operation_Ephemeral_Hydra)
|
||||
* Oct 25 - [[FireEye] Evasive Tactics: Terminator RAT](https://www.fireeye.com/blog/threat-research/2013/10/evasive-tactics-terminator-rat.html) | [:closed_book:](../../blob/master/2013/2013.10.25.Terminator_RAT)
|
||||
* Oct 24 - [[Trend Micro] FakeM RAT](http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-fakem-rat.pdf) | [:closed_book:](../../blob/master/2013/2013.10.24.FakeM_RAT)
|
||||
* Sep 25 - [[Kaspersky] The 'ICEFROG' APT: A Tale of cloak and three daggers](http://www.securelist.com/en/downloads/vlpdfs/icefog.pdf) | [:closed_book:](../../blob/master//2013/2013.09.25.ICEFROG_APT)
|
||||
* Sep 21 - [[FireEye] Operation DeputyDog: Zero-Day (CVE-2013-3893) Attack Against Japanese Targets](https://www.fireeye.com/blog/threat-research/2013/09/operation-deputydog-zero-day-cve-2013-3893-attack-against-japanese-targets.html) | [:closed_book:](../../blob/master/2013/2013.09.21.Operation_DeputyDog)
|
||||
* Sep 19 - [[Trend Micro] 2Q 2013 Report on Targeted Attack Campaigns: A Look Into EvilGrab](https://www.trendmicro.tw/vinfo/hk/security/news/cyber-attacks/2q-2013-report-on-targeted-attack-campaigns-a-look-into-evilgrab) | [:closed_book:](../../blob/master/2013/2013.09.19.EvilGrab)
|
||||
* Sep 17 - [[Symantec] Hidden Lynx - Professional Hackers for Hire](http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/hidden_lynx.pdf) | [:closed_book:](../../blob/master/2013/2013.09.17.Hidden_Lynx)
|
||||
* Sep 11 - [[Kaspersky] The "Kimsuky" Operation](https://securelist.com/analysis/57915/the-kimsuky-operation-a-north-korean-apt/) | [:closed_book:](../../blob/master/2013/2013.09.11.Kimsuky_Operation)
|
||||
* Sep 06 - [[FireEye] Evasive Tactics: Taidoor](https://www.fireeye.com/blog/threat-research/2013/09/evasive-tactics-taidoor-3.html) | [:closed_book:](../../blob/master/2013/2013.09.06.EvasiveTactics_Taidoor)
|
||||
* Aug 23 - [[FireEye] Operation Molerats: Middle East Cyber Attacks Using Poison Ivy](http://www.fireeye.com/blog/technical/2013/08/operation-molerats-middle-east-cyber-attacks-using-poison-ivy.html) | [:closed_book:](../../blob/master/2013/2013.08.23.Operation_Molerats)
|
||||
* Aug 21 - [[FireEye] POISON IVY: Assessing Damage and Extracting Intelligence](http://www.fireeye.com/resources/pdfs/FireEye-poison-ivy-report.pdf) | [:closed_book:](../../blob/master/2013/2013.08.21.POISON_IVY)
|
||||
* Aug 19 - [[Rapid7] ByeBye Shell and the targeting of Pakistan](https://community.rapid7.com/community/infosec/blog/2013/08/19/byebye-and-the-targeting-of-pakistan) | [:closed_book:](../../blob/master/2013/2013.08.19.ByeBye_Shell)
|
||||
* Aug 02 - [[CitizenLab] Surtr: Malware Family Targeting the Tibetan Community](https://citizenlab.org/2013/08/surtr-malware-family-targeting-the-tibetan-community/) | [:closed_book:](../../blob/master/2013/2013.08.02.Surtr_Targeting_Tibetan)
|
||||
* Aug 02 - [[ThreatConnect] Where There is Smoke, There is Fire: South Asian Cyber Espionage Heats Up](http://www.threatconnect.com/news/where-there-is-smoke-there-is-fire-south-asian-cyber-espionage-heats-up/) | [:closed_book:](../../blob/master/2013/2013.08.02.Smoke_Fire_South_Asian_Cyber_Espionage)
|
||||
* Jul 31 - [[BlackHat] Hunting the Shadows: In Depth Analysis of Escalated APT Attacks](https://media.blackhat.com/us-13/US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-Slides.pdf) | [:closed_book:](../../blob/master/2013/2013.07.31.Hunting_the_Shadows)
