fix 2015
This commit is contained in:
CyberMonitor
parent
5131c571e6
commit
a7f495c067
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
60
README.md
60
README.md
|
|
@ -440,10 +440,10 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
|||
* Nov 10 - [[Palo Alto Networks] Bookworm Trojan: A Model of Modular Architecture](http://researchcenter.paloaltonetworks.com/2015/11/bookworm-trojan-a-model-of-modular-architecture/) | [Local](../../blob/master/2015/2015.11.10.bookworm-trojan-a-model-of-modular-architecture)
|
||||
* Nov 09 - [[Check Point] Rocket Kitten: A Campaign With 9 Lives](http://blog.checkpoint.com/wp-content/uploads/2015/11/rocket-kitten-report.pdf) | [Local](../../blob/master/2015/2015.11.09.Rocket_Kitten_A_Campaign_With_9_Lives)
|
||||
* Nov 04 - [[RSA] Evolving Threats:dissection of a CyberEspionage attack](http://www.rsaconference.com/writable/presentations/file_upload/cct-w08_evolving-threats-dissection-of-a-cyber-espionage-attack.pdf) | [Local](../../blob/master/2015/2015.11.04_Evolving_Threats)
|
||||
* Oct 16 - [[Citizen Lab] Targeted Malware Attacks against NGO Linked to Attacks on Burmese Government Websites](https://citizenlab.org/2015/10/targeted-attacks-ngo-burma/)(https://otx.alienvault.com/pulse/5621208f4637f21ecf2aac36/) | [Local](../../blob/master/2015/2015.10.targeted-attacks-ngo-burma.pdf)
|
||||
* Oct 15 - [[Citizen Lab] Pay No Attention to the Server Behind the Proxy: Mapping FinFisher’s Continuing Proliferation](https://citizenlab.org/2015/10/mapping-finfishers-continuing-proliferation/) | [Local](../../blob/master/2015/Mapping%20FinFisher%E2%80%99s%20Continuing%20Proliferation.pdf)
|
||||
* Oct 16 - [[Citizen Lab] Targeted Malware Attacks against NGO Linked to Attacks on Burmese Government Websites](https://citizenlab.org/2015/10/targeted-attacks-ngo-burma/)(https://otx.alienvault.com/pulse/5621208f4637f21ecf2aac36/) | [Local](../../blob/master/2015/2015.10.16.NGO_Burmese_Government)
|
||||
* Oct 15 - [[Citizen Lab] Pay No Attention to the Server Behind the Proxy: Mapping FinFisher’s Continuing Proliferation](https://citizenlab.org/2015/10/mapping-finfishers-continuing-proliferation/) | [Local](../../blob/master/2015/2015.10.15.FinFisher_Continuing)
|
||||
* Oct 05 - [[Recorded Future] Proactive Threat Identification Neutralizes Remote Access Trojan Efficacy](http://go.recordedfuture.com/hubfs/reports/threat-identification.pdf) | [Local](../../blob/master/2015/2015.10.05.Proactive_Threat_Identification)
|
||||
* Oct 03 - [[Cybereason] Webmail Server APT: A New Persistent Attack Methodology Targeting Microsoft Outlook Web Application (OWA)](http://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf) | [Local](../../blob/master/2015/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf)
|
||||
* Oct 03 - [[Cybereason] Webmail Server APT: A New Persistent Attack Methodology Targeting Microsoft Outlook Web Application (OWA)](http://go.cybereason.com/rs/996-YZT-709/images/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf) | [Local](../../blob/master/2015/2015.10.03.Webmail_Server_APT)
|
||||
