2018.06.15.Mustang_Panda

2022-12-07 09:23:05 +08:00 · 2022-12-07 09:23:05 +08:00 · a13e206437
parent d598cb12cf
commit a13e206437
3 changed files with 2 additions and 0 deletions
--- a/2018/2018.06.15.Mustang_Panda/Mustang
+++ b/2018/2018.06.15.Mustang_Panda/Mustang
--- a/2022/2022.10.06.Mustang_Panda_Myanmar/Mustang
+++ b/2022/2022.10.06.Mustang_Panda_Myanmar/Mustang
--- a/README.md
+++ b/README.md
@ -30,6 +30,7 @@ Please fire issue to me if any lost APT/Malware events/campaigns.
 ## 2022
 * Dec 06 - [[BlackBerry] Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets](https://blogs.blackberry.com/en/2022/12/mustang-panda-uses-the-russian-ukrainian-war-to-attack-europe-and-asia-pacific-targets) | [:closed_book:](../../blob/master/2022/2022.12.06.Mustang_Panda)
 * Dec 02 - [[Palo Alto Networks] Blowing Cobalt Strike Out of the Water With Memory Analysis](https://unit42.paloaltonetworks.com/cobalt-strike-memory-analysis/) | [:closed_book:](../../blob/master/2022/2022.12.02.Cobalt_Strike_Out_of_the_Water)
+* Oct 06 - [[BlackBerry] Mustang Panda Abuses Legitimate Apps to Target Myanmar Based Victims](https://blogs.blackberry.com/en/2022/10/mustang-panda-abuses-legitimate-apps-to-target-myanmar-based-victims) | [:closed_book:](../../blob/master/2022/2022.10.06.Mustang_Panda_Myanmar)
 * Oct 04 - [[Trend Micro] The Rise of Earth Aughisky](https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/connecting-taidoors-dots-earth-aughisky-over-the-last-10-years) | [:closed_book:](../../blob/master/2022/2022.10.04.Rise_Earth_Aughisky)
 * Sep 28 - [[Recorded Future] The Chinese Communist Party’s Strategy for Targeted Propaganda](https://go.recordedfuture.com/hubfs/reports/ta-2022-0928.pdf) | [:closed_book:](../../blob/master/2022/2022.09.28.Chinese_Communist_Party)
 * Aug 12 - [[SEKOIA.IO] LuckyMouse uses a backdoored Electron app to target MacOS](https://blog.sekoia.io/luckymouse-uses-a-backdoored-electron-app-to-target-macos/) | [:closed_book:](../../blob/master/2022/2022.08.12.LuckyMouse)
@ -659,6 +660,7 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
 * Jun 22 - [[Palo Alto networks] Tick Group Weaponized Secure USB Drives to Target Air-Gapped Critical Systems](https://unit42.paloaltonetworks.com/unit42-tick-group-weaponized-secure-usb-drives-target-air-gapped-critical-systems/) | [:closed_book:](../../blob/master/2018/2018.06.22.Iick.Group-weaponized-secure-usb)
 * Jun 20 - [[Symantec] Thrip: Espionage Group Hits Satellite, Telecoms, and Defense Companies](https://www.symantec.com/blogs/threat-intelligence/thrip-hits-satellite-telecoms-defense-targets) | [:closed_book:](../../blob/master/2018/2018.06.20.thrip-hits-satellite-telecoms-defense-targets)
 * Jun 19 - [[Kaspersky] Olympic Destroyer is still alive](https://securelist.com/olympic-destroyer-is-still-alive/86169/) | [:closed_book:](../../blob/master/2018/2018.06.19.olympic-destroyer-is-still-alive)
+* Jun 15 - [[CrowdStrike] Meet CrowdStrike’s Adversary of the Month for June: MUSTANG PANDA](https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-june-mustang-panda/) | [:closed_book:](../../blob/master/2018/2018.06.15.Mustang_Panda)
 * Jun 14 - [[Trend Micro] Another Potential MuddyWater Campaign uses Powershell-based PRB-Backdoor](https://blog.trendmicro.com/trendlabs-security-intelligence/another-potential-muddywater-campaign-uses-powershell-based-prb-backdoor/) | [:closed_book:](../../blob/master/2018/2018.06.14.another-potential-muddywater-campaign)
 * Jun 14 - [[intezer] MirageFox: APT15 Resurfaces With New Tools Based On Old Ones](https://www.intezer.com/miragefox-apt15-resurfaces-with-new-tools-based-on-old-ones/) | [:closed_book:](../../blob/master/2018/2018.06.14.MirageFox_APT15)
 * Jun 13 - [[Kaspersky] LuckyMouse hits national data center to organize country-level waterholing campaign](https://securelist.com/luckymouse-hits-national-data-center/86083/) | [:closed_book:](../../blob/master/2018/2018.06.13.LuckyMouse)