|
||||
* Jul 31 - [[Dell] Secrets of the Comfoo Masters](http://www.secureworks.com/cyber-threat-intelligence/threats/secrets-of-the-comfoo-masters/) | [:closed_book:](../../blob/master/2013/2013.07.31.ecrets_of_the_Comfoo_Masters)
|
||||
* Jul 15 - [[Sophos] The PlugX malware revisited:
|
||||
introducing “Smoaler”](http://sophosnews.files.wordpress.com/2013/07/sophosszappanosplugxrevisitedintroducingsmoaler-rev1.pdf) | [:closed_book:](../../blob/master/2013/2013.07.15.PlugX_Smoaler)
|
||||
* Jul 01 - [[McAfee] Targeted Campaign Steals Credentials in Gulf States and Caribbean](hhttps://www.kashifali.ca/2013/07/01/targeted-campaign-steals-credentials-in-gulf-states-and-caribbean/) | [:closed_book:](../../blob/master/2013/2013.07.01.Gulf_States_APT)
|
||||
* Jun 28 - [[ThreatGeek] njRAT Uncovered](http://threatgeek.typepad.com/files/fta-1009---njrat-uncovered-1.pdf) | [:closed_book:](../../blob/master//2013/2013.06.28.njRAT_Uncovered)
|
||||
* Jun 21 - [[Citizen Lab] A Call to Harm: New Malware Attacks Target the Syrian Opposition](https://citizenlab.org/wp-content/uploads/2013/07/19-2013-acalltoharm.pdf) | [:closed_book:](../../blob/master/2013/2013.06.21.Syrian_Attack)
|
||||
* Jun 18 - [[FireEye] Trojan.APT.Seinup Hitting ASEAN](http://www.fireeye.com/blog/technical/malware-research/2013/06/trojan-apt-seinup-hitting-asean.html) | [:closed_book:](../../blob/master/2013/2013.06.18.APT_Seinup)
|
||||
* Jun 07 - [[Rapid7] KeyBoy, Targeted Attacks against Vietnam and India](https://community.rapid7.com/community/infosec/blog/2013/06/07/keyboy-targeted-attacks-against-vietnam-and-india) | [:closed_book:](../../blob/master/2013/2013.06.07.KeyBoy_APT)
|
||||
* Jun 04 - [[Kaspersky] The NetTraveller (aka 'Travnet')](http://www.securelist.com/en/downloads/vlpdfs/kaspersky-the-net-traveler-part1-final.pdf) | [:closed_book:](../../blob/master/2013/2013.06.04.NetTraveller)
|
||||
* Jun 01 - [[Purdue] Crude Faux: An analysis of cyber conflict within the oil & gas industries](https://www.cerias.purdue.edu/assets/pdf/bibtex_archive/2013-9.pdf) | [:closed_book:](../../blob/master/2013/2013.06.01.cyber_conflict_Oil_Gas)
|
||||
* Jun ?? - [[BlueCoat] The Chinese Malware Complexes: The Maudi Surveillance Operation](https://bluecoat.com/documents/download/2c832f0f-45d2-4145-bdb7-70fc78c22b0f&ei=ZGP-VMCbMsuxggSThYDgDg&usg=AFQjCNFjXSkn_AIiXge1X9oWZHzQOiNDJw&sig2=B6e2is0sCnGEbLPL9q0eZg&bvm=bv.87611401,d.eXY) | [:closed_book:](../../blob/master/2013/2013.06.00.Maudi_Surveillance_Operation)
|
||||
* Jun XX - [[BlueCoat] The Chinese Malware Complexes: The Maudi Surveillance Operation](https://bluecoat.com/documents/download/2c832f0f-45d2-4145-bdb7-70fc78c22b0f&ei=ZGP-VMCbMsuxggSThYDgDg&usg=AFQjCNFjXSkn_AIiXge1X9oWZHzQOiNDJw&sig2=B6e2is0sCnGEbLPL9q0eZg&bvm=bv.87611401,d.eXY) | [:closed_book:](../../blob/master/2013/2013.06.00.Maudi_Surveillance_Operation)
|
||||
* May 30 - [[CIRCL] TR-14 - Analysis of a stage 3 Miniduke malware sample](http://www.circl.lu/pub/tr-14/) | [:closed_book:](../../blob/master/2013/2013.05.20.Miniduke.Analysis)
|
||||
* May 20 - [[Norman] OPERATION HANGOVER: Unveiling an Indian Cyberattack Infrastructure](http://www.thecre.com/fnews/wp-content/uploads/2013/05/Unveiling_an_Indian_Cyberattack_Infrastructure.pdf) | [:closed_book:](../../blob/master/2013/2013.05.20.Operation_Hangover)
