424 KiB
Executable File
424 KiB
Executable File
| 1 | Published | SHA-1 | Filename | Download URL |
|---|---|---|---|---|
| 2 | 0001-01-01 | 725568c41fa9f1d7e8a2226e71e5b2a39fd08121 | C5_APT_ADecadeInReview | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.06.APT/C5_APT_ADecadeInReview.pdf |
| 3 | 0001-01-01 | 940615997789ceefea673c8a248829338c6ed7b0 | crowdstrike-deep-panda-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.00.00.Deep.Panda/crowdstrike-deep-panda-report.pdf |
| 4 | 2008-08-10 | 2fbd7813367fad45e7fd1922381a05e27b0e9673 | CYBERWAR-fd_2_ | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2008/2008.08.10.Russian_Cyberwar_on_Georgia/CYBERWAR-fd_2_.pdf |
| 5 | 2008-10-02 | 3e6399a4b608bbd99dd81bd2be4cd49731362b5e | Cyberwar | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2008/2008.10.02.China_Cyber_Warfare/Cyberwar.pdf |
| 6 | 2008-11-04 | 21ff0c24d2c1f9fc3ffbd7c5f12d0ba62674954e | a492659 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2008/2008.11.04.China_Electornic_Long_Range_Reconnaissance/a492659.pdf |
| 7 | 2008-11-04 | 3cb34c41fbc409d992dcab6a1655076494ffcf58 | chinas-electronic | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2008/2008.CHINA_CHINA_CYBER_WARFARE/chinas-electronic.pdf |
| 8 | 2008-11-19 | 5d9541526e38d6ff91775c82f5e98090064d6fc9 | army-bans-usb-d | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2008/2008.11.19.UNDER_WORM_ASSAULT/army-bans-usb-d.pdf |
| 9 | 2009-01-18 | b0f5f77865f24c5064f78ed7cd30bbdf2c111945 | Ashmore - Impact of Alleged Russian Cyber Attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2009/2009.01.18.Russian_Cyber_Attacks/Ashmore%20-%20Impact%20of%20Alleged%20Russian%20Cyber%20Attacks%20.pdf |
| 10 | 2009-03-29 | 28dd92f598e7d8987d8236767856c70be4f7e85f | ghostnet | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2009/2009.03.29.GhostNet/ghostnet.pdf |
| 11 | 2009-06-18 | f56db4d90d6d5aa8f3bf52b1239cdbe41d6a4268 | DECLAWING THE DRAGON | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/historical/2009/DECLAWING%20THE%20DRAGON.pdf |
| 12 | 2009-10-19 | 53094d0eb6013f0ec9691444d1b2bdd80e9b718d | Cyber-030 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2009/2009.10.19.Capability_China_Cyber_Warfare/Cyber-030.pdf |
| 13 | 2010-01-12 | 751384456df3630063f0b2a0a39868d468092f65 | Operation Aurora | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.01.12.Operation_Aurora/Operation%20Aurora.pdf |
| 14 | 2010-01-13 | 9a7a1d3f7719c02dced8633ac0bf43d6e9ec7a1b | Aurora_Botnet_Command_Structure | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.01.13.Aurora_Botnet/Aurora_Botnet_Command_Structure.pdf |
| 15 | 2010-01-20 | 52123660be8b8cad9d46244f669f2cfd96101750 | Combating Threats - Operation Aurora | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.01.20.Combating_Aurora/Combating%20Threats%20-%20Operation%20Aurora.pdf |
| 16 | 2010-01-26 | 1001e5c45200e0f138e9e9d508afc31c475d6ce7 | how_can_u_tell_Aurora | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.01.26.Operation_Aurora_IoC/how_can_u_tell_Aurora.pdf |
| 17 | 2010-01-27 | 3494bd514034f0658ec66b2f515cd9a60c51a8e7 | Aurora_HBGARY_DRAFT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.01.27.Operation_Aurora_Detect_Diagnose_Respond/Aurora_HBGARY_DRAFT.pdf |
| 18 | 2010-02-10 | 4d9c8ecae38f217729cf8a9df934e7cc5de2ae1a | WhitePaper HBGary Threat Report, Operation Aurora | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.02.10.Threat_Report_Operation_Aurora/WhitePaper%20HBGary%20Threat%20Report%2C%20Operation%20Aurora.pdf |
| 19 | 2010-03-14 | 6eb3094ecab54a8b80932f4bec263696f849ca77 | in-depth_analysis_of_hydraq_final_231538 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.03.14.Hydraq/in-depth_analysis_of_hydraq_final_231538.pdf |
| 20 | 2010-04-06 | 8a982bc5c8303440faa4d5672a38bb7a613c382b | shadows-in-the-cloud | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.04.06.Shadows_in_the_cloud/shadows-in-the-cloud.pdf |
| 21 | 2010-09-03 | c7d0387067ba747e3a3d9b43b7349d7888bf574e | MSUpdaterTrojanWhitepaper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.09.03.MSUpdater.Trojan/MSUpdaterTrojanWhitepaper.pdf |
| 22 | 2010-09-21 | 510f1b2342f3ca3dd24179821eb451488d6e9722 | Case_Study_Operation_Aurora_V11 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.01.Case_Study_Operation_Aurora/Case_Study_Operation_Aurora_V11.pdf |
| 23 | 2010-09-30 | 93c9ad9c9d9e1d882d56d8ceb1aa684d147d0a78 | w32_stuxnet_dossier | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.09.30.W32.Stuxnet_Dossier/w32_stuxnet_dossier.pdf |
| 24 | 2010-12-09 | 87f9c1bed271cc832c0fed2ddcde55e72f9801dd | R41524 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2010/2010.12.09.Stuxnet_Worm/R41524.pdf |
| 25 | 2011-02-10 | e0fce95ccdb9c400f2dd3859ebe268f5bc7877ce | wp-global-energy-cyberattacks-night-dragon | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.02.10.Night_Dragon/wp-global-energy-cyberattacks-night-dragon.pdf |
| 26 | 2011-02-18 | 1fe534fe68fe1a93ef2b536f1365219653b560ee | Alerts DL-2011 Alerts-A-2011-02-18-01 Night Dragon Attachment 1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.02.18.Night_Dragon.Specific/Alerts%20DL-2011%20Alerts-A-2011-02-18-01%20Night%20Dragon%20Attachment%201.pdf |
| 27 | 2011-04-13 | c35971b70eec914e14691b17b531aedc1f142217 | CyberEspionage | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/historical/2011/CyberEspionage.pdf |
| 28 | 2011-04-20 | 4c1b1b0da537c482d359bf75435cb8abb1df7093 | Stuxnet_Under_the_Microscope | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.04.20.Stuxnet/Stuxnet_Under_the_Microscope.pdf |
| 29 | 2011-06-23 | db15d399006eb4b59465463484b85071881a89f6 | vol7no2Ball | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/historical/2011/vol7no2Ball.pdf |
| 30 | 2011-08-02 | 254132938c6ff6eeaa5e3b1e8d8d506472c028b7 | shady_rat_vanity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.08.02.Operation_Shady_RAT_Vanity/shady_rat_vanity.pdf |
| 31 | 2011-08-03 | 1461452398e57d541209eb6bc29e0743369b373b | HTran_and_the_Advanced_Persistent_Threat | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.08.03.HTran/HTran_and_the_Advanced_Persistent_Threat.pdf |
| 32 | 2011-08-04 | deb92a55dffa951697d3367750df2cf8e4480f8f | wp-operation-shady-rat | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.08.04.Operation_Shady_RAT/wp-operation-shady-rat.pdf |
| 33 | 2011-09-09 | 83564e2939b4f62a4ff82c435adba86699cfc753 | FTA1001-The_RSA_Hack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.09.09.RSA_Hack/FTA1001-The_RSA_Hack.pdf |
| 34 | 2011-09-11 | 2b98220caf158d1c4f6d72abbc379899e35edc4d | C5_APT_SKHack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.09.11.SK_Hack/C5_APT_SKHack.pdf |
| 35 | 2011-09-22 | 23f1f9e5771be71725fa19487da59f6779f5ee3f | wp_dissecting-lurid-apt | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.09.22.LURID_Downloader/wp_dissecting-lurid-apt.pdf |
| 36 | 2011-10-03 | 2be5fe12ee54448d9e5dfa943ebcfcf44a115181 | enter-the-cyberdragon | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/historical/2011/enter-the-cyberdragon.pdf |
| 37 | 2011-10-12 | fd81d98729029a483e0c5c69d908ab96014edbe5 | tb_advanced_persistent_threats | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.10.12.1.php.group/tb_advanced_persistent_threats.pdf |
| 38 | 2011-10-26 | c59b324139b965677a9933f7435b5ac34ca40126 | Duqu_Trojan_Questions_and_Answers | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.10.26.Duqu/Duqu_Trojan_Questions_and_Answers.pdf |
| 39 | 2011-10-26 | f4231f388207b578c46b126e14d5ed4f9b405424 | Evolution_Drivers_Duqu_Stuxnet | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.10.26.Duqu/Evolution_Drivers_Duqu_Stuxnet.pdf |
| 40 | 2011-10-31 | f26ddf5c622dd52fc46cd46813c9552a08214587 | the_nitro_attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.10.31.Nitro/the_nitro_attacks.pdf |
| 41 | 2011-11-15 | 02e2959da1d4522c2d94ffbc7a1871470b2f7912 | Faces_Ghost_RAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.11.15.Many_Faces_Gh0st_Rat/Faces_Ghost_RAT.pdf |
| 42 | 2011-12-08 | b0ac3fce955bb8361b98a791919d639b18877d56 | Palebot_Palestinian_credentials | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2011/2011.12.08.Palebot_Trojan/Palebot_Palestinian_credentials.pdf |
| 43 | 2012-01-03 | a486fb5b0b485796f0b2d1248c948e7c64c6b49a | wp_the-heartbeat-apt-campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.01.03.HeartBeat_APT/wp_the-heartbeat-apt-campaign.pdf |
| 44 | 2012-02-03 | f8b1d371008a2108bb7ded054b7b0b7cdc4d5295 | C5_APT_C2InTheFifthDomain | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.02.03.Fifth_Domain_CnC/C5_APT_C2InTheFifthDomain.pdf |
| 45 | 2012-02-29 | 771d703ce533bea8dbece799705ce8e61717a8a5 | The_Sin_Digoo_Affair | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.02.29.Sin_Digoo_Affair/The_Sin_Digoo_Affair.pdf |
| 46 | 2012-03-12 | 75c240fb4334b2307b56c336284acad112e40063 | Crouching_tiger_hidden_dragon | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.03.12.Crouching_Tiger/Crouching_tiger_hidden_dragon.pdf |
| 47 | 2012-03-13 | 50511389957f7c2e0127031d8633724ae05354f3 | Crypto-DarkComet-Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.03.13.DarkComet_RAT/Crypto-DarkComet-Report.pdf |
| 48 | 2012-03-26 | bdb218fdc0cce0bc57f77a9a1e6d3cc7e81b55f9 | wp_luckycat_redux | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.03.26.Luckycat_Redux/wp_luckycat_redux.pdf |
| 49 | 2012-04-10 | 5dba7529dfdcd435578dad0c219da02da54b28a0 | Know Your Digital Enemy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.04.10.Gh0st_RAT/Know%20Your%20Digital%20Enemy.pdf |
| 50 | 2012-04-16 | 0b792ff94ca71eeb71aba780286f7c4bf9f75b40 | OSX_SabPub | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.04.16.OSX.SabPub/OSX_SabPub.pdf |
| 51 | 2012-05-18 | 0120f4f065c62bcd218bbc21bc729bd3645adf14 | w32_flamer_newsforyou | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.05.18.Flamer_CnC/w32_flamer_newsforyou.pdf |
| 52 | 2012-05-22 | c00b7449b733f070c148c5b6c0a4df087a3f34f1 | wp_ixeshe | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.05.22.IXESHE/wp_ixeshe.pdf |
| 53 | 2012-05-31 | 6e4df95a65ad848c8192c7c76ed35d622764cab3 | skywiper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.05.31.Flame_sKyWIper/skywiper.pdf |
| 54 | 2012-07-10 | 61c047476369c5069e39f3d06825d847d924d216 | Tibet_Lurk | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.07.10.SE_LURK_Malware/Tibet_Lurk.pdf |
| 55 | 2012-07-11 | 983e09b7e903852529a53e7973fa8b91ac818ec2 | dark-comet-syrian-spy-tool | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.07.11.DarkComet_Creator/dark-comet-syrian-spy-tool.pdf |
| 56 | 2012-07-25 | 6d0de3e44a012f45a7b56a9862d1d67ef8bfd7e8 | From-Bahrain-With-Love-FinFishers-Spy-Kit-Exposed | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.07.25.FinFisher_Spy_Kit/From-Bahrain-With-Love-FinFishers-Spy-Kit-Exposed.pdf |
| 57 | 2012-07-27 | 51b16ee4bb04d663a4c67e23e3d3bf816ae12207 | The_Madi_Infostealers | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.07.27.Madi_Campaign/The_Madi_Infostealers.pdf |
| 58 | 2012-08-09 | 4c9c37199b1e1da37d0dae56f7a6469e0b0a4c6e | kaspersky-lab-gauss | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.08.09.Gauss/kaspersky-lab-gauss.pdf |
| 59 | 2012-08-18 | 5fc09310938d289541ffe01a218ae644abe2495d | wp_the_taidoor_campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.08.18.Taidoor_Campaign/wp_the_taidoor_campaign.pdf |
| 60 | 2012-08-19 | 2ca545418f9fefe1c4dd96feeeff256adbb97e6f | ByeBye Shell and the targeting of Pakistan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.08.19.ByeBye_Shell/ByeBye%20Shell%20and%20the%20targeting%20of%20Pakistan.pdf |
| 61 | 2012-09-06 | ce7a662c0f822536e6beff4856f701d28137c8e1 | the-elderwood-project | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.09.06.Elderwood/the-elderwood-project.pdf |
| 62 | 2012-09-07 | bd6f3f93d3c87e78149d766b2613ed9e18bc2620 | IEXPL0RE_RAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.09.07.IEXPLORE_RAT/IEXPL0RE_RAT.pdf |
| 63 | 2012-09-12 | 759e45d0b495ec23949b3324fd543df7e450afdc | VOHO_WP_FINAL_READY-FOR-Publication-09242012_AC | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.09.12.VOHO_Campaign/VOHO_WP_FINAL_READY-FOR-Publication-09242012_AC.pdf |
| 64 | 2012-09-18 | cfd4451a15223fdf667285b12a8829a4b409495a | The_Mirage_Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.09.18.Mirage_Campaign/The_Mirage_Campaign.pdf |
| 65 | 2012-10-08 | 203258819d7fbffdfae2c5df96d71254a2816ca6 | PEST-CONTROL | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.10.08.Pest_Control/PEST-CONTROL.pdf |
| 66 | 2012-10-27 | c32627e18128fbf249a084272310996d1b794bb5 | trojan_taidoor-targeting_think_tanks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.10.27.Taidoor/trojan_taidoor-targeting_think_tanks.pdf |
| 67 | 2012-10-31 | 340b8d20ea5489bf3cfbe390dacc01237f11034b | Cyber_Espionage_Against_Georgian_Government | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.10.31.CYBER_ESPIONAGE_Georbot_Botnet/Cyber_Espionage_Against_Georgian_Government.pdf |
| 68 | 2012-11-01 | 4477f8bb9e82fa99d4c0f1d57720f5856b8ee9f8 | FTA 1007 - Shamoon | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.11.01.RECOVERING_FROM_SHAMOON/FTA%201007%20-%20Shamoon.pdf |
| 69 | 2012-11-03 | 299a326641766c588a04f990927f795ecc31726f | Cyberattack_against_Israeli_and_Palestinian_targets | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.11.03.Israeli_and_Palestinian_Attack/Cyberattack_against_Israeli_and_Palestinian_targets.pdf |
| 70 | 2012-11-13 | 5276375276d632b9a43037ef9a99221b81cb1a61 | fireeye-poison-ivy-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2012/2012.11.13.Poison_Ivy/fireeye-poison-ivy-report.pdf |
| 71 | 2012-11-13 | e802d6f06085f22242a66b06c785315e1c63c070 | WickedRose_andNCPH | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2006/2006.Wicked_Rose/WickedRose_andNCPH.pdf |
| 72 | 2013-01-02 | 7ddab1f54ef0ba0a48efdb7ca39ddcc82f0a84d6 | fireeye-malware-supply-chain | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.02.SUPPLY_CHAIN_ANALYSIS/fireeye-malware-supply-chain.pdf |