* Sep 23 - [[ThreatConnect] PROJECT CAMERASHY: CLOSING THE APERTURE ON CHINA’S UNIT 78020](https://www.threatconnect.com/camerashy-intro/) | [PDF](https://cdn2.hubspot.net/hubfs/454298/Project_CAMERASHY_ThreatConnect_Copyright_2015.pdf) | [local](../../blob/master/2015/2015.09.23.CAMERASHY_ThreatConnect)
|
||||
* Sep 17 - [[F-SECURE] The Dukes 7 Years of Russian Cyber Espionage](https://labsblog.f-secure.com/2015/09/17/the-dukes-7-years-of-russian-cyber-espionage/) - [PDF](https://www.f-secure.com/documents/996508/1030745/dukes_whitepaper.pdf) | [Local](../../blob/master/2015/2015.09.17.duke_russian)
|
||||
* Sep 16 - [[Proofpoint] The shadow knows: Malvertising campaigns use domain shadowing to pull in Angler EK](https://www.proofpoint.com/us/threat-insight/post/The-Shadow-Knows) | [Local](../../blob/master/2015/2015.09.16.The-Shadow-Knows)
|
||||
|
|
@ -452,12 +452,12 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
|||
* Sep 09 - [[Kaspersky] Satellite Turla: APT Command and Control in the Sky](https://securelist.com/blog/research/72081/satellite-turla-apt-command-and-control-in-the-sky/) | [Local](../../blob/master/2015/2015.09.09.satellite-turla-apt)
|
||||
* Sep 08 - [[Palo Alto Networks] Musical Chairs: Multi-Year Campaign Involving New Variant of Gh0st Malware](http://researchcenter.paloaltonetworks.com/2015/09/musical-chairs-multi-year-campaign-involving-new-variant-of-gh0st-malware/) | [Local](../../blob/master/2015/2015.09.08.Musical_Chairs_Gh0st_Malware)
|
||||
* Sep 01 - [[Trend Micro, Clearsky] The Spy Kittens Are Back: Rocket Kitten 2](http://www.trendmicro.tw/vinfo/us/security/news/cyber-attacks/rocket-kitten-continues-attacks-on-middle-east-targets) | [PDF](http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-spy-kittens-are-back.pdf) | [Local](../../blob/master/2015/2015.09.01.Rocket_Kitten_2)
|
||||
* Aug 20 - [[Arbor] PlugX Threat Activity in Myanmar](http://pages.arbornetworks.com/rs/082-KNA-087/images/ASERT%20Threat%20Intelligence%20Brief%202015-05%20PlugX%20Threat%20Activity%20in%20Myanmar.pdf) | [Local](../../blob/master/2015/Sep.01.PlugX_Threat_Activity_in_Myanmar)
|
||||
* Aug 20 - [[Arbor] PlugX Threat Activity in Myanmar](http://pages.arbornetworks.com/rs/082-KNA-087/images/ASERT%20Threat%20Intelligence%20Brief%202015-05%20PlugX%20Threat%20Activity%20in%20Myanmar.pdf) | [Local](../../blob/master/2015/2015.08.20.PlugX_Threat_Activity_in_Myanmar)
|
||||
* Aug 20 - [[Kaspersky] New activity of the Blue Termite APT](https://securelist.com/blog/research/71876/new-activity-of-the-blue-termite-apt/) | [Local](../../blob/master/2015/2015.08.20.new-activity-of-the-blue-termite-apt)
|
||||
* Aug 19 - [[Symantec] New Internet Explorer zero-day exploited in Hong Kong attacks](http://www.symantec.com/connect/blogs/new-internet-explorer-zero-day-exploited-hong-kong-attacks) | [Local](../../blob/master/2015/2015.08.19.new-internet-explorer-zero-day-exploited-hong-kong-attacks)
|
||||
* Aug 10 - [[ShadowServer] The Italian Connection: An analysis of exploit supply chains and digital quartermasters](http://blog.shadowserver.org/2015/08/10/the-italian-connection-an-analysis-of-exploit-supply-chains-and-digital-quartermasters/) | [Local](../../blob/master/2015/Aug.10.The_Italian_Connection_An_analysis_of_exploit_supply_chains_and_digital_quartermasters)