|
||||
* May 16 - [[ESET] Targeted information stealing attacks in South Asia use email, signed binaries](https://www.welivesecurity.com/2013/05/16/targeted-threat-pakistan-india/) | [:closed_book:](../../blob/master/2013/2013.05.16.targeted-threat-pakistan-india)
|
||||
@ -1108,7 +1106,7 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
||||
* Feb 12 - [[AIT] Targeted cyber attacks: examples and challenges ahead](http://www.ait.ac.at/uploads/media/Presentation_Targeted-Attacks_EN.pdf) | [:closed_book:](../../blob/master/2013/2013.02.12.Targeted-Attacks)
|
||||
* Jan 18 - [[McAfee] Operation Red October](https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/24000/PD24250/en_US/McAfee_Labs_Threat_Advisory_Exploit_Operation_Red_Oct.pdf) | [:closed_book:](../../blob/master/2013/2013.01.18.Operation_Red_Oct)
|
||||
* Jan 14 - [[Kaspersky] The Red October Campaign](https://securelist.com/blog/incidents/57647/the-red-october-campaign) | [:closed_book:](../../blob/master/2013/2013.01.14.Red_October_Campaign)
|
||||
* Jan 02 - [[FireEye] SUPPLY CHAIN ANALYSIS: From Quartermaster to SunshopFireEye](https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-malware-supply-chain.pdf) | [:closed_book:](../../blob/master/2013/2013.01.12.SUPPLY_CHAIN_ANALYSIS)
|
||||
* Jan 02 - [[FireEye] SUPPLY CHAIN ANALYSIS: From Quartermaster to SunshopFireEye](https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-malware-supply-chain.pdf) | [:closed_book:](../../blob/master/2013/2013.01.02.SUPPLY_CHAIN_ANALYSIS)
|
||||
|
||||
## 2012
|
||||
* Nov ?? - [[KrebsonSecurity] "Wicked Rose" and the NCPH Hacking Group](https://krebsonsecurity.com/wp-content/uploads/2012/11/WickedRose_andNCPH.pdf) | [:closed_book:](../../blob/master/2012/2012.11.00_Wicked_Rose)
|
||||
@ -1122,6 +1120,7 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
||||
* Sep 12 - [[RSA] The VOHO Campaign: An in depth analysis](http://blogsdev.rsa.com/wp-content/uploads/VOHO_WP_FINAL_READY-FOR-Publication-09242012_AC.pdf) | [:closed_book:](../../blob/master/2012/2012.09.12.VOHO_Campaign)
|
||||
* Sep 07 - [[Citizen lab] IEXPLORE RAT](https://citizenlab.org/wp-content/uploads/2012/09/IEXPL0RE_RAT.pdf) | [:closed_book:](../../blob/master/2012/2012.09.07.IEXPLORE_RAT)
|
||||
* Sep 06 - [[Symantec] The Elderwood Project](http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the-elderwood-project.pdf) | [:closed_book:](../../blob/master/2012/2012.09.06.Elderwood)
|
||||
* Aug 19 - [[Rapid7] ByeBye Shell and the targeting of Pakistan](https://blog.rapid7.com/2013/08/19/byebye-and-the-targeting-of-pakistan/) | [:closed_book:](../../blob/master/2012/2012.08.19.ByeBye_Shell)
|
||||
* Aug 18 - [[Trend Micro] The Taidoor Campaign AN IN-DEPTH ANALYSIS ](http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp_the_taidoor_campaign.pdf) | [:closed_book:](../../blob/master/2012/2012.08.18.Taidoor_Campaign)
|
||||
* Aug 09 - [[Kaspersky] Gauss: Abnormal Distribution](http://kasperskycontenthub.com/wp-content/uploads/sites/43/vlpdfs/kaspersky-lab-gauss.pdf) | [:closed_book:](../../blob/master/2012/2012.08.09.Gauss)
|
||||
* Jul 27 - [[Kaspersky] The Madi Campaign](https://securelist.com/analysis/36609/the-madi-infostealers-a-detailed-analysis/) | [:closed_book:](../../blob/master/2012/2012.07.27.Madi_Campaign)
|
||||
|
Loading…
Reference in New Issue
Block a user