| 73 | 2013-01-14 | 10c2d6c60b4a34422a12c7583624c4764b815ba6 | securelist.com-Red October Detailed Malware Description 3 Second Stage of Attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Detailed%20Malware%20Description%203%20Second%20Stage%20of%20Attack.pdf |
| 74 | 2013-01-14 | 89cfdc989240721e191029bc3636aabaddaa84b8 | securelist.com-Red October Detailed Malware Description 1 First Stage of Attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Detailed%20Malware%20Description%201%20First%20Stage%20of%20Attack.pdf |
| 75 | 2013-01-14 | 9fd39a98ef48a12695acf4bc6e1c595055c471eb | securelist.com-Red October Detailed Malware Description 5 Second Stage of Attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Detailed%20Malware%20Description%205%20Second%20Stage%20of%20Attack.pdf |
| 76 | 2013-01-14 | b64a571a29d1c2cfc40b6b6cef50a95e6ce3b455 | Securelist_RedOctober | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/Securelist_RedOctober.pdf |
| 77 | 2013-01-14 | c38d19048cb7d66480d4e12c61fc0c3c8ebbc78d | securelist.com-Red October Detailed Malware Description 4 Second Stage of Attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Detailed%20Malware%20Description%204%20Second%20Stage%20of%20Attack.pdf |
| 78 | 2013-01-14 | caaf84ec5a1f8b12a1d849660e25bf304baec135 | securelist.com-Red October Diplomatic Cyber Attacks Investigation | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Diplomatic%20Cyber%20Attacks%20Investigation.pdf |
| 79 | 2013-01-14 | e2b327a479a7e3c4fa7a3a34782bf7bca51f597d | securelist.com-Red October Detailed Malware Description 2 Second Stage of Attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/securelist.com-Red%20October%20Detailed%20Malware%20Description%202%20Second%20Stage%20of%20Attack.pdf |
| 80 | 2013-01-14 | f9e75ac3b51ec2dd195a2fd82743530f9534dd40 | Securelist_RedOctober_Detail | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.14.Red_October_Campaign/Securelist_RedOctober_Detail.pdf |
| 81 | 2013-01-18 | b6217ea7fe6b4dd5e27b2a1b4b84432db2e1b2f3 | McAfee_Labs_Threat_Advisory_Exploit_Operation_Red_Oct | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.01.18.Operation_Red_Oct/McAfee_Labs_Threat_Advisory_Exploit_Operation_Red_Oct.pdf |
| 82 | 2013-02-12 | 100df21fed6fcf08b0982cfdf55463608613a2e2 | Presentation_Targeted-Attacks_EN | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.02.12.Targeted-Attacks/Presentation_Targeted-Attacks_EN.pdf |
| 83 | 2013-02-18 | 3974687624eb85cdcf1fc9ccfb68eea052971e84 | Mandiant_APT1_Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.02.18.APT1/Mandiant_APT1_Report.pdf |
| 84 | 2013-02-22 | 349984643361273d5d3b638e369c45cbb409676c | comment_crew_indicators_of_compromise | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.02.22.Comment_Crew/comment_crew_indicators_of_compromise.pdf |
| 85 | 2013-02-26 | 712311f4cacd476100c7ef037e3accc740558920 | stuxnet_0_5_the_missing_link | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.02.26.Stuxnet_0.5/stuxnet_0_5_the_missing_link.pdf |
| 86 | 2013-02-27 | 2d3fb67fd870f192c38bd8e51344d45645794623 | miniduke_indicators_public | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.02.27.MiniDuke_Indicators/miniduke_indicators_public.pdf |
| 87 | 2013-02-27 | c6dff7f0864e36e3dcc1be12747d26fb8072b52c | themysteryofthepdf0-dayassemblermicrobackdoor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.02.27.MiniDuke_Mystery/themysteryofthepdf0-dayassemblermicrobackdoor.pdf |
| 88 | 2013-03-13 | e33abbd24c9cbb57b3b4a97df165766e1fb42eeb | 15-2013-youonlyclicktwice | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.03.13.FinFisher/15-2013-youonlyclicktwice.pdf |
| 89 | 2013-03-17 | 334b4ee90a30c9ab9dcc6e3596f15f0dcb02486d | Safe-a-targeted-threat | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.03.17.Targeted_Threat/Safe-a-targeted-threat.pdf |
| 90 | 2013-03-20 | 57a17587785f54a103ea970277bd7c4cc179a82c | theteamspystory_final_t2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.03.20.TeamSpy_Crew/theteamspystory_final_t2.pdf |
| 91 | 2013-03-20 | c6ce890a544b01e5dafd4add9326b4178424c4e2 | dissecting-operation-troy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.03.20.Operation_Troy/dissecting-operation-troy.pdf |
| 92 | 2013-03-21 | c0d85dfff9ce55913cea8ed1d04b0a7e17336636 | FTA 1008 - Darkseoul-Jokra Analysis and Recovery | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.03.21.Darkseoul/FTA%201008%20-%20Darkseoul-Jokra%20Analysis%20and%20Recovery.pdf |
| 93 | 2013-03-27 | 26353a7703ce0b186450134a5321ac37d1405380 | RAP002_APT1_Technical_backstage.1.0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.03.27.APT1_technical_backstage/RAP002_APT1_Technical_backstage.1.0.pdf |
| 94 | 2013-03-28 | 875abf02dad2a434d708e495ffc8afe4b2500aae | tr-12-circl-plugx-analysis-v1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.03.28.TR-12_PlugX_malware/tr-12-circl-plugx-analysis-v1.pdf |
| 95 | 2013-04-01 | 85ef5daf99603da833a32245fd120028829a666f | Trojan.APT.BaneChant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.04.01.APT_BaneChant/Trojan.APT.BaneChant.pdf |
| 96 | 2013-04-07 | 5ff5d49650b4fa5988f435f60434744a7bcaee48 | fireeye-wwc-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.04.07_WORLD_WAR_C/fireeye-wwc-report.pdf |
| 97 | 2013-04-07 | ba88d1caa77dba3b80228a524cdd60a872d0d06b | fireeye-wwc-report_en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.04.07_WORLD_WAR_C/fireeye-wwc-report_en.pdf |
| 98 | 2013-04-13 | 3a34d6152f2d287f58e67a03d96408b74d5c470e | winnti-more-than-just-a-game-130410 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.04.13.Winnti/winnti-more-than-just-a-game-130410.pdf |
| 99 | 2013-04-21 | d88b186085918e2039514caa21a4017aafc556d1 | MiniDuke_Paper_Final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.04.21.MiniDuke/MiniDuke_Paper_Final.pdf |
| 100 | 2013-05-16 | ac49429483d9005f38f5202b77e8bf79c524e22b | welivesecurity.com-Targeted information stealing attacks in South Asia use email signed binaries | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.05.16.targeted-threat-pakistan-india/welivesecurity.com-Targeted%20information%20stealing%20attacks%20in%20South%20Asia%20use%20email%20signed%20binaries.pdf |
| 101 | 2013-05-20 | aae01ca44ca11f33692bcfd9a20e36105ddfa2b9 | NS-Unveiling-an-Indian-Cyberattack-Infrastructure_FINAL_Web | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.05.20.Operation_Hangover/NS-Unveiling-an-Indian-Cyberattack-Infrastructure_FINAL_Web.pdf |
| 102 | 2013-05-20 | dd9dacb6b9bc34a2410f9c8fb3a5f04fdce77f29 | circl-analysisreport-miniduke-stage3-public | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.05.20.Miniduke.Analysis/circl-analysisreport-miniduke-stage3-public.pdf |
| 103 | 2013-05-20 | e2631efe178d16691329f27a853a41a48387bfc4 | Norman_HangOver report_Executive Summary_042513 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.05.20.Operation_Hangover/Norman_HangOver%20report_Executive%20Summary_042513.pdf |
| 104 | 2013-05-20 | e380c69559eec4bdcef286fd56ebf86f35d640d1 | Unveiling_an_Indian_Cyberattack_Infrastructure | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.05.20.Operation_Hangover/Unveiling_an_Indian_Cyberattack_Infrastructure.pdf |
| 105 | 2013-05-20 | ffdfed40c5b1e08a6469c2f38e6a51347a37dd1b | Unveiling an Indian Cyberattack Infrastructure - appendixes | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.05.20.Operation_Hangover/Unveiling%20an%20Indian%20Cyberattack%20Infrastructure%20-%20appendixes.pdf |
| 106 | 2013-06-01 | 31d750b3565b65c43533a87bf7aa72c41258f9a0 | 2013-9 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.06.01.cyber_conflict_Oil_Gas/2013-9.pdf |
| 107 | 2013-06-04 | 4fd06d33aa1a087709277eb71d204e2fbf8b9243 | kaspersky-the-net-traveler-part1-final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.06.04.NetTraveller/kaspersky-the-net-traveler-part1-final.pdf |
| 108 | 2013-06-07 | 9a2de0730e62aa24cdff1d1920b9535d1795be7e | KeyBoy_Vietnam_India | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.06.07.KeyBoy_APT/KeyBoy_Vietnam_India.pdf |
| 109 | 2013-06-18 | c6e80e76bca03538a2dfd2aac2e4120fdab6f4fc | Trojan.APT.Seinup | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.06.18.APT_Seinup/Trojan.APT.Seinup.pdf |
| 110 | 2013-06-21 | 283e853a69cddd4b59b35fcc2a75205b1deb9b69 | 19-2013-acalltoharm | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.06.21.Syrian_Attack/19-2013-acalltoharm.pdf |
| 111 | 2013-06-28 | 214daebe12ae36a91e13c83e820bb2e20b560828 | fta-1009---njrat-uncovered-1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.06.28.njRAT_Uncovered/fta-1009---njrat-uncovered-1.pdf |
| 112 | 2013-06-28 | d4c015f0cc390e3c632face2a66323cd7c4b3afe | Dark_Seoul_Cyberattack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.00.00.Dark_Seoul_Cyber_Attack/Dark_Seoul_Cyberattack.pdf |
| 113 | 2013-07-01 | 11b8d957363188bd334bd88b1f5630abc263523b | kashifali.ca-Targeted Campaign Steals Credentials in Gulf States and Caribbean | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.07.01.Gulf_States_APT/kashifali.ca-Targeted%20Campaign%20Steals%20Credentials%20in%20Gulf%20States%20and%20Caribbean.pdf |
| 114 | 2013-07-15 | 9a7978041e795b788d86c52a477160dae296413b | Plugx_Smoaler | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.07.15.PlugX_Smoaler/Plugx_Smoaler.pdf |
| 115 | 2013-07-25 | 14a7756b3080f5f71723cd1f49392f71f5cef4f1 | energy-at-risk | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.00.00.Energy_at_Risk/energy-at-risk.pdf |
| 116 | 2013-07-31 | 05f1beceab73155d552a5ee919aebc4c8e92c609 | US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-Slides | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.07.31.Hunting_the_Shadows/US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-Slides.pdf |
| 117 | 2013-07-31 | 86061f7d1994ebb7b8b7eb640b041fb1342adac5 | Secrets_of_the_Comfoo_Masters | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.07.31.ecrets_of_the_Comfoo_Masters/Secrets_of_the_Comfoo_Masters.pdf |
| 118 | 2013-08-02 | 665c6ace0a9175735f6cdb656e79287f5a53e072 | India_Pak_Tranchulas | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.08.02.Smoke_Fire_South_Asian_Cyber_Espionage/India_Pak_Tranchulas.pdf |
| 119 | 2013-08-02 | 6b624d6d80b412a10260344f244ed93e3718e003 | Surtr_Malware_Tibetan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.08.02.Surtr_Targeting_Tibetan/Surtr_Malware_Tibetan.pdf |
| 120 | 2013-08-06 | 886b0ab831a5084de7d80355b7578a9a9999fc88 | Inside_Report_by_Infosec_Consortium | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.00.00.APT_Attacks_on_Indian_Cyber_Space/Inside_Report_by_Infosec_Consortium.pdf |
| 121 | 2013-08-19 | 4b6cc1420b5d641564c9895882a5ba97d18137be | ByeBye_Shell_target | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.08.19.ByeBye_Shell/ByeBye_Shell_target.pdf |
| 122 | 2013-08-21 | 0f1f4905addf483d71c42d0e59bd97f762559b80 | PIVY-Appendix | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.08.21.POISON_IVY/PIVY-Appendix.pdf |
| 123 | 2013-08-21 | 1b76c3788fd81d1f5acacb1cfb429e08cad98e1c | rpt-poison-ivy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.08.21.POISON_IVY/rpt-poison-ivy.pdf |
| 124 | 2013-08-23 | 9b5acf068da8b4a28ff995eaf542d798b58eabef | fireeye.com-Operation Molerats Middle East Cyber Attacks Using Poison Ivy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.08.23.Operation_Molerats/fireeye.com-Operation%20Molerats%20Middle%20East%20Cyber%20Attacks%20Using%20Poison%20Ivy.pdf |
| 125 | 2013-09-06 | 52d49ad4a638382c49d28dce427c5723ebd8abd3 | evasive-tactics-taidoor-3 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.09.06.EvasiveTactics_Taidoor/evasive-tactics-taidoor-3.pdf |
| 126 | 2013-09-11 | 64f98d4c515e31f68c6e7fdf442753a6af8c0bee | Kimsuky | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.09.11.Kimsuky_Operation/Kimsuky.pdf |
| 127 | 2013-09-17 | e4aa40ce1a865021e0b178a4c444126743335d32 | hidden_lynx | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.09.17.Hidden_Lynx/hidden_lynx.pdf |
| 128 | 2013-09-19 | f69e4d23674d06ee459d2abbecc5f3f4cbd58047 | 2q-report-on-targeted-attack-campaigns | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.09.19.EvilGrab/2q-report-on-targeted-attack-campaigns.pdf |
| 129 | 2013-09-21 | 21a5b79498a242f6869649cb808d02366dba6e89 | Operation_DeputyDog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.09.21.Operation_DeputyDog/Operation_DeputyDog.pdf |
| 130 | 2013-09-25 | 751d00dab0fac4c2b0d1c140e9897fb99a399be1 | icefog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.09.25.ICEFROG_APT/icefog.pdf |
| 131 | 2013-10-24 | a899d6713da1b9da8aa77cb3db5360b4e8574b5c | wp-fakem-rat | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.10.24.FakeM_RAT/wp-fakem-rat.pdf |
| 132 | 2013-10-25 | 9a4dcfa7178cccc6283a92bc768be1374eb347f9 | FireEye-Terminator_RAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.10.25.Terminator_RAT/FireEye-Terminator_RAT.pdf |
| 133 | 2013-11-10 | 1bf6c5eaaf996f463b25837c15b400c895862419 | Operation_EphemeralHydra | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.11.10.Operation_Ephemeral_Hydra/Operation_EphemeralHydra.pdf |
| 134 | 2013-11-14 | 8a3a657ac02569c1324ade4cca562ae8c5781f94 | fireeye-china-chopper-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.00.00.China_Chopper_Web_Shell/fireeye-china-chopper-report.pdf |
| 135 | 2013-12-02 | a8f9bc957ae0ee7e38a2cefb83afff0b1bd68422 | FTA 1010 - njRAT The Saga Continues | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.12.02.njRAT_Saga_Continues/FTA%201010%20-%20njRAT%20The%20Saga%20Continues.pdf |
| 136 | 2013-12-11 | 902c5b2eb9cb486171b24ca60681aea5eecdb270 | NormanShark-MaudiOperation | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.06.00.Maudi_Surveillance_Operation/NormanShark-MaudiOperation.pdf |
| 137 | 2013-12-12 | b670b7a7904baded891a4c6e7afe692998989668 | fireeye-operation-ke3chang | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.12.12.Operation_Ke3chang/fireeye-operation-ke3chang.pdf |
| 138 | 2013-12-20 | dc92b79b353eb0e47e71216f3fa1f0c6167e29e7 | ETSO_APT_Attacks_Analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.12.20.ETSO/ETSO_APT_Attacks_Analysis.pdf |