|
||||
* Aug 08 - [[cyint.dude] Threat Analysis: Poison Ivy and Links to an Extended PlugX Campaign](http://www.cyintanalysis.com/threat-analysis-poison-ivy-and-links-to-an-extended-plugx-campaign/) | [Local](../../blob/master/2015/Aug.08.Threat_Analysis\:Poison_Ivy_and_Links_to_an_Extended_PlugX_Campaign)
|
||||
* Aug 05 - [[Dell] Threat Group-3390 Targets Organizations for Cyberespionage](http://www.secureworks.com/cyber-threat-intelligence/threats/threat-group-3390-targets-organizations-for-cyberespionage/) | [Local](../../blob/master/2015/Aug.05.Threat_Group-3390_Targets_Organizations_for_Cyberespionage)
|
||||
* Aug 10 - [[ShadowServer] The Italian Connection: An analysis of exploit supply chains and digital quartermasters](http://blog.shadowserver.org/2015/08/10/the-italian-connection-an-analysis-of-exploit-supply-chains-and-digital-quartermasters/) | [Local](../../blob/master/2015/2015.08.10.The_Italian_Connection_An_analysis_of_exploit_supply_chains_and_digital_quartermasters)
|
||||
* Aug 08 - [[Cyint] Threat Analysis: Poison Ivy and Links to an Extended PlugX Campaign](http://www.cyintanalysis.com/threat-analysis-poison-ivy-and-links-to-an-extended-plugx-campaign/) | [Local](../../blob/master/2015/2015.08.08.Poison_Ivy_and_Links_to_an_Extended_PlugX_Campaign)
|
||||
* Aug 05 - [[Dell] Threat Group-3390 Targets Organizations for Cyberespionage](http://www.secureworks.com/cyber-threat-intelligence/threats/threat-group-3390-targets-organizations-for-cyberespionage/) | [Local](../../blob/master/2015/2015.08.05.Threat_Group-3390)
|
||||
* Aug 04 - [[RSA] Terracotta VPN: Enabler of Advanced Threat Anonymity](https://blogs.rsa.com/terracotta-vpn-enabler-of-advanced-threat-anonymity/) | [Local](../../blob/master/2015/2015.08.04.Terracotta_VPN)
|
||||
* Jul 30 - [[ESET] Operation Potao Express](http://www.welivesecurity.com/2015/07/30/operation-potao-express/) | [IOC](https://github.com/eset/malware-ioc/tree/master/potao) | [Local](../../blob/master/2015/2015.07.30.Operation-Potao-Express)
|
||||
* Jul 28 - [[Symantec] Black Vine: Formidable cyberespionage group targeted aerospace, healthcare since 2012](http://www.symantec.com/connect/blogs/black-vine-formidable-cyberespionage-group-targeted-aerospace-healthcare-2012) | [Local](../../blob/master/2015/2015.07.28.Black_Vine)
|
||||
|
|
@ -496,29 +496,29 @@ APT28 group](http://csecybsec.com/download/zlab/20180713_CSE_APT28_X-Agent_Op-Ro
|
|||
* May 18 - [[Palo Alto Networks] Cmstar Downloader: Lurid and Enfal’s New Cousin](http://researchcenter.paloaltonetworks.com/2015/05/cmstar-downloader-lurid-and-enfals-new-cousin/) | [Local](../../blob/master/2015/2015.05.18.Cmstar)
|
||||
* May 14 - [[Trend Micro] Operation Tropic Trooper](http://blog.trendmicro.com/trendlabs-security-intelligence/operation-tropic-trooper-old-vulnerabilities-still-pack-a-punch/) | [Local](../../blob/master/2015/2015.05.14.Operation_Tropic_Trooper)
|
||||
* May 14 - [[Kaspersky] The Naikon APT](https://securelist.com/analysis/publications/69953/the-naikon-apt/) | [Local](../../blob/master/2015/2015.05.14.Naikon_APT)
|
||||
