2017.10.24.greenbug

2017-10-27 10:11:23 +08:00 · 2017-10-27 10:11:23 +08:00 · 6dfa01b22a
parent 946deb5356
commit 6dfa01b22a
2 changed files with 2 additions and 1 deletions
--- a/2017/2017.10.24.greenbug/Greenbug.pdf
+++ b/2017/2017.10.24.greenbug/Greenbug.pdf
--- a/README.md
+++ b/README.md
@ -12,6 +12,7 @@ Please fire issue to me if any lost of APT/Malware events/campaigns.
 * [targetedthreats](https://github.com/botherder/targetedthreats/wiki/Reports)

 ## 2017
+* Oct 24 - [[ClearSky] Iranian Threat Agent Greenbug Impersonates Israeli High-Tech and Cyber Security Companies](http://www.clearskysec.com/greenbug/) | [Local](../../blob/master/2017/2017.10.02.Aurora_Operation_CCleaner_II) 
 * Oct 16 - [[BAE Systems] Taiwan Heist: Lazarus Tools And Ransomware](https://baesystemsai.blogspot.kr/2017/10/taiwan-heist-lazarus-tools.html) | [Local](../../blob/master/2017/2017.10.16.BlackOasis_APT)  
 * Oct 16 - [[Kaspersky] BlackOasis APT and new targeted attacks leveraging zero-day exploit](https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/) | [Local](../../blob/master/2017/2017.10.16.Taiwan-Heist) 
 * Oct 02 - [[intezer] Evidence Aurora Operation Still Active Part 2: More Ties Uncovered Between CCleaner Hack & Chinese Hackers]() | [Local](../../blob/master/2017/2017.10.02.Aurora_Operation_CCleaner_II) 
@ -29,7 +30,7 @@ Please fire issue to me if any lost of APT/Malware events/campaigns.
 * Aug 01 - [[Positive Research] Cobalt strikes back: an evolving multinational threat to finance](http://blog.ptsecurity.com/2017/08/cobalt-group-2017-cobalt-strikes-back.html) | [Local](../../blob/master/2017/2017.08.01.cobalt-group-2017-cobalt-strikes-back) 
 * Jul 27 - [[Trend Micro] ChessMaster Makes its Move: A Look into the Campaign’s Cyberespionage Arsenal](http://blog.trendmicro.com/trendlabs-security-intelligence/chessmaster-cyber-espionage-campaign/) | [Local](../../blob/master/2017/2017.07.27.chessmaster-cyber-espionage-campaign) 
 * Jul 27 - [[Palo Alto Networks] OilRig Uses ISMDoor Variant; Possibly Linked to Greenbug Threat Group](https://researchcenter.paloaltonetworks.com/2017/07/unit42-oilrig-uses-ismdoor-variant-possibly-linked-greenbug-threat-group/) | [Local](../../blob/master/2017/2017.07.27.oilrig-uses-ismdoor-variant-possibly-linked-greenbug-threat-group) 
-* Jul 27 - [Operation Wilted Tulip](http://www.clearskysec.com/wp-content/uploads/2017/07/Operation_Wilted_Tulip.pdf) | [Local](../../blob/master/2017/2017.07.27.Operation_Wilted_Tulip) 
+* Jul 27 - [[Clearsky, TrendMicro] Operation Wilted Tulip](http://www.clearskysec.com/wp-content/uploads/2017/07/Operation_Wilted_Tulip.pdf) | [Local](../../blob/master/2017/2017.07.27.Operation_Wilted_Tulip) 
 * Jul 24 - [“Tick” Group Continues Attacks](https://researchcenter.paloaltonetworks.com/2017/07/unit42-tick-group-continues-attacks/) | [Local](../../blob/master/2017/2017.07.24.Tick_group) 
 * Jul 18 - [Recent Winnti Infrastructure and Samples](http://www.clearskysec.com/winnti/) | [Local](../../blob/master/2017/2017.07.18.winnti) 
 * Jul 11 - [Winnti Evolution - Going Open Source](https://www.protectwise.com/blog/winnti-evolution-going-open-source.html) | [Local](../../blob/master/2017/2017.07.11.winnti-evolution-going-open-source)