| 139 | 2014-01-06 | c2858ffd02ad542ed014c93de03d1dda17a65ca9 | airbus-cyber-security.com-PlugX some uncovered points | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.01.06.PlugX/airbus-cyber-security.com-PlugX%20some%20uncovered%20points.pdf |
| 140 | 2014-01-13 | 8421ef67d1e6dcc277f07f39f86e21fd89cf1d5a | targeted_attacks_against_the_energy_sector | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.01.13.Targeted_Attacks_Energy_Sector/targeted_attacks_against_the_energy_sector.pdf |
| 141 | 2014-01-14 | 3cf67c051ba29f706367860714b2c7ce56889ea6 | securelist.com-The Icefog APT Hits US Targets With Java Backdoor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.01.14.Icefog_APT/securelist.com-The%20Icefog%20APT%20Hits%20US%20Targets%20With%20Java%20Backdoor.pdf |
| 142 | 2014-01-15 | 9767abff87b137695ab8481729ed7130499a0c80 | FTA 1001 FINAL 1.15.14 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.01.15.Sneakernet_Trojan/FTA%201001%20FINAL%201.15.14.pdf |
| 143 | 2014-01-21 | ec6771a81e830f50c2d54b26dc0f6a642439ee09 | h12756-wp-shell-crew | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.01.21.Shell_Crew/h12756-wp-shell-crew.pdf |
| 144 | 2014-01-31 | 036b1154d4cc2de08dc647eb743c6b4c9d860902 | FTA 1011 Follow UP | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.01.31.Sneakernet_Trojan/FTA%201011%20Follow%20UP.pdf |
| 145 | 2014-02-11 | 1e4c8aef818d7d0e950974b6c9d2a792969e3a94 | unveilingthemask_v1.0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.11_Careto_APT/unveilingthemask_v1.0.pdf |
| 146 | 2014-02-13 | 114583db8690cd01c60d5758dbe2e2dc1e96fb25 | Operation_SnowMan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.13_Operation_SnowMan/Operation_SnowMan.pdf |
| 147 | 2014-02-19 | 186d7913fe80c35a06e76a5c8fd08520f43b4246 | XtremeRAT_fireeye | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.19.XtremeRAT/XtremeRAT_fireeye.pdf |
| 148 | 2014-02-19 | 9b66a35bea35d963d1ff07cab2a3914b38e24257 | The_Monju_Incident | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.19.Monju_Incident/The_Monju_Incident.pdf |
| 149 | 2014-02-20 | 4b2a0cb6ff2c622a8b31608757008a9a225cf796 | Mo' Shells Mo' Problems - Network Detection » | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.20.deep-panda-webshells/Mo%27%20Shells%20Mo%27%20Problems%20-%20Network%20Detection%20%C2%BB.pdf |
| 150 | 2014-02-20 | 76a6ea858e3524682ad3ee30251003228db50fb3 | deep-panda-webshells | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.20.deep-panda-webshells/deep-panda-webshells.pdf |
| 151 | 2014-02-20 | 7bd2229f4908ae1cd6b4e19c21d709948c3616ed | Mo' Shells Mo' Problems - Web Server Log Analysis » | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.20.deep-panda-webshells/Mo%27%20Shells%20Mo%27%20Problems%20-%20Web%20Server%20Log%20Analysis%20%C2%BB.pdf |
| 152 | 2014-02-20 | c7afca26feabcb0374cbbe2cee010696212d4f85 | Mo' Shells Mo' Problems - File List Stacking » | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.20.deep-panda-webshells/Mo%27%20Shells%20Mo%27%20Problems%20-%20File%20List%20Stacking%20%C2%BB.pdf |
| 153 | 2014-02-20 | e162b0015a753a6d85a13296e601c31271868b1f | Operation_GreedyWonk | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.20.Operation_GreedyWonk/Operation_GreedyWonk.pdf |
| 154 | 2014-02-23 | d31648d83d04cc22669f21fa92ee48345e76e062 | FTA 1012 STTEAM Final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.23.Operation_STTEAM/FTA%201012%20STTEAM%20Final.pdf |
| 155 | 2014-02-25 | 6337243d45dc72d75d01f74a699b6a240cbbc8f3 | french-connection-french-aerospace-focused-cve-2014-0322-attack-shares-similarities-2012 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.25.The_French_Connection/french-connection-french-aerospace-focused-cve-2014-0322-attack-shares-similarities-2012.pdf |
| 156 | 2014-02-28 | 917691a4f8af50a09926f97bf1be2e0cb71f8c68 | GData_Uroburos_RedPaper_EN_v1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.02.28.Uroburos/GData_Uroburos_RedPaper_EN_v1.pdf |
| 157 | 2014-03-06 | 1e1f0c599eb1c22360cb9bf8bc30399050e3764b | The_Siesta_Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.03.06.The_Siesta_Campaign/The_Siesta_Campaign.pdf |
| 158 | 2014-03-07 | 0849ce1f0272c4604d47e464ab56cad0b5b60263 | snake_whitepaper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.03.07.Snake_Campaign/snake_whitepaper.pdf |
| 159 | 2014-03-08 | 94d04c5da4ed33cd78d033ad371aa8472e53d701 | Reuters_Turla | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.03.08.Russian_spyware_Turla/Reuters_Turla.pdf |
| 160 | 2014-03-12 | ca792ed076f91a730d524c06b9224ee0c47908c0 | a-detailed-examination-of-the-siesta-campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.03.12.Detailed_Siesta_Campaign/a-detailed-examination-of-the-siesta-campaign.pdf |
| 161 | 2014-04-26 | 829bf301061a9a6358c233ca5aa459439fc0aec8 | Op_Clandestine_Fox | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.04.26.Operation_Clandestine_Fox/Op_Clandestine_Fox.pdf |
| 162 | 2014-05-13 | 41c3f02fe289ddb0d0c5a010f5865b58da939b1c | fireeye-operation-saffron-rose | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.05.13.Operation_Saffron_Rose/fireeye-operation-saffron-rose.pdf |
| 163 | 2014-05-13 | e743ba5074212801ce09ee640730028ab8f41d48 | CrowdStrike_Flying_Kitten | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.05.13.Flying.Kitten/CrowdStrike_Flying_Kitten.pdf |
| 164 | 2014-05-20 | 91c2cdb099060388dd93b0e440a3ff4dff5fd622 | Miniduke_twitter | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.05.20.Miniduke_Twitter_CnC/Miniduke_twitter.pdf |
| 165 | 2014-05-21 | b1e45b08bfa1db986e1e643291d250a0cda1988c | FTA_1013_RAT_in_a_jar | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.05.21.Unrecom_Rat/FTA_1013_RAT_in_a_jar.pdf |
| 166 | 2014-05-28 | 21b1c09cef5d6e3b56b8ffe97b7717075914ea4d | newscaster-iranian-threat-inside-social-media | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.05.28.NewsCaster_An_Iranian_Threat_Within_Social_Networks/newscaster-iranian-threat-inside-social-media.pdf |
| 167 | 2014-05-28 | 385401637a142e78aec0978f29971c6d35e74e97 | file-2581720763-pdf | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.05.28.NewsCaster_An_Iranian_Threat_Within_Social_Networks/file-2581720763-pdf.pdf |
| 168 | 2014-05-28 | 7dc9b7bbe8ba2d0ca2579d6ca1a60d84c1773a07 | Iranian Hackers Targeted US Officials in Elaborate Social Media Attack Operation _ SecurityWeek | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.05.28.NewsCaster_An_Iranian_Threat_Within_Social_Networks/Iranian%20Hackers%20Targeted%20US%20Officials%20in%20Elaborate%20Social%20Media%20Attack%20Operation%20_%20SecurityWeek.pdf |
| 169 | 2014-06-06 | 51bb16ba51be3c144ac9e09a68732cbe0bb785d5 | ASERT-Threat-Intelligence-Brief-2014-07-Illuminating-Etumbot-APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.06.06.Etumbot_APT_Backdoor/ASERT-Threat-Intelligence-Brief-2014-07-Illuminating-Etumbot-APT.pdf |
| 170 | 2014-06-09 | ddadffb91053c4d19590e2035c8eeed14fceca60 | putter-panda | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.06.09.Putter_Panda/putter-panda.pdf |
| 171 | 2014-06-20 | 292359e869860f8308c2cf789986fe7c12502553 | Compromise_Greece_Beijing | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.06.20.Embassy_of_Greece_Beijing/Compromise_Greece_Beijing.pdf |
| 172 | 2014-06-30 | 1856b8232153c3cc879662288b34b4a660586a9a | Dragonfly_Threat_Against_Western_Energy_Suppliers | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.06.30.Dragonfly/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf |
| 173 | 2014-07-07 | 1d53861aafea11d9a60e798b90d623c8e7c7b9e7 | AdversaryIntelligenceReport_DeepPanda_0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.07.07.Deep_in_Thought/AdversaryIntelligenceReport_DeepPanda_0.pdf |
| 174 | 2014-07-07 | f9e86e04d2b5c8a28ec4e69ec9f8ea15c46892ad | Deep in Thought_ Chinese Targeting of National Security Think Tanks » | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.07.07.Deep_in_Thought/Deep%20in%20Thought_%20Chinese%20Targeting%20of%20National%20Security%20Think%20Tanks%20%C2%BB.pdf |
| 175 | 2014-07-10 | 7f3e46c42095721ba79b1a47e26e662eb7492057 | circl-tr25-analysis-turla-pfinet-snake-uroburos | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.07.10.Turla_Pfinet_Snake_Uroburos/circl-tr25-analysis-turla-pfinet-snake-uroburos.pdf |
| 176 | 2014-07-10 | bd1794d152f04add2aef937826a9cf949c4b25ab | TrapX_ZOMBIE_Report_Final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.07.10.Zombie_Zero/TrapX_ZOMBIE_Report_Final.pdf |
| 177 | 2014-07-11 | 5526b79c5b9c4b25689cd3dcb8799a510d7e668e | The-Eye-of-the-Tiger2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.07.11.Pitty_Tiger/The-Eye-of-the-Tiger2.pdf |
| 178 | 2014-07-11 | d5a6d2366c4973f06e95bb1201747d0175321952 | Pitty_Tiger_Final_Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.07.11.Pitty_Tiger/Pitty_Tiger_Final_Report.pdf |
| 179 | 2014-07-20 | 591cef00735f510079e0fe4bd0067ca0150fd004 | Sayad_Flying_Kitten_analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.07.20.Flying_Kitten/Sayad_Flying_Kitten_analysis.pdf |
| 180 | 2014-07-29 | 45dd6ce01a6507712481dd428663f5fad1753466 | group-3279-targets-the-video-game-industry | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.07.29.Threat_Group-3279_Targets_the_Video_Game_Industry/group-3279-targets-the-video-game-industry.pdf |
| 181 | 2014-07-31 | 142d4447504e30012d98fea16831f2363c62c5ca | EB-YetiJuly2014-Public | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.07.31.Energetic_Bear/EB-YetiJuly2014-Public.pdf |
| 182 | 2014-07-31 | a53ce340535461cc92e274f7c5bfb0d8653d5087 | Kaspersky_Lab_crouching_yeti_appendixes_eng_final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.07.31.Energetic_Bear/Kaspersky_Lab_crouching_yeti_appendixes_eng_final.pdf |
| 183 | 2014-08-04 | 0e5301e830d7b19600b2d110115d7c0f0ab86b02 | fireeye-sidewinder-targeted-attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.04.Sidewinder_GoldenAge/fireeye-sidewinder-targeted-attack.pdf |
| 184 | 2014-08-05 | 2a38d54d1d345d079325d3180c5f0eb8f5d60f8a | ThreatConnect_Operation_Arachnophobia_Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.05.Operation_Arachnophobia/ThreatConnect_Operation_Arachnophobia_Report.pdf |
| 185 | 2014-08-06 | 73f54d632b5616db3a5977c1514640e19279c056 | Operation_Poisoned_Hurricane | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.06.Operation_Poisoned_Hurricane/Operation_Poisoned_Hurricane.pdf |
| 186 | 2014-08-07 | 63e36939c3f90c4ca9d492b03cf04d9f03a4ec2f | KL_Epic_Turla_Technical_Appendix_20140806 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.07.Epic_Turla_Operation_Appendix/KL_Epic_Turla_Technical_Appendix_20140806.pdf |
| 187 | 2014-08-07 | cecdff97a0dc514f5075029538a42f1cb4036210 | The_Epic_Turla_Operation | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.07.Epic_Turla_Operation_Appendix/The_Epic_Turla_Operation.pdf |
| 188 | 2014-08-12 | 5f17e7b886d2388ffc134157dd1b66aa65372b59 | NYTimes_Attackers_Evolve_Quickly | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.12.New_York_Times_Attackers/NYTimes_Attackers_Evolve_Quickly.pdf |
| 189 | 2014-08-13 | 34c2b718869354a588ee602f41be77e553346c5d | sec14-paper-blond | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.13.TargetAttack.NGO/sec14-paper-blond.pdf |
| 190 | 2014-08-13 | bd899a1e63cdbe03e2e42e4b3f8c91f426a1e2cd | rpt-operation-saffron-rose | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.00.00.OPERATION_SAFFRON_ROSE/rpt-operation-saffron-rose.pdf |
| 191 | 2014-08-13 | fe2f8d32688a104ca4e6ba595f647dfa479ece44 | Targeted_Attacks_Lense_NGO | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.13.TargetAttack.NGO/Targeted_Attacks_Lense_NGO.pdf |
| 192 | 2014-08-16 | 194656e774aaacb86ae2c48f0c894e82ec68a833 | HPSR SecurityBriefing_Episode16_NorthKorea | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.16.North_Korea_cyber_threat_landscape/HPSR%20SecurityBriefing_Episode16_NorthKorea.pdf |
| 193 | 2014-08-18 | 5ceee60079796aa518c5e490feaca4a0d78c031b | KL_report_syrian_malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.18.Syrian_Malware_House_of_Cards/KL_report_syrian_malware.pdf |
| 194 | 2014-08-18 | c37138f865175952f8b96ea057aa1c9a2cb207cc | The Syrian Malware House of Cards - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.18.Syrian_Malware_House_of_Cards/The%20Syrian%20Malware%20House%20of%20Cards%20-%20Securelist.pdf |
| 195 | 2014-08-20 | 2bf418f3786cd274b9031a2297313f044054bdfd | El_Machete | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.20.El_Machete/El_Machete.pdf |
| 196 | 2014-08-25 | 81af95b9c1e39a49440ea901f059dd19bbac158c | blog.malwaremustdie.org-Another country-sponsored malware Vietnam APT Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.25.Vietnam_APT/blog.malwaremustdie.org-Another%20country-sponsored%20malware%20Vietnam%20APT%20Campaign.pdf |
| 197 | 2014-08-27 | c264921f168c1cf344cd493d10aeebf92f80fb0c | NetTraveler_Makeover_10th_Birthday | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.27.NetTraveler/NetTraveler_Makeover_10th_Birthday.pdf |
| 198 | 2014-08-28 | 28c56a1e795cd404308274424d10edcc3e9b4339 | Alienvault_Scanbox | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.28.Scanbox_Framework_Watering_Hole_Attack/Alienvault_Scanbox.pdf |
| 199 | 2014-08-29 | 543e0df8b308a9383f86d4314d93b5a2e718bd42 | Syrian_Malware_Team_BlackWorm | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.08.29.BlackWorm_Syrian/Syrian_Malware_Team_BlackWorm.pdf |
| 200 | 2014-08-30 | eda271027851f85761cc18cfc766b99e298a28d8 | rpt-china-chopper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2013/2013.00.00.China_Chopper_Web_Shell/rpt-china-chopper.pdf |
| 201 | 2014-09-03 | c24ba893644a149a1f05432c392a716251dca72f | Darwin_fav_APT_Group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.03.Darwin_APT/Darwin_fav_APT_Group.pdf |
| 202 | 2014-09-04 | 850ce69b276f4726de382eabcffa8cb8d68cecfc | Chinese_MITM_Google | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.04.Analysis_of_Chinese_MITM_on_Google/Chinese_MITM_Google.pdf |