* May 13 - [SPEAR: A Threat Actor Resurfaces](http://blog.cylance.com/spear-a-threat-actor-resurfaces)
|
||||
* May 12 - [root9B Uncovers Planned Sofacy Cyber Attack Targeting Several International and Domestic Financial Institutions](http://www.prnewswire.com/news-releases/root9b-uncovers-planned-sofacy-cyber-attack-targeting-several-international-and-domestic-financial-institutions-300081634.html)
|
||||
* May 07 - [Dissecting the Kraken](https://blog.gdatasoftware.com/blog/article/dissecting-the-kraken.html)
|
||||
* May 05 - [Targeted attack on France’s TV5Monde](http://global.ahnlab.com/global/upload/download/documents/1506306551185339.pdf) | [Local](../../blob/master/2015/2015.05.05.Targeted_attack_on_France_TV5Monde)
|
||||
* Apr 27 - [Attacks against Israeli & Palestinian interests](http://pwc.blogs.com/cyber_security_updates/2015/04/attacks-against-israeli-palestinian-interests.html)
|
||||
* Apr 22 - [CozyDuke](https://www.f-secure.com/documents/996508/1030745/CozyDuke)
|
||||
* Apr 21 - [The CozyDuke APT](http://securelist.com/blog/69731/the-cozyduke-apt)
|
||||
* Apr 20 - [Sofacy II – Same Sofacy, Different Day](http://pwc.blogs.com/cyber_security_updates/2015/04/the-sofacy-plot-thickens.html)
|
||||
* Apr 18 - [Operation RussianDoll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia’s APT28 in Highly-Targeted Attack](https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html)
|
||||
* Apr 16 - [Operation Pawn Storm Ramps Up its Activities; Targets NATO, White House](http://blog.trendmicro.com/trendlabs-security-intelligence/operation-pawn-storm-ramps-up-its-activities-targets-nato-white-house)
|
||||
* Apr 15 - [The Chronicles of the Hellsing APT: the Empire Strikes Back](http://securelist.com/analysis/publications/69567/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back/)
|
||||
* Apr 12 - [APT 30 and the Mechanics of a Long-Running Cyber Espionage Operation](https://www.fireeye.com/blog/threat-research/2015/04/apt_30_and_the_mecha.html)
|
||||
* Mar 31 - [Volatile Cedar – Analysis of a Global Cyber Espionage Campaign](http://blog.checkpoint.com/2015/03/31/volatilecedar/)
|
||||
* Mar 19 - [Rocket Kitten Showing Its Claws: Operation Woolen-GoldFish and the GHOLE campaign](http://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-woolen-goldfish-when-kittens-go-phishing)
|
||||
* Mar 11 - [Inside the EquationDrug Espionage Platform](http://securelist.com/blog/research/69203/inside-the-equationdrug-espionage-platform/)
|
||||
* Mar 10 - [Tibetan Uprising Day Malware Attacks](https://citizenlab.org/2015/03/tibetan-uprising-day-malware-attacks/)
|
||||
* Mar 06 - [Is Babar a Bunny?](https://www.f-secure.com/weblog/archives/00002794.html)
|
||||
* Mar 06 - [Animals in the APT Farm](http://securelist.com/blog/research/69114/animals-in-the-apt-farm/)
|
||||
* Mar 05 - [Casper Malware: After Babar and Bunny, Another Espionage Cartoon](http://www.welivesecurity.com/2015/03/05/casper-malware-babar-bunny-another-espionage-cartoon)
|
||||
* Feb 24 - [A deeper look into Scanbox](http://pwc.blogs.com/cyber_security_updates/2015/02/a-deeper-look-into-scanbox.html)
|
||||