| 203 | 2014-09-04 | b4c64e64f6309c0f424cdf0cdf449576f36cee16 | XSLCmd_OSX | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.04.XSLCmd_OSX/XSLCmd_OSX.pdf |
| 204 | 2014-09-04 | d78156c4a19f70d219ed76526769d4d5f141a4ed | Gholee_Protective_Edge_themed_spear_phishing_campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.04.Gholee/Gholee_Protective_Edge_themed_spear_phishing_campaign.pdf |
| 205 | 2014-09-08 | 2cfbb7b89a5e220b21bbf64161dc880c1b644017 | sec14-paper-marczak | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.08.When_Governments_Hack_Opponents/sec14-paper-marczak.pdf |
| 206 | 2014-09-08 | 7aa450d7e2b43175590a1ee2c94f5342152cfc56 | sec14-paper-hardy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.08.Targeted_Threat_Index/sec14-paper-hardy.pdf |
| 207 | 2014-09-10 | bf937bb2315901541521f00abce8d441d272da16 | fireeye-operation-quantum-entanglement | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.10.Operation_Quantum_Entanglement/fireeye-operation-quantum-entanglement.pdf |
| 208 | 2014-09-17 | 01805ba02d4a62aaa891260cf3f7f5f3704935e7 | SASC_Cyberreport_091714 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.17.Chinese_APT_defense_contractors/SASC_Cyberreport_091714.pdf |
| 209 | 2014-09-17 | 1f89e8ba75a9e4d5d957fadc71074bfe1d53b2a9 | armed-services.senate.gov-Press Release Press United States Commitee on Armed Services | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.17.Chinese_APT_defense_contractors/armed-services.senate.gov-Press%20Release%20%20Press%20%20United%20States%20Commitee%20on%20Armed%20Services.pdf |
| 210 | 2014-09-18 | f726486a5cc1e42d2030b07d56f87983814226c7 | cosmicduke_whitepaper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.18.COSMICDUKE/cosmicduke_whitepaper.pdf |
| 211 | 2014-09-19 | 7fc85f6c70527da8b2c4e6a32e1d4e18c007fcb6 | th3bug_Watering_Hole_PoisonIvy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.19.th3bug_Poison_Ivy/th3bug_Watering_Hole_PoisonIvy.pdf |
| 212 | 2014-09-26 | 83adcb352168b2d345155cf4ec7bbc876bb89849 | Aided_Frame_Aided_Direction | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.26.Aided_Frame_Aided_Direction/Aided_Frame_Aided_Direction.pdf |
| 213 | 2014-09-26 | efd7b3a3a2bf6e3976411347dc9101fea70c9405 | blackenergy_whitepaper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.09.26.BlackEnergy_Quedagh/blackenergy_whitepaper.pdf |
| 214 | 2014-10-03 | bc4cef4cabbcf83dbc1c72f736acb6207b260216 | PAN_Nitro | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.03.Nitro_APT/PAN_Nitro.pdf |
| 215 | 2014-10-09 | 9439561abc998b7f0f733142bc44f717b2615374 | Democracy_HongKong_Under_Attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.09.Democracy_Hong_Kong_Under_Attack/Democracy_HongKong_Under_Attack.pdf |
| 216 | 2014-10-14 | 20dd2aaae24812d78cd1c5e32c68b7998e00e0ca | Group_72 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.14.Group_72/Group_72.pdf |
| 217 | 2014-10-14 | 5c4415913a16a0331600816bb4cf8a1954e743dd | Hikit_Analysis-Final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.14.Hikit_Preliminary_Analysis/Hikit_Analysis-Final.pdf |
| 218 | 2014-10-14 | cccc6053fa78cef9f8a28efdaa07c8cfa6a73cc2 | Sandworm_briefing2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.14.Sandworm/Sandworm_briefing2.pdf |
| 219 | 2014-10-14 | d246e3075bbd31f04b2a6efb53ad7d9e9faa0e96 | Derusbi_Server_Analysis-Final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.14.Derusbi_Analysis/Derusbi_Server_Analysis-Final.pdf |
| 220 | 2014-10-14 | d24ff42b2d02ba406d46f3912f1f7bd2d38b6113 | ZoxPNG_Full_Analysis-Final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.14.ZoxPNG/ZoxPNG_Full_Analysis-Final.pdf |
| 221 | 2014-10-20 | 13a055fe7be7e55dcce0035eaf1990fbe8406c98 | OrcaRAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.20.OrcaRAT_tale/OrcaRAT.pdf |
| 222 | 2014-10-22 | 4ff4b93665664603623bc7001e3ca961b8b78b9f | wp-operation-pawn-storm | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.22.Operation_Pawn_Storm/wp-operation-pawn-storm.pdf |
| 223 | 2014-10-22 | 643c7e975121b4614156fc4f29de09b4fd1f0026 | tactical-intelligence-bulletin---sofacy-phishing- | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.22.Sofacy_Phishing/tactical-intelligence-bulletin---sofacy-phishing-.pdf |
| 224 | 2014-10-23 | c0708a3efcf32d02cfb5348f87fe140ae6f470e8 | Modified_Binaries_Tor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.23.Modified_Binaries/Modified_Binaries_Tor.pdf |
| 225 | 2014-10-23 | ffac1bcec0a990cdf9e995766efd19b473e4785a | leviathansecurity.com-The Case of the Modified Binaries | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.23.Modified_Binaries/leviathansecurity.com-The%20Case%20of%20the%20Modified%20Binaries.pdf |
| 226 | 2014-10-24 | 4bd6fa0c0a85f9041cecd54d722decdb4e817fe0 | LeoUncia_OrcaRat | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.24.LeoUncia_and_OrcaRat/LeoUncia_OrcaRat.pdf |
| 227 | 2014-10-27 | 20fa586304cbbfaf23453c1bbe7033de398bd9fb | Micro-Targeted-Malvertising-WP-10-27-14-1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.27.Micro-Targeted_Malvertising/Micro-Targeted-Malvertising-WP-10-27-14-1.pdf |
| 228 | 2014-10-27 | 50b165c213697facb2410591c3ddf772b95fc805 | ICS_Havex_backdoors | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.27.Havex_Trojans/ICS_Havex_backdoors.pdf |
| 229 | 2014-10-27 | c264d97adeb81f59b0642de9a782f6fe545ed062 | pwc_ScanBox_framework | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.27.ScanBox_framework/pwc_ScanBox_framework.pdf |
| 230 | 2014-10-28 | 116309e7121bc8b0e66e4166c06f7b818e1d3629 | Group72_Opening_ZxShell | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.28.Group_72_ZxShell/Group72_Opening_ZxShell.pdf |
| 231 | 2014-10-28 | 1d9b39654f8c7678b3e2c30e378b2e14021b5d44 | apt28 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.28.APT28/apt28.pdf |
| 232 | 2014-10-30 | 23f0de5e628eccdfc670412485653f3662ab5594 | sophos-rotten-tomato-campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.30.Rotten_Tomato_Campaign/sophos-rotten-tomato-campaign.pdf |
| 233 | 2014-10-31 | 85fcdce7427c13906658f1835acaef7103c22ad3 | GDATA_TooHash_CaseStudy_102014_EN_v1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.10.31.Operation_TooHash/GDATA_TooHash_CaseStudy_102014_EN_v1.pdf |
| 234 | 2014-11-03 | 15daf73d022246964c2938a889361aba40e7d08b | BlackEnergy2_Plugins_Router | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.03.BlackEnergy2_APT/BlackEnergy2_Plugins_Router.pdf |
| 235 | 2014-11-03 | 40674e70c595d30f19b2c2636ed7d9dc6b146e8e | Operation_Poisoned_Handover | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.03.Operation_Poisoned_Handover/Operation_Poisoned_Handover.pdf |
| 236 | 2014-11-10 | abddcfeac71a991c480810c82d7e972c74251329 | darkhotelappendixindicators_kl | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.10.Darkhotel/darkhotelappendixindicators_kl.pdf |
| 237 | 2014-11-10 | dc84757c3d42d2a384b2022e50addce8eb1dd0df | darkhotelappendixindicators_kl_1.1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.10.Darkhotel/darkhotelappendixindicators_kl_1.1.pdf |
| 238 | 2014-11-10 | dfd64e9a601283c76ae3f28875166695dc354a21 | darkhotel_kl_07.11 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.10.Darkhotel/darkhotel_kl_07.11.pdf |
| 239 | 2014-11-11 | 96173322b936132aa4cdc0328e4a247d40ae5152 | The_Uroburos_case | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.11.ComRAT/The_Uroburos_case.pdf |
| 240 | 2014-11-12 | b336dd349c5b4620f04d98b90282c7ae900a3a42 | Korplug_Afghanistan_Tajikistan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.12.Korplug/Korplug_Afghanistan_Tajikistan.pdf |
| 241 | 2014-11-13 | a4520f8f85d13aa469ff3e1b6d333e4c9a290e7a | Operation_CloudyOmega_Ichitaro | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.13.Operation_CloudyOmega/Operation_CloudyOmega_Ichitaro.pdf |
| 242 | 2014-11-14 | 9d116269da44e22cc6f1496570bb4d56f7cc277b | roaming_tiger_zeronights_2014 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.14.Roaming_Tiger/roaming_tiger_zeronights_2014.pdf |
| 243 | 2014-11-14 | c50a95070633ecc76898b9f16ded848414747156 | OnionDuke_Tor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.14.OnionDuke/OnionDuke_Tor.pdf |
| 244 | 2014-11-20 | 814556f1a03e93364f4dc54555cb27549288e061 | EvilBunny_Suspect4_v1.0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.20.EvilBunny/EvilBunny_Suspect4_v1.0.pdf |
| 245 | 2014-11-21 | e8fcb14805853185b36093119094085f0f7f86a2 | OperationDoubleTap | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.21.Operation_Double_Tap/OperationDoubleTap.pdf |
| 246 | 2014-11-24 | 02be2ef6587e940656cde835354d0073c4dce232 | DEEP_PANDA_Sakula | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.24.Ironman/DEEP_PANDA_Sakula.pdf |
| 247 | 2014-11-24 | 40f76477ba1f453b341743b53113ebd705c1bb75 | regin-analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.24.Regin_Top-tier_espionage/regin-analysis.pdf |
| 248 | 2014-11-24 | 50be553c398b512ddd9741a0ab0350dccd600a3b | Regin_The_Intercept | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.24.Regin_TheIntercept/Regin_The_Intercept.pdf |
| 249 | 2014-11-24 | 5bbf6a633076473dc4b2afb6d166c8caa84463e4 | Kaspersky_Lab_whitepaper_Regin_platform_eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.24.Regin_Platform/Kaspersky_Lab_whitepaper_Regin_platform_eng.pdf |
| 250 | 2014-11-24 | 6f37ce8764f92cb554d200a8cebfd5da1b8a4119 | ironman-deep-panda-uses-sakula-malware-target-organizations-multiple-sectors | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.24.Ironman/ironman-deep-panda-uses-sakula-malware-target-organizations-multiple-sectors.pdf |
| 251 | 2014-11-30 | e5e09d247f5d25d7c960a3ef3231cef9d59a2b61 | rpt-fin4 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.11.30.FIN4/rpt-fin4.pdf |
| 252 | 2014-12-02 | eab03ae476c002161e00411d136b311a6b434745 | Cylance_Operation_Cleaver_Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.02.Operation_Cleaver/Cylance_Operation_Cleaver_Report.pdf |
| 253 | 2014-12-05 | 741f2f131cf70bb62cd9ba3a4a298b12a5a74877 | blogs.blackberry.com-Operation Cleaver The Notepad Files | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.05.Operation_Cleaver/blogs.blackberry.com-Operation%20Cleaver%20The%20Notepad%20Files.pdf |
| 254 | 2014-12-08 | dc20be49cbcecaf38bde2105a54580eb96605c25 | Turla_2_Penquin | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.08.Penquin_Turla/Turla_2_Penquin.pdf |
| 255 | 2014-12-09 | 975c44773b456562f9ab5f9986c2102a21b618bd | bcs_wp_InceptionReport_EN_v12914 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.09_The_Inception_Framework/bcs_wp_InceptionReport_EN_v12914.pdf |
| 256 | 2014-12-10 | 62d5fdb316ad5b0c5e3afb5919785df4c557f25b | w32_regin_stage_1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.10.W32_Regin/w32_regin_stage_1.pdf |
| 257 | 2014-12-10 | a9970d82d1b539ee63838619fcb9aaaae5f0c51d | CloudAtlas_RedOctober_APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.10.RedOctober_APT/CloudAtlas_RedOctober_APT.pdf |
| 258 | 2014-12-10 | c5355707644b6948069345e2e8bac429e39f882d | w64_regin_stage_1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.10.W64_Regin/w64_regin_stage_1.pdf |
| 259 | 2014-12-10 | fefd7ff6b2b254bd2e05784b51758c5d90acc06f | korea_power_plant_wiper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.10_South_Korea_MBR_Wiper/korea_power_plant_wiper.pdf |
| 260 | 2014-12-12 | 92f526d9a5e14080fdbec90ba2385617bbf19a10 | FTA_1014_Bots_Machines_and_the_Matrix | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.12.Bots_Machines_and_the_Matrix/FTA_1014_Bots_Machines_and_the_Matrix.pdf |
| 261 | 2014-12-12 | ae90917c7abe0c38ae289be9589f04c6fa7184c0 | Vinself_steganography | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.12.Vinself/Vinself_steganography.pdf |
| 262 | 2014-12-17 | f7db20ae4b3f4784a3b4ac346424872858370a18 | Wiper_Malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.17.Wiper_Malware_Deep_Dive/Wiper_Malware.pdf |
| 263 | 2014-12-18 | d0f24df94063d28e13c08fd2aeb9522034da3dea | Targeting_Syrian_ISIS_Critics | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.18.Syrian_ISIS_Critics/Targeting_Syrian_ISIS_Critics.pdf |
| 264 | 2014-12-19 | 0e575c64a7603a1709b1ae37e286f420128d2096 | TA14-353A_wiper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.19.Targeted_Destructive_Malware/TA14-353A_wiper.pdf |
| 265 | 2014-12-21 | 1a4508469960b248ba713cecf34653c59fd460f1 | operation-poisoned-helmand | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.21.Operation_Poisoned_Helmand/operation-poisoned-helmand.pdf |
| 266 | 2014-12-22 | c1b7c2bec86e8edf8bba650c6fa506319198e3c3 | Anunak_APT_against_financial_institutions | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2014/2014.12.22.Anunak_APT/Anunak_APT_against_financial_institutions.pdf |
| 267 | 2015-01-11 | 2aa6e47d8b9549b8ca2ea62db6384bb4db682bcf | DTL-12012015-01 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.01.11.Hong_Kong_SWC_Attack/DTL-12012015-01.pdf |
| 268 | 2015-01-12 | 28f35f4b95e66030cf2a330bae394bbf8805b34f | Skeleton_Key_Analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.01.12.skeleton-key-malware-analysis/Skeleton_Key_Analysis.pdf |
| 269 | 2015-01-15 | cde02057689886c29438815cbeed8ebe860a0ab2 | Agent.BTZ_to_ComRAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.01.15.Evolution_of_Agent.BTZ_to_ComRAT/Agent.BTZ_to_ComRAT.pdf |
| 270 | 2015-01-20 | 486a65ba17141147d3d9fff2a0c26109edf78fab | Inception_APT_Analysis_Bluecoat | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.01.20.Reversing_the_Inception_APT_malware/Inception_APT_Analysis_Bluecoat.pdf |
| 271 | 2015-01-20 | 6df16b7ff93a44fcbec3b656645631b864175bcf | Project_Cobra_Analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.01.20.Project_Cobra/Project_Cobra_Analysis.pdf |
| 272 | 2015-01-22 | 247676579b83264faf32e171f9187bbdbb057c7f | Scarab_Russian | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.01.22.Scarab_attackers_Russian_targets/Scarab_Russian.pdf |
| 273 | 2015-01-22 | 630eea3f1bc9158570c53d70fc70b31003305f5c | Regin_Hopscotch_Legspin | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.01.22.Regin_Hopscotch_and_Legspin/Regin_Hopscotch_Legspin.pdf |
| 274 | 2015-01-22 | d6b2e4dba3b801252a62e0dade5c8ab71d2eefb1 | waterbug-attack-group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.01.22.Waterbug.group/waterbug-attack-group.pdf |
| 275 | 2015-01-27 | 54c39c3b9a25c6fd9e4b8ed7ea672a095d2af31e | Comparing_Regin_Qwerty | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.01.27.QWERTY_keylog_Regin_compare/Comparing_Regin_Qwerty.pdf |
| 276 | 2015-01-29 | c9a33400ab60741ff0c77a9829f3e04cfe39f2d2 | Backdoor.Winnti_Trojan.Skelky | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.01.29.Backdoor.Winnti_attackers/Backdoor.Winnti_Trojan.Skelky.pdf |
| 277 | 2015-01-29 | d2e17e228e02df878f807b112f78afdc13cc6bca | P2P_PlugX_Analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.01.29.P2P_PlugX/P2P_PlugX_Analysis.pdf |
| 278 | 2015-02-02 | 4751fe686fb4e305ef49296f46ac33139114232b | rpt-behind-the-syria-conflict | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.02.behind-the-syria-conflict/rpt-behind-the-syria-conflict.pdf |
| 279 | 2015-02-04 | 4e645016b3627272cceb28a3b8bbba536eb9a6b4 | PawnStorm_iOS | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.04.Pawn_Storm_Update_iOS_Espionage/PawnStorm_iOS.pdf |
| 280 | 2015-02-10 | 86f4a308b99a2a9cb335dc06457dd09399c05a29 | GlobalThreatIntelReport | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.10.CrowdStrike_GlobalThreatIntelReport_2014/GlobalThreatIntelReport.pdf |
| 281 | 2015-02-16 | 2eaf12b4859972d4017f16086f98412e16da9c95 | blog_equation-the-death-star | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.16.equation-the-death-star/blog_equation-the-death-star.pdf |
| 282 | 2015-02-16 | 41aa5bd1ed03d80650a89de3649d051f900b958b | Equation_group_questions_and_answers | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.16.equation-the-death-star/Equation_group_questions_and_answers.pdf |
| 283 | 2015-02-16 | 9134d57a818f98608a53b53dcfb520716d9eb1c3 | operation-arid-viper-whitepaper-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.16.Operation_Arid_Viper/operation-arid-viper-whitepaper-en.pdf |
| 284 | 2015-02-16 | 99af231600ee8fd83b4b4fb057429e60cd9d21c4 | Carbanak_APT_eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.16.Carbanak.APT/Carbanak_APT_eng.pdf |
| 285 | 2015-02-17 | 0f4d8ba248dde47b514161014a57885aed084ce2 | The-Desert-Falcons-targeted-attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.17.Desert_Falcons_APT/The-Desert-Falcons-targeted-attacks.pdf |
| 286 | 2015-02-17 | b99e4faf6dc5b027f0dd9e649811c4bb5fe513d8 | A_Fanny_Equation | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.17.A_Fanny_Equation/A_Fanny_Equation.pdf |
| 287 | 2015-02-18 | c8f384ae75119626032d4b42f34e883269dbf2a4 | Elephantosis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.18.Shooting_Elephants/Elephantosis.pdf |
| 288 | 2015-02-18 | e44dcd9329e0bb93b2daf2d3a0e77165ccc6f860 | 24270-babar-espionage-software-finally-found-and-put-under-the-microscope | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.18.Babar/24270-babar-espionage-software-finally-found-and-put-under-the-microscope.pdf |
| 289 | 2015-02-24 | c73cbb8fa22e16920e3cbf51226f3fd8010d38bb | cto-tib-20150223-01a | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.24.Deeper_Scanbox/cto-tib-20150223-01a.pdf |
| 290 | 2015-02-25 | 7c69db91f21ee20f7abcb4d95f21c4a17bfa6d17 | rpt-southeast-asia-threat-landscape | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.25.Southeast_Asia_Threat_Landscape/rpt-southeast-asia-threat-landscape.pdf |
| 291 | 2015-02-25 | fc1d350810c19c94b1f3642fa08f50bf914ab821 | plugx-goes-to-the-registry-and-india | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.25.PlugX_to_registry/plugx-goes-to-the-registry-and-india.pdf |
| 292 | 2015-02-27 | 326f9133be497ec98132e9d6744ac26481a3d1c2 | The Anthem Hack_ All Roads Lead to China - ThreatConnect _ Enterprise Threat Intelligence Platform | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.27.The_Anthem_Hack_All_Roads_Lead_to_China/The%20Anthem%20Hack_%20All%20Roads%20Lead%20to%20China%20-%20ThreatConnect%20_%20Enterprise%20Threat%20Intelligence%20Platform.pdf |
| 293 | 2015-02-27 | 40559d68f1a3d25639408209de18d8ee395ae08a | Anthem_hack_all_roads_lead_to_China | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.27.The_Anthem_Hack_All_Roads_Lead_to_China/Anthem_hack_all_roads_lead_to_China.pdf |
| 294 | 2015-02-27 | 476ebf5380941f81e9d22e9a012bae5638e1a985 | the-anthem-hack-all-roads-lead-to-china | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.02.27.The_Anthem_Hack_All_Roads_Lead_to_China/the-anthem-hack-all-roads-lead-to-china.pdf |
| 295 | 2015-03-05 | 12c4cc9d9a59aadcd01aa2282a6c99da8bcd18ab | casper-malware-babar-bunny-another-espionage-cartoon | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.03.05.Casper_Malware/casper-malware-babar-bunny-another-espionage-cartoon.pdf |
| 296 | 2015-03-06 | 1b7639b4f1cff257684654926bd2a9b3c5a6d8e1 | Babar_or_Bunny | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.03.06.Babar_or_Bunny/Babar_or_Bunny.pdf |
| 297 | 2015-03-06 | e9498a24509614d88c38311f45c1550eff79f8f5 | Animals in the APT Farm | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.03.06.Animals_APT_Farm/Animals%20in%20the%20APT%20Farm.pdf |
| 298 | 2015-03-10 | d17fdf8935e094b2a34cde539abc85eec3533941 | Tibetan-Uprising-Day-Malware-Attacks_websitepdf | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.03.10.Tibetan_Uprising/Tibetan-Uprising-Day-Malware-Attacks_websitepdf.pdf |
| 299 | 2015-03-11 | a9a89dbd99ed439abcfced111affc69f9728fc7a | Inside_EquationDrug_Espionage_Platform | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.03.11.EquationDrug/Inside_EquationDrug_Espionage_Platform.pdf |
| 300 | 2015-03-19 | 73a8169eff8f50cefe587c1097d67fb45e71a046 | wp-operation-woolen-goldfish | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.03.19.Goldfish_Phishing/wp-operation-woolen-goldfish.pdf |
| 301 | 2015-03-30 | b3ad6d13b10de19e232342610370c47ac9083d0d | 2015.03.30.crowdstrike.chopping-packets-decoding-china-chopper-web-shell-traffic-over-ssl | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.03.30.Decoding_China_Chopper/2015.03.30.crowdstrike.chopping-packets-decoding-china-chopper-web-shell-traffic-over-ssl.pdf |
| 302 | 2015-03-31 | 7cd5b12fa38705e254296133991410754f1678ab | volatile-cedar-technical-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.03.31.Volatile_Cedar/volatile-cedar-technical-report.pdf |
| 303 | 2015-04-12 | 1b83984e2c9515c59885bc0078e3b1bed5d513b2 | rpt-apt30 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.04.12.APT30/rpt-apt30.pdf |
| 304 | 2015-04-15 | 3991aeb7aa51f81e0742f06b833b055aae662bf9 | The Chronicles of the Hellsing APT_ the Empire Strikes Back - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.04.15.Hellsing_APT/The%20Chronicles%20of%20the%20Hellsing%20APT_%20the%20Empire%20Strikes%20Back%20-%20Securelist.pdf |
| 305 | 2015-04-15 | 5b22b494cfe329c352948530cb19b6dc5067ca44 | Indicators_of_Compormise_Hellsing | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.04.15.Hellsing_APT/Indicators_of_Compormise_Hellsing.pdf |
| 306 | 2015-04-18 | 3bd10169fc704a20a702c3fc61633d68843f195c | Operation RussianDoll | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.04.18.Operation_RussianDoll/Operation%20RussianDoll.pdf |
| 307 | 2015-04-20 | 417a791693f2554ee1ec94564467168ea58e2cfb | cto-tib-20150420-01a | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.04.20.Sofacy_II/cto-tib-20150420-01a.pdf |
| 308 | 2015-04-21 | 46f4a7b1ec66e3aa1f6a93d64d9a4d3363621636 | The CozyDuke APT - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.04.21.CozyDuke_APT/The%20CozyDuke%20APT%20-%20Securelist.pdf |
| 309 | 2015-04-22 | 7f0cdde2b33261a9a35446bb2cb51c310539fa50 | CozyDuke | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.04.22.CozyDuke/CozyDuke.pdf |
| 310 | 2015-04-27 | 2babeca1ce5aff70f24684cd80ed45ef43ec9a17 | Attacks against Israeli & Palestinian interests - Cyber security updates | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.04.27.Attacks_Israeli_Palestinian/Attacks%20against%20Israeli%20%26%20Palestinian%20interests%20-%20Cyber%20security%20updates.pdf |
| 311 | 2015-05-05 | b6aec94a79b7af64566cf734ef2a703c3d670e1c | 1506306551185339 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.05.Targeted_attack_on_France_TV5Monde/1506306551185339.pdf |
| 312 | 2015-05-07 | c478f5c474609cc5401648c0a55213f3a7137344 | Dissecting-the-Kraken | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.07.Kraken/Dissecting-the-Kraken.pdf |
| 313 | 2015-05-12 | 3bda90269f9a49360befe7f9a00f832c57af89c2 | FSOFACY | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.12.Sofacy_root9B/FSOFACY.pdf |
| 314 | 2015-05-12 | 82255ad9b0682b0a091f92d129c0aefd5b7d96cd | R9b_FSOFACY_0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.12.Sofacy_root9B/R9b_FSOFACY_0.pdf |
| 315 | 2015-05-13 | 2c19d922bfa84a0205d9142124caaa51dc2021f5 | Cylance SPEAR Team_ A Threat Actor Resurfaces | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.13.Spear_Threat/Cylance%20SPEAR%20Team_%20A%20Threat%20Actor%20Resurfaces.pdf |
| 316 | 2015-05-14 | 93b3ec0cec9636d7815424be3030ae54c2eb79b5 | wp-operation-tropic-trooper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.14.Operation_Tropic_Trooper/wp-operation-tropic-trooper.pdf |
| 317 | 2015-05-14 | af489e7e52483efe28d8f20f15be5d1dbae62a55 | The Naikon APT - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.14.Naikon_APT/The%20Naikon%20APT%20-%20Securelist.pdf |
| 318 | 2015-05-18 | 155c112f73a973ecf710fab5caa6434212275d81 | CmstarDownloader_Lurid_Enfal_Cousin | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.18.Cmstar/CmstarDownloader_Lurid_Enfal_Cousin.pdf |
| 319 | 2015-05-19 | 538701feeead706e34d24cf2b831071ac2f600cb | oil-tanker-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.19.Operation_Oil_Tanker/oil-tanker-en.pdf |
| 320 | 2015-05-21 | 7e03e711a841cd0eb1b6fc7446b2a069ada19f2a | TheNaikonAPT-MsnMM1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.21.Naikon_APT/TheNaikonAPT-MsnMM1.pdf |
| 321 | 2015-05-21 | b91ed59b5aea02b712f1ea974fb4cf171ea8ba44 | TheNaikonAPT-MsnMM2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.21.Naikon_APT/TheNaikonAPT-MsnMM2.pdf |
| 322 | 2015-05-26 | 198195bf91a009bdf666d630230d86b7b1d60bb9 | Dissecting-LinuxMoose | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.26.LinuxMoose/Dissecting-LinuxMoose.pdf |
| 323 | 2015-05-27 | 29ceb2ee71d540a7f3f2a496b2e726b2779f485b | BlackEnergy-CyberX-Report_27_May_2015_FINAL | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.27.BlackEnergy3/BlackEnergy-CyberX-Report_27_May_2015_FINAL.pdf |
| 324 | 2015-05-27 | 34c0983b58ba25a4a3066ae9871b12b2958af506 | antiy.net-ANALYSIS ON APT-TO-BE ATTACK THAT FOCUSING ON CHINAS GOVERNMENT AGENCY | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.27.APT_to_be/antiy.net-ANALYSIS%20ON%20APT-TO-BE%20ATTACK%20THAT%20FOCUSING%20ON%20CHINAS%20GOVERNMENT%20AGENCY.pdf |
| 325 | 2015-05-27 | 42917d2bb4535fc6369cdd68bf82b7e7d28ebadf | ANALYSIS-ON-APT-TO-BE-ATTACK-THAT-FOCUSING-ON-CHINAS-GOVERNMENT-AGENCY- | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.27.APT_to_be/ANALYSIS-ON-APT-TO-BE-ATTACK-THAT-FOCUSING-ON-CHINAS-GOVERNMENT-AGENCY-.pdf |
| 326 | 2015-05-28 | 4855ba957702d0393cb7ade531b46625426d9192 | Grabit | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.28.grabit-and-the-rats/Grabit.pdf |
| 327 | 2015-05-29 | 98e849a6be7fb956f5b17a183a2e00048f3bab25 | OceanLotusReport | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.05.29.OceanLotus/OceanLotusReport.pdf |
| 328 | 2015-06-03 | a0c391fec9b1faa80a0c713bd6aa37a7129adda7 | Thamar-Reservoir | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.03.thamar-reservoir/Thamar-Reservoir.pdf |
| 329 | 2015-06-04 | fee0f49a312915de5c41ebdd1eaf8aefacde1eaf | BlueTermite_Japan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.04.Blue_Thermite_targeting_Japan/BlueTermite_Japan.pdf |
| 330 | 2015-06-09 | 19c98e87f5cfd25fc91b0fbbd1c684e81a276c44 | OhFlorio-VB2015 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.09.Duqu_2.0_Win32k_Exploit_Analysis/OhFlorio-VB2015.pdf |
| 331 | 2015-06-10 | 6c4fcf640dfbedbdddb724e69d0ed84319b0cf6e | duqu2_crysys | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.10.Duqu_2.0/duqu2_crysys.pdf |
| 332 | 2015-06-10 | f96b39177a6d371bbcc749781c9591738b4ac5d2 | Duqu_2_Yara_rules | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.10.The_Mystery_of_Duqu_2_0/Duqu_2_Yara_rules.pdf |
| 333 | 2015-06-10 | fe05831d3dc661e418f969045f0087ba642fb27b | The_Mystery_of_Duqu_2_0_a_sophisticated_cyberespionage_actor_returns | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.10.The_Mystery_of_Duqu_2_0/The_Mystery_of_Duqu_2_0_a_sophisticated_cyberespionage_actor_returns.pdf |
| 334 | 2015-06-12 | 355d59c0f3e480734acb72f26f16f717d2984e6c | Afghan Government Compromise_ Browser Beware _ Volexity Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.12.Afghan_Government_Compromise/Afghan%20Government%20Compromise_%20Browser%20Beware%20_%20Volexity%20Blog.pdf |
| 335 | 2015-06-15 | 154083bd059ac6bb001e247f7e03d6189fa93362 | Targeted-Attacks-against-Tibetan-and-Hong-Kong-Groups-Exploiting-CVE-2014-4114 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.15.Targeted-Attacks-against-Tibetan-and-Hong-Kong-Groups/Targeted-Attacks-against-Tibetan-and-Hong-Kong-Groups-Exploiting-CVE-2014-4114.pdf |
| 336 | 2015-06-16 | 3bcbddd61cc7df02fad5bdc692e956bac590fe98 | unit42-operation-lotus-blossom | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.16.operation-lotus-blossom/unit42-operation-lotus-blossom.pdf |
| 337 | 2015-06-22 | 8b870691f84547afc34c08c494f92a21f6d1dc3e | winnti_pharmaceutical | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.22.Winnti_targeting_pharmaceutical_companies/winnti_pharmaceutical.pdf |
| 338 | 2015-06-24 | 5414153144f453be553af09c69bb1300c7678f79 | UnFIN4ished_Business_pwd | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.24.unfin4ished-business/UnFIN4ished_Business_pwd.pdf |