* Feb 27 - [The Anthem Hack: All Roads Lead to China](http://www.threatconnect.com/news/the-anthem-hack-all-roads-lead-to-china/) | [Local](../../blob/master/2015/2015.02.27.The_Anthem_Hack_All_Roads_Lead_to_China)
|
||||
* Feb 25 - [Southeast Asia: An Evolving Cyber Threat Landscape](https://www.fireeye.com/content/dam/FireEye-www/current-threats/pdfs/rpt-southeast-asia-threat-landscape.pdf)
|
||||
* Feb 25 - [PlugX goes to the registry (and India)](http://blogs.sophos.com/2015/02/25/sophoslabs-research-uncovers-new-developments-in-plugx-apt-malware/)
|
||||
* May 13 - [[Cylance] SPEAR: A Threat Actor Resurfaces](http://blog.cylance.com/spear-a-threat-actor-resurfaces) | [Local](../../blob/master/2015/2015.05.13.Spear_Threat)
|
||||
* May 12 - [[PR Newswire] root9B Uncovers Planned Sofacy Cyber Attack Targeting Several International and Domestic Financial Institutions](http://www.prnewswire.com/news-releases/root9b-uncovers-planned-sofacy-cyber-attack-targeting-several-international-and-domestic-financial-institutions-300081634.html) | [Local](../../blob/master/2015/2015.05.12.Sofacy_root9B)
|
||||
* May 07 - [[G Data] Dissecting the Kraken](https://blog.gdatasoftware.com/blog/article/dissecting-the-kraken.html) | [Local](../../blob/master/2015/2015.05.07.Kraken)
|
||||
* May 05 - [[Ahnlab] Targeted attack on France’s TV5Monde](http://global.ahnlab.com/global/upload/download/documents/1506306551185339.pdf) | [Local](../../blob/master/2015/2015.05.05.Targeted_attack_on_France_TV5Monde)
|
||||
* Apr 27 - [[PWC] Attacks against Israeli & Palestinian interests](http://pwc.blogs.com/cyber_security_updates/2015/04/attacks-against-israeli-palestinian-interests.html) | [Local](../../blob/master/2015/2015.04.27.Attacks_Israeli_Palestinian)
|
||||
* Apr 22 - [[F-SECURE] CozyDuke](https://www.f-secure.com/documents/996508/1030745/CozyDuke) | [Local](../../blob/master/2015/2015.04.22.CozyDuke)
|
||||
* Apr 21 - [[Kaspersky] The CozyDuke APT](http://securelist.com/blog/69731/the-cozyduke-apt) | [Local](../../blob/master/2015/2015.04.21.CozyDuke_APT)
|
||||
* Apr 20 - [[PWC] Sofacy II – Same Sofacy, Different Day](http://pwc.blogs.com/cyber_security_updates/2015/04/the-sofacy-plot-thickens.html) | [Local](../../blob/master/2015/2015.04.20.Sofacy_II)
|
||||
* Apr 18 - [[FireEye] Operation RussianDoll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia’s APT28 in Highly-Targeted Attack](https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html) | [Local](../../blob/master/2015/2015.04.18.Operation_RussianDoll)
|
||||
* Apr 16 - [[Trend Micro] Operation Pawn Storm Ramps Up its Activities; Targets NATO, White House](http://blog.trendmicro.com/trendlabs-security-intelligence/operation-pawn-storm-ramps-up-its-activities-targets-nato-white-house) | [Local](../../blob/master/2015/2015.04.16.Operation_Pawn_Storm)
|
||||
* Apr 15 - [[Kaspersky] The Chronicles of the Hellsing APT: the Empire Strikes Back](http://securelist.com/analysis/publications/69567/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back/) | [Local](../../blob/master/2015/2015.04.15.Hellsing_APT)
|
||||
* Apr 12 - [[FireEye] APT 30 and the Mechanics of a Long-Running Cyber Espionage Operation](https://www.fireeye.com/blog/threat-research/2015/04/apt_30_and_the_mecha.html) | [Local](../../blob/master/2015/2015.04.12.APT30)