| 339 | 2015-06-26 | 0aada2f7f4fb4955eb21b3f10cf6edf1523f1d0c | Operation Clandestine Wolf | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.26.operation-clandestine-wolf/Operation%20Clandestine%20Wolf.pdf |
| 340 | 2015-06-26 | da36e8623013f441bc3dd841e695ceb1f03db496 | OperationClandestineWolf | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.26.operation-clandestine-wolf/OperationClandestineWolf.pdf |
| 341 | 2015-06-28 | 1199aef590d01265442e28cf5727240f2f37ae25 | DTL-06282015-01 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.28.APT_on_Taiwan/DTL-06282015-01.pdf |
| 342 | 2015-06-30 | fdf388b793a73c47a7caab35a5c4645c83c0931a | Dino – the latest spying malware from an allegedly French espionage group analyzed | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.06.30.dino-spying-malware-analyzed/Dino%20%E2%80%93%20the%20latest%20spying%20malware%20from%20an%20allegedly%20French%20espionage%20group%20analyzed.pdf |
| 343 | 2015-07-08 | a73fcc0ce6923f3a6ce537ec8214cb7b539fe343 | WildNeutron_Economic_espionage | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.08.Wild_Neutron/WildNeutron_Economic_espionage.pdf |
| 344 | 2015-07-08 | d76a268a20027c5f56e67b2743ac747a466c257e | APT Group Wekby Leveraging Adobe Flash Exploit (CVE-2015-5119) _ Volexity Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.08.APT_CVE-2015-5119/APT%20Group%20Wekby%20Leveraging%20Adobe%20Flash%20Exploit%20%28CVE-2015-5119%29%20_%20Volexity%20Blog.pdf |
| 345 | 2015-07-09 | bf41e63f1493152c0d82f2b800099fc4170ea9f1 | butterfly-corporate-spies-out-for-financial-gain | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.09.Butterfly/butterfly-corporate-spies-out-for-financial-gain.pdf |
| 346 | 2015-07-10 | 3e337d629d17d73fd95d44b7e09777c4e59a5e4d | apt.group.ups | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.10.APT_Group_UPS_Targets_US_Government/apt.group.ups.pdf |
| 347 | 2015-07-13 | 006d625ab23c5f9d849608506c77d45afec4c720 | Forkmeiamfamous_SeaDuke | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.13.Forkmeiamfamous/Forkmeiamfamous_SeaDuke.pdf |
| 348 | 2015-07-13 | 786d57e8532c1fcad5493bccd75e16f10cd45774 | Demonstrating_Hustle | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.13.Demonstrating_Hustle/Demonstrating_Hustle.pdf |
| 349 | 2015-07-14 | 2fd37e0616a93fb94131cddecbb40e976de62364 | an-in-depth-look-at-how-pawn-storms-java-zero-day-was-used | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.14.How_Pawn_Storm_Java_Zero-Day_Was_Used/an-in-depth-look-at-how-pawn-storms-java-zero-day-was-used.pdf |
| 350 | 2015-07-14 | d2e6c0c6d2e8dc72677482b8b4271568a3b2a9b9 | MiniDionis_CozyCar_Seaduke | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.14.tracking-minidionis-cozycars/MiniDionis_CozyCar_Seaduke.pdf |
| 351 | 2015-07-20 | 13feea5bb8a1f837e3772daf151e343086061f6a | WateringHole_Aerospace_CVE-2015-5122_IsSpace | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.20.IsSpace_Backdoor/WateringHole_Aerospace_CVE-2015-5122_IsSpace.pdf |
| 352 | 2015-07-20 | 4aa116bc762a0e2ac8ad635799c2a1acc49de6c4 | China_Peace_Palace | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.20.China_Peace_Palace/China_Peace_Palace.pdf |
| 353 | 2015-07-22 | 8ee4f88f4734adc592190027018a461471e8204a | Duke_cloud_Linux | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.22.Duke_APT_groups_latest_tools/Duke_cloud_Linux.pdf |
| 354 | 2015-07-27 | 05763e7c36f1120b89cedba2c39ab4680b8ba28f | apt29-hammertoss-stealthy-tactics-define-a | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.27.HAMMERTOSS/apt29-hammertoss-stealthy-tactics-define-a.pdf |
| 355 | 2015-07-28 | 758520009778853bd186c8527b1cd73ee373ca36 | the-black-vine-cyberespionage-group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.28.Black_Vine/the-black-vine-cyberespionage-group.pdf |
| 356 | 2015-07-30 | 18e19f0aa8caf36fbb424ab650f87bb192d3434a | Operation-Potao-Express_final_v2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.30.Operation-Potao-Express/Operation-Potao-Express_final_v2.pdf |
| 357 | 2015-07-30 | 1ca6b256b4926edad36b545b8809b2c64d917252 | blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.07.30.Operation-Potao-Express/blog.pdf |
| 358 | 2015-08-04 | e820638a0c4690636ebac596e0bbc040308aa040 | Terracotta-VPN-Report-Final-8-3 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.08.04.Terracotta_VPN/Terracotta-VPN-Report-Final-8-3.pdf |
| 359 | 2015-08-05 | 2e7bfba595146d0274eaf32479cb7ea8eebda153 | threat-group-3390-targets-organizations-for-cyberespionage | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.08.05.Threat_Group-3390/threat-group-3390-targets-organizations-for-cyberespionage.pdf |
| 360 | 2015-08-08 | a850834f5ff8253d70a709a3d18b3cbfc05ce27c | Threat Analysis_ Poison Ivy and Links to an Extended PlugX Campaign – CYINT Analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.08.08.Poison_Ivy_and_Links_to_an_Extended_PlugX_Campaign/Threat%20Analysis_%20Poison%20Ivy%20and%20Links%20to%20an%20Extended%20PlugX%20Campaign%20%E2%80%93%20CYINT%20Analysis.pdf |
| 361 | 2015-08-10 | e92d19e7054c2d384d2afac5027e9fae5ea51596 | HTExploitTelemetry | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.08.10.The_Italian_Connection_An_analysis_of_exploit_supply_chains_and_digital_quartermasters/HTExploitTelemetry.pdf |
| 362 | 2015-08-19 | 68f5e800be94213b5fec499754aef6fe60ef13fe | New Internet Explorer zero-day exploited in Hong Kong attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.08.19.new-internet-explorer-zero-day-exploited-hong-kong-attacks/New%20Internet%20Explorer%20zero-day%20exploited%20in%20Hong%20Kong%20attacks.pdf |
| 363 | 2015-08-20 | 9035c1a0e8ec5b4eb632c0feb39a86600dce7d26 | ASERT Threat Intelligence Brief 2015-05 PlugX Threat Activity in Myanmar | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.08.20.PlugX_Threat_Activity_in_Myanmar/ASERT%20Threat%20Intelligence%20Brief%202015-05%20PlugX%20Threat%20Activity%20in%20Myanmar.pdf |
| 364 | 2015-08-20 | 9723b822bb83020963b2b2557da56ca1ba6e46f9 | new-activity-of-the-blue-termite-apt | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.08.20.new-activity-of-the-blue-termite-apt/new-activity-of-the-blue-termite-apt.pdf |
| 365 | 2015-09-01 | 2674d8703caf59d5b8062acc90e403814ec94621 | wp-the-spy-kittens-are-back | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.01.Rocket_Kitten_2/wp-the-spy-kittens-are-back.pdf |
| 366 | 2015-09-08 | 9db00858876ae2129cd45a55d40b1b4521fc8659 | musical-chairs-multi-year-campaign-involving-new-variant-of-gh0st-malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.08.Musical_Chairs_Gh0st_Malware/musical-chairs-multi-year-campaign-involving-new-variant-of-gh0st-malware.pdf |
| 367 | 2015-09-08 | f58b5c078576477b032cdf476cd1668268dc53fa | PaloAlto.musical-chairs-multi-year-campaign-involving-new-variant-of-gh0st-malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.08.musical-chairs-multi-year-campaign-involving-new-variant-of-gh0st-malware/PaloAlto.musical-chairs-multi-year-campaign-involving-new-variant-of-gh0st-malware.pdf |
| 368 | 2015-09-09 | 1cc6d8e2ad98b3b816c39ef19da2c0eeb561050a | Shadow Force Uses DLL Hijacking, Targets South Korean Company | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.09.Shadow_Force/Shadow%20Force%20Uses%20DLL%20Hijacking%2C%20Targets%20South%20Korean%20Company.pdf |
| 369 | 2015-09-09 | 320456d541590567eec647d887462186ba90e979 | Satellite Turla_ APT Command and Control in the Sky - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.09.satellite-turla-apt/Satellite%20Turla_%20APT%20Command%20and%20Control%20in%20the%20Sky%20-%20Securelist.pdf |
| 370 | 2015-09-09 | e5ec56a71fc2cf4ac1381c6ae48cc86708cb3f8e | Satellite-turla-apt-command-and-control-in-the-sky | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.09.satellite-turla-apt/Satellite-turla-apt-command-and-control-in-the-sky.pdf |
| 371 | 2015-09-15 | 11ce27412676f3584b8e9abefc629e2b90735056 | In Pursuit of Optical Fibers and Troop Intel_ Targeted Attack Distributes PlugX in Russia _ Proofpoint | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.15.PlugX_in_Russia/In%20Pursuit%20of%20Optical%20Fibers%20and%20Troop%20Intel_%20Targeted%20Attack%20Distributes%20PlugX%20in%20Russia%20_%20Proofpoint.pdf |
| 372 | 2015-09-15 | 328800f27b160b88263e7b1d2de48b35c5f25b8d | PlugX-in-Russia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.15.PlugX_in_Russia/PlugX-in-Russia.pdf |
| 373 | 2015-09-16 | 8804946664547376b49229749d7c162df44e80e6 | The-Shadow-Knows | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.16.The-Shadow-Knows/The-Shadow-Knows.pdf |
| 374 | 2015-09-17 | 3e45a371a5d1ada49c0e193372e3e1fe12191049 | Operation Iron Tiger Appendix | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.17.Operation_Iron_Tiger/Operation%20Iron%20Tiger%20Appendix.pdf |
| 375 | 2015-09-17 | 5ee4cfb8802fd6a2dc6d936357a6ce16878778cf | wp-operation-iron-tiger | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.17.Operation_Iron_Tiger/wp-operation-iron-tiger.pdf |
| 376 | 2015-09-17 | c02195e501548fc9b8e2e13673a7e12e1af9e207 | dukes_whitepaper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.17.duke_russian/dukes_whitepaper.pdf |
| 377 | 2015-09-23 | dbd710751a6c32ba91401fb5e5623f46b4d2475f | Project_CAMERASHY_ThreatConnect_Copyright_2015 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.09.23.CAMERASHY_ThreatConnect/Project_CAMERASHY_ThreatConnect_Copyright_2015.pdf |
| 378 | 2015-10-03 | 1116413c96b35c3c8f3d404bdabbec46b375eaaa | Cybereason-Labs-Analysis-Webmail-Sever-APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.10.03.Webmail_Server_APT/Cybereason-Labs-Analysis-Webmail-Sever-APT.pdf |
| 379 | 2015-10-05 | 980ab92472c6de302ade77423ce09abe58a258bc | threat-identification | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.10.05.Proactive_Threat_Identification/threat-identification.pdf |
| 380 | 2015-10-15 | 92d59c195d0c98a3ef1f583c7eee995a0e85e27f | Mapping FinFisher’s Continuing Proliferation | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.10.15.FinFisher_Continuing/Mapping%20FinFisher%E2%80%99s%20Continuing%20Proliferation.pdf |
| 381 | 2015-10-16 | 4e3ce763a2de0b448556aed46fdb89a361f38f53 | 2015.10.targeted-attacks-ngo-burma | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.10.16.NGO_Burmese_Government/2015.10.targeted-attacks-ngo-burma.pdf |
| 382 | 2015-11-04 | 4911b137926b6b17044141527980cdb9e4a9cb13 | cct-w08_evolving-threats-dissection-of-a-cyber-espionage-attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.04_Evolving_Threats/cct-w08_evolving-threats-dissection-of-a-cyber-espionage-attack.pdf |
| 383 | 2015-11-09 | 523ae1be152df2a4d1de51ee2b3e7f23cad62628 | rocket-kitten-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.09.Rocket_Kitten_A_Campaign_With_9_Lives/rocket-kitten-report.pdf |
| 384 | 2015-11-10 | 3133729b5af2ecd6657c814c0d7c73a3157427db | bookworm-trojan-a-model-of-modular-architecture | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.10.bookworm-trojan-a-model-of-modular-architecture/bookworm-trojan-a-model-of-modular-architecture.pdf |
| 385 | 2015-11-17 | 4da43deb6f7dede89080d4b4adaae53a2c371aa5 | rpt-witchcoven | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.17.Pinpointing_Targets_Exploiting_Web_Analytics_to_Ensnare_Victims/rpt-witchcoven.pdf |
| 386 | 2015-11-18 | 1ffa0aaf1e29ef02734e49bfab41c4ec18b3b839 | Russian financial cybercrime_ how it works - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.18.Russian_financial_cybercrime_how_it_works/Russian%20financial%20cybercrime_%20how%20it%20works%20-%20Securelist.pdf |
| 387 | 2015-11-18 | abac715cbc6d033fdb588a36f3e9eaa9535d102b | Kaspersky_Lab_cybercrime_underground_report_eng_v1_0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.18.Russian_financial_cybercrime_how_it_works/Kaspersky_Lab_cybercrime_underground_report_eng_v1_0.pdf |
| 388 | 2015-11-18 | d95f10b2f4711a2f0b410ad5218a49f0a80e8c13 | amballa-discovers-new-toolset-linked-to-destover-attackers-arsenal-helps-them-to-broaden-attack-surface | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.18.Destover/amballa-discovers-new-toolset-linked-to-destover-attackers-arsenal-helps-them-to-broaden-attack-surface.pdf |
| 389 | 2015-11-18 | e204f491c98755fe0239112758a0938409dce32a | tdrop2-attacks-suggest-dark-seoul-attackers-return | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.18.tdrop2/tdrop2-attacks-suggest-dark-seoul-attackers-return.pdf |
| 390 | 2015-11-18 | e3ecbc1fbfa46fc8d2b34639b831ea3b82110aba | sakula-reloaded | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.18.Sakula_Reloaded/sakula-reloaded.pdf |
| 391 | 2015-11-18 | fbb18bcb00080008184c6e99c378a8da721b43bf | Damballa discovers new toolset linked to Destover | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.18.Destover/Damballa%20discovers%20new%20toolset%20linked%20to%20Destover.pdf |
| 392 | 2015-11-19 | 4bfa7e0065fdcedaee712fcf08200bc0233aea09 | ecrypting-strings-in-emdivi | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.19.decrypting-strings-in-emdivi/ecrypting-strings-in-emdivi.pdf |
| 393 | 2015-11-19 | 7ac406637241a341e0130e3b485f1cc3b8e22a96 | 20151028_codeblue_apt-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.19.decrypting-strings-in-emdivi/20151028_codeblue_apt-en.pdf |
| 394 | 2015-11-23 | 1d72a50b38ee4b5f57684726cef957f61ae6d2f2 | GlassRAT-final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.23.PEERING_INTO_GLASSRAT/GlassRAT-final.pdf |
| 395 | 2015-11-23 | 551f1437e2589d5b0111a28db3fafa707822b759 | wp-prototype-nation | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.23.Prototype_Nation_The_Chinese_Cybercriminal_Underground_in_2015/wp-prototype-nation.pdf |
| 396 | 2015-11-23 | 78f88b00380fd4e888325439ab2591babda98fcc | Prototype Nation_ The Chinese Cybercriminal Underground in 2015 - Security News - Trend Micro USA | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.23.Prototype_Nation_The_Chinese_Cybercriminal_Underground_in_2015/Prototype%20Nation_%20The%20Chinese%20Cybercriminal%20Underground%20in%202015%20-%20Security%20News%20-%20Trend%20Micro%20USA.pdf |
| 397 | 2015-11-23 | 8d0db1c4358b552084b1f8d504179651c6ceb1d2 | CopyKittens | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.23.CopyKittens_Attack_Group/CopyKittens.pdf |
| 398 | 2015-11-24 | 9d9a127ad42f4328a56d631d15816ba71e18f98c | attack-campaign-on-the-government-of-thailand-delivers-bookworm-trojan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.24.Attack_Campaign_on_the_Government_of_Thailand_Delivers_Bookworm_Trojan/attack-campaign-on-the-government-of-thailand-delivers-bookworm-trojan.pdf |
| 399 | 2015-11-30 | c27c1daaa60de3381a7cb11975bef88fa05c2449 | foxit-whitepaper_ponmocup_1_1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.11.30.Ponmocup/foxit-whitepaper_ponmocup_1_1.pdf |
| 400 | 2015-12-01 | 4b28cc1844c1f6218a71d3231c5f5e70d7c68709 | china.based.threat | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.01.China-based_Cyber_Threat_Group_Uses_Dropbox_for_Malware_Communications_and_Targets_Hong_Kong_Media_Outlets/china.based.threat.pdf |
| 401 | 2015-12-04 | ec90ba5cd623542dbdbce8d65095c2a27e64fb08 | sofacy-apt-hits-high-profile-targets-with-updated-toolset | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.04.Sofacy_APT/sofacy-apt-hits-high-profile-targets-with-updated-toolset.pdf |
| 402 | 2015-12-07 | 421d41eafe972ca46b53ba82a260817dd3599d11 | iran-based-attackers-use-back-door-threats-spy-middle-eastern-targets | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.07.Iran-based/iran-based-attackers-use-back-door-threats-spy-middle-eastern-targets.pdf |
| 403 | 2015-12-07 | 924193affc6bcd25cc2d9b1b952a8c8dcf068669 | fin1-targets-boot-record | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.07.Thriving_Beyond_The_Operating_System/fin1-targets-boot-record.pdf |
| 404 | 2015-12-08 | 0732f30d54b0bb6bd260dd3e34889bc6ec89c5ec | Packrat_ Seven Years of a South American Threat Actor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.08.Packrat/Packrat_%20Seven%20Years%20of%20a%20South%20American%20Threat%20Actor.pdf |
| 405 | 2015-12-08 | 1473bc708f2ad4a5e2402b2d343a51271fac6c0e | packrat-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.08.Packrat/packrat-report.pdf |
| 406 | 2015-12-13 | 8a5dd7e1cb4e277dbdf8323aeda0d79dce182249 | elise-security-through-obesity.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.13.ELISE/elise-security-through-obesity.html.pdf |
| 407 | 2015-12-15 | 7c3654eb098d9b484c2d342af5375580b6073594 | Newcomers-in-the-Derusbi-family | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.15.Newcomers_in_the_Derusbi_family/Newcomers-in-the-Derusbi-family.pdf |
| 408 | 2015-12-16 | 227c9942df3a8902726be7eb618334e1253aa9d5 | operation-black-atlas-part-2-tools-and-malware-used-and-how-to-detect-them | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.16.Operation_Black_Atlas/operation-black-atlas-part-2-tools-and-malware-used-and-how-to-detect-them.pdf |
| 409 | 2015-12-16 | aae628909f813e344b30470fae5d2a26619c4706 | Operation Black Atlas_Indicators_of_Compromise | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.16.Operation_Black_Atlas/Operation%20Black%20Atlas_Indicators_of_Compromise.pdf |
| 410 | 2015-12-16 | bd57cd05f1940487913c3fc7f85d3d09710a9631 | operation-black-atlas-endangers-in-store-card-payments-and-smbs-worldwide-switches-between-blackpos-and-other-tools | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.16.Operation_Black_Atlas/operation-black-atlas-endangers-in-store-card-payments-and-smbs-worldwide-switches-between-blackpos-and-other-tools.pdf |
| 411 | 2015-12-16 | cd02ced2b0c1a7ed91e9d631ad45f001fa71a837 | Operation_Black Atlas_Technical_Brief | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.16.Operation_Black_Atlas/Operation_Black%20Atlas_Technical_Brief.pdf |
| 412 | 2015-12-16 | e10651d3a6223055e95464f0023b549cdf7ca00c | FTA_1020_Fidelis_Inocnation_FINAL | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.16.INOCNATION.Campaign/FTA_1020_Fidelis_Inocnation_FINAL.pdf |
| 413 | 2015-12-17 | 78bb54f4e5308d18e178c64a6f3a54710fdb2ee3 | Bitdefender_In-depth_analysis_of_APT28__The_Political_Cyber-Espionage | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.17.APT28_Under_The_Scope/Bitdefender_In-depth_analysis_of_APT28__The_Political_Cyber-Espionage.pdf |
| 414 | 2015-12-18 | b2e67b0e7e9ca99cc9a37f0d1b7603fdf0365a53 | attack-on-french-diplomat-linked-to-operation-lotus-blossom | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.18.Attack_on_Frence_Diplomat_Linked_To_Operation_Lotus_Blossom/attack-on-french-diplomat-linked-to-operation-lotus-blossom.pdf |
| 415 | 2015-12-20 | 57511f2a45c751e73814b4b9514a1bcc9e93ea72 | The_EPS_Awakens_Part_2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.20.EPS_Awakens_Part_II/The_EPS_Awakens_Part_2.pdf |
| 416 | 2015-12-22 | 2f04db722b7a212df65723b9685e3dc6afaaa66c | bbsrat-attacks-targeting-russian-organizations-linked-to-roaming-tiger | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2015/2015.12.22.BBSRAT_Roaming_Tiger/bbsrat-attacks-targeting-russian-organizations-linked-to-roaming-tiger.pdf |
| 417 | 2016-01-03 | da87ca80af9057fe2d153e11f3f4a372a86fc314 | blackenergy-sshbeardoor-details-2015-attacks-ukrainian-news-media-electric-industry | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.03.BlackEnergy_Ukrainian/blackenergy-sshbeardoor-details-2015-attacks-ukrainian-news-media-electric-industry.pdf |
| 418 | 2016-01-06 | 2a81d693b62fe82d6df0383996437c5d265e9527 | potential-sample-of-malware-from-the-ukrainian-cyber-attack-uncovered | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.03.BlackEnergy_Ukrainian/Reference/potential-sample-of-malware-from-the-ukrainian-cyber-attack-uncovered.pdf |
| 419 | 2016-01-06 | 7a2059db840f1a3746ab3247e15a5ee1798f1f32 | LM3-LipovskyCherepanov.xml | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.03.BlackEnergy_Ukrainian/Reference/LM3-LipovskyCherepanov.xml.pdf |
| 420 | 2016-01-06 | 91fbf836bbacd644060ed694aa4931b03af7865d | blackenergy-trojan-strikes-again-attacks-ukrainian-electric-power-industry | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.03.BlackEnergy_Ukrainian/Reference/blackenergy-trojan-strikes-again-attacks-ukrainian-electric-power-industry.pdf |
| 421 | 2016-01-06 | 922b5960bc4dcc0dc784146b7882f79052ca510a | back-in-blackenergy-2014 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.03.BlackEnergy_Ukrainian/Reference/back-in-blackenergy-2014.pdf |
| 422 | 2016-01-06 | a70f56b79c409eda422a519e3b6c81ec05c7e8d2 | uisgcon11_2015#pic-5 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.03.BlackEnergy_Ukrainian/Reference/uisgcon11_2015%23pic-5.pdf |
| 423 | 2016-01-06 | c3f1b24b4eb6691187cf923ba839b1c48393a6c7 | blackenergy-sshbeardoor-details-2015-attacks-ukrainian-news-media-electric-industry | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.03.BlackEnergy_Ukrainian/Reference/blackenergy-sshbeardoor-details-2015-attacks-ukrainian-news-media-electric-industry.pdf |
| 424 | 2016-01-07 | 4ad3de7edfcae1dee973b3e016c9145916591122 | operation-dustysky-notes | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.07.Operation_DustySky/operation-dustysky-notes.pdf |
| 425 | 2016-01-07 | 9b7bf2d6c4a10dac7483c618562e701f42c1dc32 | Operation DustySky_TLP_WHITE | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.07.Operation_DustySky/Operation%20DustySky_TLP_WHITE.pdf |
| 426 | 2016-01-07 | f34ec411f0ce10f854e5a8c4ca90c9569217409b | rigging-compromise.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.07.rigging-compromise/rigging-compromise.html.pdf |
| 427 | 2016-01-14 | 2b6972b475a33a12f66e069d490eccf8a5dd2990 | Cisco_haystack.2016.01.14 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.14_Cisco_Needles_in_a_Haystack/Cisco_haystack.pdf.2016.01.14.pdf |
| 428 | 2016-01-14 | db5431a5c9b6ac0af2d3d12e00a30b755fe6306f | waterbug-attack-group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.14.The.Waterbug.Attack.Group/waterbug-attack-group.pdf |
| 429 | 2016-01-19 | 1daa7fd401a37b65528f168a9818289fb214d1d1 | [CN]_2015.APT.Annual_Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.19.360_APT_Report/%5BCN%5D_2015.APT.Annual_Report.pdf |
| 430 | 2016-01-19 | 98ee40523e822c8aeeaffdf884edbad833549fac | news_长期窃取我国敏感数据,29个海外黑客组织被曝光_科技_中国网 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.19.360_APT_Report/news_%E9%95%BF%E6%9C%9F%E7%AA%83%E5%8F%96%E6%88%91%E5%9B%BD%E6%95%8F%E6%84%9F%E6%95%B0%E6%8D%AE%EF%BC%8C29%E4%B8%AA%E6%B5%B7%E5%A4%96%E9%BB%91%E5%AE%A2%E7%BB%84%E7%BB%87%E8%A2%AB%E6%9B%9D%E5%85%89_%E7%A7%91%E6%8A%80_%E4%B8%AD%E5%9B%BD%E7%BD%91.pdf |
| 431 | 2016-01-21 | 1cd7c6502a22702e4e05e1708ce2662534cb3e32 | NetTraveler Spear-Phishing Email Targets Diplomat of Uzbekistan - Palo Alto Networks BlogPalo Alto Networks Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.21.NetTraveler_Uzbekistan/NetTraveler%20Spear-Phishing%20Email%20Targets%20Diplomat%20of%20Uzbekistan%20-%20Palo%20Alto%20Networks%20BlogPalo%20Alto%20Networks%20Blog.pdf |
| 432 | 2016-01-21 | a1b9d5a178a30f272b3f420a9b2263eac2c73e35 | nettraveler-spear-phishing-email-targets-diplomat-of-uzbekistan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.21.NetTraveler_Uzbekistan/nettraveler-spear-phishing-email-targets-diplomat-of-uzbekistan.pdf |
| 433 | 2016-01-24 | bab618563431881dd8cadb10c02ed3dbfc300526 | scarlet-mimic-years-long-espionage-targets-minority-activists | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.24_Scarlet_Minic/scarlet-mimic-years-long-espionage-targets-minority-activists.pdf |
| 434 | 2016-01-26 | a48cb6e2961d49d209196adbac1d95ebe21a5a56 | BlackEnergy3_WP_012716_1c | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.26.BlackEnergy3/BlackEnergy3_WP_012716_1c.pdf |
| 435 | 2016-01-27 | 4b1ca2728629ffb86d2ce7277859e25ed0986f93 | introducing-hi-zor-rat.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.27.Hi-Zor.RAT/introducing-hi-zor-rat.html.pdf |
| 436 | 2016-01-28 | 68f5083717325073aaa3ef57a371aac9f30ef6fb | blackenergy-apt-attacks-in-ukraine-employ-spearphishing-with-word-documents | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.28.BlackEnergy_APT/blackenergy-apt-attacks-in-ukraine-employ-spearphishing-with-word-documents.pdf |
| 437 | 2016-01-29 | 547c04be6d9ef7f6c4df1bc978b101526a9948e4 | ICS-ALERT-14-281-01B | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.28.BlackEnergy_APT/reference/ICS-ALERT-14-281-01B.pdf |
| 438 | 2016-01-29 | 5ff49fde7468addf7495dc60efc9406bde48504f | malicious-office-files-dropping-kasidet.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.29.Malicious_Office_files_dropping_Kasidet_and_Dridex/malicious-office-files-dropping-kasidet.html.pdf |
| 439 | 2016-01-29 | 85cdd12f93381a1bd387a09fd7098f867582c3ad | be2-extraordinary-plugins-siemens-targeting-dev-fails | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.28.BlackEnergy_APT/reference/be2-extraordinary-plugins-siemens-targeting-dev-fails.pdf |
| 440 | 2016-01-29 | 9de94ac2dac8cd0497a39b89715ce97dcd44859f | Right_Sector | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.28.BlackEnergy_APT/reference/Right_Sector.pdf |
| 441 | 2016-01-29 | acfe355fe7c189c5e3ef42cdd17edced2f3c362c | RFBU | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.28.BlackEnergy_APT/reference/RFBU.pdf |
| 442 | 2016-01-29 | ba23484ae4d43db724584427b5628802e827dd1c | F5SOC_Tinbapore_Attack_January2016_29 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.29.Tinbapore_Attack/F5SOC_Tinbapore_Attack_January2016_29.pdf |
| 443 | 2016-01-29 | d466adab80818c8f035824081706038eceb8d04f | black_energy_2_3 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.28.BlackEnergy_APT/reference/black_energy_2_3.pdf |
| 444 | 2016-01-29 | ec503a9fa1206124e53d35eaba1c9d1a0d780202 | be2-custom-plugins-router-abuse-and-target-profiles | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.28.BlackEnergy_APT/reference/be2-custom-plugins-router-abuse-and-target-profiles.pdf |
| 445 | 2016-01-29 | fdfff8084e578e20f5dd8528b04aa144e87b4719 | black-ddos | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.01.28.BlackEnergy_APT/reference/black-ddos.pdf |
| 446 | 2016-02-01 | 80a3f2c1c1f9dec104874cb59b14207f35e806bc | organized-cybercrime-big-in-japan-urlzone-now-on-the-scene | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.01.URLzone_Team/organized-cybercrime-big-in-japan-urlzone-now-on-the-scene.pdf |
| 447 | 2016-02-01 | 86b8c909afd63ec436249037400dd59428798f1d | massive-admedia-iframe-javascript-infection.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.01.Massive_Admedia_Adverting_iFrame_Infection/massive-admedia-iframe-javascript-infection.html.pdf |
| 448 | 2016-02-03 | 1f2eee38b44ad3e9fdd50b4845af7b9ec98c244c | emissary-trojan-changelog-did-operation-lotus-blossom-cause-it-to-evolve | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.03.Emissary_Trojan_Changelog/emissary-trojan-changelog-did-operation-lotus-blossom-cause-it-to-evolve.pdf |
| 449 | 2016-02-04 | d5e47cedc99e7eafd495003e6bd0b79eb44d4f8d | PaloAlto_t9000-advanced-modular-backdoor-uses-complex-anti-analysis-techniques.2016.02.04 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.04_PaloAlto_T9000-Advanced-Modular-Backdoor/PaloAlto_t9000-advanced-modular-backdoor-uses-complex-anti-analysis-techniques.2016.02.04.pdf |
| 450 | 2016-02-08 | 6cc38d03649b53205ea47fad7672a39480be93ab | ICIT-Brief-Know-Your-Enemies-2.0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.08.Know_Your_Enemies_2.0/ICIT-Brief-Know-Your-Enemies-2.0.pdf |
| 451 | 2016-02-09 | 1d8767400696eec436e4e8442643ba50311205df | poseidon-group-a-targeted-attack-boutique-specializing-in-global-cyber-espionage | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.09_Poseidon_APT_Boutique/poseidon-group-a-targeted-attack-boutique-specializing-in-global-cyber-espionage.pdf |
| 452 | 2016-02-09 | 92ccadd2258b3a2801458db14b235035d89745df | 5165 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.09_Poseidon_APT_Boutique/5165.pdf |
| 453 | 2016-02-11 | f9e4f3da9e28916ef7b2493a6aa41768ec683831 | india-pakistan-cyber-rivalry | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.11.Hacktivism_India_vs_Pakistan/india-pakistan-cyber-rivalry.pdf |