|
||||
* Mar 31 - [[CheckPoint] Volatile Cedar – Analysis of a Global Cyber Espionage Campaign](http://blog.checkpoint.com/2015/03/31/volatilecedar/) | [Local](../../blob/master/2015/2015.03.31.Volatile_Cedar)
|
||||
* Mar 19 - [[Trend Micro] Rocket Kitten Showing Its Claws: Operation Woolen-GoldFish and the GHOLE campaign](http://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-woolen-goldfish-when-kittens-go-phishing) | [Local](../../blob/master/2015/2015.03.19.Goldfish_Phishing)
|
||||
* Mar 11 - [[Kaspersky] Inside the EquationDrug Espionage Platform](http://securelist.com/blog/research/69203/inside-the-equationdrug-espionage-platform/) | [Local](../../blob/master/2015/2015.03.11.EquationDrug)
|
||||
* Mar 10 - [[CitizenLab] Tibetan Uprising Day Malware Attacks](https://citizenlab.org/2015/03/tibetan-uprising-day-malware-attacks/) | [Local](../../blob/master/2015/2015.03.10.Tibetan_Uprising)
|
||||
* Mar 06 - [[F-SECURE] Is Babar a Bunny?](https://www.f-secure.com/weblog/archives/00002794.html) | [Local](../../blob/master/2015/2015.03.06.Babar_or_Bunny)
|
||||
* Mar 06 - [[Kaspersky] Animals in the APT Farm](https://securelist.com/animals-in-the-apt-farm/69114/) | [Local](../../blob/master/2015/2015.03.06.Animals_APT_Farm)
|
||||
* Mar 05 - [[ESET] Casper Malware: After Babar and Bunny, Another Espionage Cartoon](http://www.welivesecurity.com/2015/03/05/casper-malware-babar-bunny-another-espionage-cartoon) | [Local](../../blob/master/2015/2015.03.05.Casper_Malware)
|
||||
* Feb 24 - [[PWC] A deeper look into Scanbox](http://pwc.blogs.com/cyber_security_updates/2015/02/a-deeper-look-into-scanbox.html) | [Local](../../blob/master/2015/2015.02.24.Deeper_Scanbox)
|
||||
* Feb 27 - [[ThreatConnect] The Anthem Hack: All Roads Lead to China](http://www.threatconnect.com/news/the-anthem-hack-all-roads-lead-to-china/) | [Local](../../blob/master/2015/2015.02.27.The_Anthem_Hack_All_Roads_Lead_to_China)
|
||||
* Feb 25 - [[FireEye] Southeast Asia: An Evolving Cyber Threat Landscape](https://www.fireeye.com/content/dam/FireEye-www/current-threats/pdfs/rpt-southeast-asia-threat-landscape.pdf) | [Local](../../blob/master/2015/2015.02.25.Southeast_Asia_Threat_Landscape)
|
||||
* Feb 25 - [[Sophos] PlugX goes to the registry (and India)](http://blogs.sophos.com/2015/02/25/sophoslabs-research-uncovers-new-developments-in-plugx-apt-malware/) | [Local](../../blob/master/2015/2015.02.25.PlugX_to_registry)
|
||||
* Feb 18 - [[G DATA] Babar: espionage software finally found and put under the microscope](https://blog.gdatasoftware.com/blog/article/babar-espionage-software-finally-found-and-put-under-the-microscope.html) | [Local](../../blob/master/2015/2015.02.18.Babar)
|
||||
* Feb 18 - [[CIRCL Luxembourg] Shooting Elephants](https://drive.google.com/file/d/0B9Mrr-en8FX4dzJqLWhDblhseTA/view) | [Local](../../blob/master/2015/2015.02.18.Shooting_Elephants)
|
||||
* Feb 17 - [[Kaspersky] Desert Falcons APT](https://securelist.com/blog/research/68817/the-desert-falcons-targeted-attacks/) | [Local](../../blob/master/2015/2015.02.17.Desert_Falcons_APT)
|
||||
|
|
|
|||
Loading…
Reference in New Issue