| 454 | 2016-02-12 | 2e975acb1a64ea43e5079ee6ee89374392813786 | a-look-into-fysbis-sofacys-linux-backdoor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.12.Fysbis_Sofacy_Linux_Backdoor/a-look-into-fysbis-sofacys-linux-backdoor.pdf |
| 455 | 2016-02-23 | 606f656561781dba6fdef666ece6a0cc24709f01 | Op_Dust_Storm_Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.23.Operation_Dust_Storm/Op_Dust_Storm_Report.pdf |
| 456 | 2016-02-23 | cd75c4d77910a44416d71df6ad3164120827b33a | Dust_Storm_Infographic_v4 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.23.Operation_Dust_Storm/Dust_Storm_Infographic_v4.pdf |
| 457 | 2016-02-24 | 058540094f2591abb7de917954dcb886cc1697ce | Operation-Blockbuster-Loaders-Installers-and-Uninstallers-Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.24.Operation_Blockbuster/Operation-Blockbuster-Loaders-Installers-and-Uninstallers-Report.pdf |
| 458 | 2016-02-24 | 297c9413278d615cf2ca7ded8a0f3ef10f739cac | Operation-Blockbuster-Tools-Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.24.Operation_Blockbuster/Operation-Blockbuster-Tools-Report.pdf |
| 459 | 2016-02-24 | 5a5139532e0fdcc76ed9b216d03e33fc27949bc5 | Operation-Blockbuster-Destructive-Malware-Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.24.Operation_Blockbuster/Operation-Blockbuster-Destructive-Malware-Report.pdf |
| 460 | 2016-02-24 | 5f86309e6544994a45536b0450cf1f5adef67296 | Operation-Blockbuster-RAT-and-Staging-Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.24.Operation_Blockbuster/Operation-Blockbuster-RAT-and-Staging-Report.pdf |
| 461 | 2016-02-24 | 5fe924adedb40c296bb2efc63473d10cd0a7d10f | Operation-Blockbuster-Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.24.Operation_Blockbuster/Operation-Blockbuster-Report.pdf |
| 462 | 2016-02-24 | edbc948346ecc8640bed0d82b2a64b0e859996c4 | Operation-Blockbuster-Ex-Summary | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.24.Operation_Blockbuster/Operation-Blockbuster-Ex-Summary.pdf |
| 463 | 2016-02-29 | 01fda1bcf39d3c6bc88434cca97aff08db32819b | TA_Fidelis_Turbo_1602_0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.02.29.Turbo_Campaign_Derusbi/TA_Fidelis_Turbo_1602_0.pdf |
| 464 | 2016-03-01 | 80bc090bee98e2117da088598e03c075e679e21d | proofpoint-operation-transparent-tribe-threat-insight-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.01.Operation_Transparent_Tribe/proofpoint-operation-transparent-tribe-threat-insight-en.pdf |
| 465 | 2016-03-03 | a65f73c4e0e9d915526cf1c04db5714da4128e13 | blackenergy-malware-analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.03.Shedding_Light_BlackEnergy/blackenergy-malware-analysis.pdf |
| 466 | 2016-03-08 | 713d32d4ae8127bf6561c2a57889d4e52d035a0f | [CN]Operation_OnionDog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.08.OnionDog/%5BCN%5DOperation_OnionDog.pdf |
| 467 | 2016-03-08 | 840c190b2e0b88ba64935b320a1b3162d6e264ba | onion-dog-a-3-year-old-apt | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.08.OnionDog/onion-dog-a-3-year-old-apt.pdf |
| 468 | 2016-03-08 | df5f02460e3c9645924403b70b2a38154f58c506 | APT-C-03-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.08.OnionDog/APT-C-03-en.pdf |
| 469 | 2016-03-09 | 8f6d47d7261f87a25b93801d2dc76b52358c6cf6 | wp-mandiant-matryoshka-mining | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.09.Operation_RussianDoll/wp-mandiant-matryoshka-mining.pdf |
| 470 | 2016-03-10 | 5be1878cef91b9f144933f3953afeaa2a17fc9f2 | shifting-tactics | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.10.shifting-tactics/shifting-tactics.pdf |
| 471 | 2016-03-14 | 65fc9d406cde5d3458817e0c2da702ed7f7f4eaa | proofpoint-threat-insight-carbanak-group-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.14.Carbanak_cybercrime_group/proofpoint-threat-insight-carbanak-group-en.pdf |
| 472 | 2016-03-15 | e9ab559e5495f776e3ec2ffb46e648fa3b173a5c | suckfly-revealing-secret-life-your-code-signing-certificates | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.15.Suckfly/suckfly-revealing-secret-life-your-code-signing-certificates.pdf |
| 473 | 2016-03-17 | 8aa740814d15ee3e321a86fcab71765e542794ab | taiwant-election-targetting.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.17.Taiwan-election-targetting/taiwant-election-targetting.html.pdf |
| 474 | 2016-03-17 | b039fa56126220d8df26a5ad6853a884bd76581e | PWC_Taiwan-Presidential-Election-A-Case-Study-on-Thematic-Targeting(Mar-17-2016) | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.17.Taiwan-election-targetting/PWC_Taiwan-Presidential-Election-A-Case-Study-on-Thematic-Targeting%28Mar-17-2016%29.pdf |
| 475 | 2016-03-18 | 8d21ac4f42533126c4449c10c3ae6f5709d319f2 | E-ISAC_SANS_Ukraine_DUC_5 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.18.Analysis_of_the_Cyber_Attack_on_the_Ukrainian_Power_Grid/E-ISAC_SANS_Ukraine_DUC_5.pdf |
| 476 | 2016-03-23 | 3e3f781f7abac6c9472b8aa4775bbed5957b715b | Indian-military-personnel-targeted-by-information-theft-campaign-cmajor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.23.Operation_C_Major/Indian-military-personnel-targeted-by-information-theft-campaign-cmajor.pdf |
| 477 | 2016-03-25 | e336a05540dd41d5eae8633116db965c10329f22 | unit42-projectm-link-found-between-pakistani-actor-and-operation-transparent-tribe | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.03.25.ProjectM/unit42-projectm-link-found-between-pakistani-actor-and-operation-transparent-tribe.pdf |
| 478 | 2016-04-12 | 8f9ced352ae35a97e06c0066ee2092b28b5f32d8 | Platinum feature article - Targeted attacks in South and Southeast Asia April 2016 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.12.PLATINUM_Targeted_attacks_in_South_and_Southeast_Asia/Platinum%20feature%20article%20-%20Targeted%20attacks%20in%20South%20and%20Southeast%20Asia%20April%202016.pdf |
| 479 | 2016-04-15 | b9edbab15b408d13e9e0847827122b76a311b016 | Detecting-and-Responding-to-Pandas-and-Bears-Christopher-Scott-CrowdStrike-and-Wendi-Whitmore-IBM | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.15.pandas_and_bears/Detecting-and-Responding-to-Pandas-and-Bears-Christopher-Scott-CrowdStrike-and-Wendi-Whitmore-IBM.pdf |
| 480 | 2016-04-18 | 83c44bc6c5c139084cb2e734de308eb26a3c357e | between-hong-kong-and-burma | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.18.UP007/between-hong-kong-and-burma.pdf |
| 481 | 2016-04-18 | b76678677495b10baf122ba531f6957e9dd0b292 | Between Hong Kong and Burma_ Tracking UP007 and SLServer Espionage Campaigns - The Citizen Lab | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.18.UP007/Between%20Hong%20Kong%20and%20Burma_%20Tracking%20UP007%20and%20SLServer%20Espionage%20Campaigns%20-%20The%20Citizen%20Lab.pdf |
| 482 | 2016-04-21 | 21e5175d1dd3c2c2b628898401956c7bf5bde38c | teaching-an-old-rat-new-tricks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.21.Teaching_an_old_RAT_new_tricks/teaching-an-old-rat-new-tricks.pdf |
| 483 | 2016-04-21 | a119cd353c04867a79f19297b85442b17c8ca590 | unit42-new-poison-ivy-rat-variant-targets-hong-kong-pro-democracy-activists | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.21.New_Poison_Ivy_RAT_Variant_Targets_Hong_Kong/unit42-new-poison-ivy-rat-variant-targets-hong-kong-pro-democracy-activists.pdf |
| 484 | 2016-04-22 | f6b48254bf81462009a584a052101dfb6df596ce | The.Ghost.Dragon.-.Cylance | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.22.the-ghost-dragon/The.Ghost.Dragon.-.Cylance.pdf |
| 485 | 2016-04-26 | 19a24110ffa0758f2a47a48d5bedb2d47851db29 | Cyber warfare_ Iran opens a new front - FT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.26.Iran_Opens_a_New_Front/Cyber%20warfare_%20Iran%20opens%20a%20new%20front%20-%20FT.pdf |
| 486 | 2016-04-26 | 6ac77c488da30f6bd13cdac0d70ce285148a3eec | recent-poison-iv | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.26.New_Poison_Ivy_Activity_Targeting_Myanmar_Asian_Countries/recent-poison-iv.pdf |
| 487 | 2016-04-26 | 87d857d7ce1ab46f4ad8808067b2f7cd43ac8fb2 | New Poison Ivy Activity Targeting Myanmar, Asian Countries | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.26.New_Poison_Ivy_Activity_Targeting_Myanmar_Asian_Countries/New%20Poison%20Ivy%20Activity%20Targeting%20Myanmar%2C%20Asian%20Countries.pdf |
| 488 | 2016-04-27 | f110830417b2cd564f2f0e00eedb20e43ea20d50 | Freezer Paper around Free Meat - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.04.27.Repackaging_Open_Source_BeEF/Freezer%20Paper%20around%20Free%20Meat%20-%20Securelist.pdf |
| 489 | 2016-05-02 | 7a436c3b70a5cb5dcbc0112a8b2858e5ce3cefe4 | goznym-malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.02.GOZNYM_MALWARE/goznym-malware.pdf |
| 490 | 2016-05-02 | a5b61e0e469c7dcdb6e359c1a03d927f35c43bb8 | prince-of-persia-infy-malware-active-in-decade-of-targeted-attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.02.Prince_of_Persia_Infy_Malware/prince-of-persia-infy-malware-active-in-decade-of-targeted-attacks.pdf |
| 491 | 2016-05-05 | 6a5001adf44feb6d08eb65ca04370476188965cd | report_jaku_analysis_of_botnet_campaign_en_0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.05_Jaku_botnet_campaign/report_jaku_analysis_of_botnet_campaign_en_0.pdf |
| 492 | 2016-05-06 | 31e6f8ce651cb77a2cf4250c7150e35aee99e76f | exploring-cve-2015-2545-and-its-users.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.06_Exploring_CVE-2015-2545/exploring-cve-2015-2545-and-its-users.html.pdf |
| 493 | 2016-05-09 | ad88223032e7cb6b373a458e6472870a7ca69e37 | 2016_005_001_454247 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.09_ICS_Threat_Analysis/2016_005_001_454247.pdf |
| 494 | 2016-05-10 | 0b125a7674213282cbcfd782d7c8d3fdf0ac1e3d | tinyPOS_tinyloader | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.10.tinyPOS_tinyloader/tinyPOS_tinyloader.pdf |
| 495 | 2016-05-10 | d491a0602abb0061170b4170a0b74a3b71062a74 | tinypos-abaddonpos-ties-to-tinyloader | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.10.tinyPOS_tinyloader/tinypos-abaddonpos-ties-to-tinyloader.pdf |
| 496 | 2016-05-17 | 599a53807cd15839de2fcbc8e8a7ea75152a2383 | indian-organizations-targeted-suckfly-attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.17.Indian_organizations_targeted_in_Suckfly_attacks/indian-organizations-targeted-suckfly-attacks.pdf |
| 497 | 2016-05-17 | ffa66796bd7c7f077c31285e6563ccb522b7e9b1 | fox-it_mofang_threatreport_tlp-white | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.17.Mofang/fox-it_mofang_threatreport_tlp-white.pdf |
| 498 | 2016-05-18 | 5938181ed1aec8281f229581f38f37f78eb24821 | Operation-Groundbait | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.18.Operation_Groundbait/Operation-Groundbait.pdf |
| 499 | 2016-05-22 | 09f34e4bf6d1b7503863ac6ae0c0a010e605a3b0 | targeted_attacksaga.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.22.Targeted_Attacks_Against_Banks_in_Middle_East/targeted_attacksaga.html.pdf |
| 500 | 2016-05-22 | d31c752ecc9b9369d410b5689060365bcbb65a42 | operation-ke3chang-resurfaces-with-new-tidepool-malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.22.Operation_Ke3chang_Resurfaces_With_New_TidePool_Malware/operation-ke3chang-resurfaces-with-new-tidepool-malware.pdf |
| 501 | 2016-05-23 | dbee63b0f8cd29139b4d12b867e3a80de139c0df | Report_Ruag-Espionage-Case | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.23.APT_Case_RUAG/Report_Ruag-Espionage-Case.pdf |
| 502 | 2016-05-24 | d0791b89c61a793f6d07d7cccc098be64f4f3c73 | unit42-new-wekby-attacks-use-dns-requests-as-command-and-control-mechanism | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.24.New_Wekby_Attacks/unit42-new-wekby-attacks-use-dns-requests-as-command-and-control-mechanism.pdf |
| 503 | 2016-05-25 | d79781d4bad287b82dfa7e8cd6b3481c12df2c65 | cve-2015-2545-overview-of-current-threats | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.25.CVE-2015-2545/cve-2015-2545-overview-of-current-threats.pdf |
| 504 | 2016-05-26 | ff756612875a76ff69cdf480637f35ba45d94313 | the-oilrig-campaign-attacks-on-saudi-arabian-organizations-deliver-helminth-backdoor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.26.OilRig_Campaign/the-oilrig-campaign-attacks-on-saudi-arabian-organizations-deliver-helminth-backdoor.pdf |
| 505 | 2016-05-27 | 8ed7f4f236b73e01de575bf7716453bcfcba7f91 | ixeshe-derivative-iheate-targets-users-america | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.05.27.IXESHE_Derivative_IHEATE_Targets_Users_in_America/ixeshe-derivative-iheate-targets-users-america.pdf |
| 506 | 2016-06-02 | 4251b34749fd27da6bd56898978f6e058da24c89 | TrendLabs Security Intelligence BlogFastPOS_ Quick and Easy Credit Card Theft - TrendLabs Security Intelligence Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.02.fastpos-quick-and-easy-credit-card-theft/TrendLabs%20Security%20Intelligence%20BlogFastPOS_%20Quick%20and%20Easy%20Credit%20Card%20Theft%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf |
| 507 | 2016-06-02 | e7b813995e0231585bdcb88b80a61b8278967292 | fastPOS-quick-and-easy-credit-card-theft (1) | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.02.fastpos-quick-and-easy-credit-card-theft/fastPOS-quick-and-easy-credit-card-theft%20%281%29.pdf |
| 508 | 2016-06-09 | a00dc576f03496351c6ec2989aac2a26891c4cff | Operation-DustySky2_-6.2016_TLP_White | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.09.Operation_DustySky_II/Operation-DustySky2_-6.2016_TLP_White.pdf |
| 509 | 2016-06-16 | 2542ff73863727ad3151ca1feadc01d18024f9a3 | cf006cb4-316e-11e6-8ff7-7b6c1998b7a0_story.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.16.Threat_Group-4127_Targets_Hillary_Clinton_Presidential_Campaign/cf006cb4-316e-11e6-8ff7-7b6c1998b7a0_story.html.pdf |
| 510 | 2016-06-16 | 4266eae02e5de05ace3dd04bcc32516f087fb6a7 | bears-midst-intrusion-democratic-national-committee | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.16.DNC/bears-midst-intrusion-democratic-national-committee.pdf |
| 511 | 2016-06-16 | f3781f5c5f8fec7c251964019fe0fbf4465a020b | threat-group-4127-targets-hillary-clinton-presidential-campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.16.Threat_Group-4127_Targets_Hillary_Clinton_Presidential_Campaign/threat-group-4127-targets-hillary-clinton-presidential-campaign.pdf |
| 512 | 2016-06-16 | fece91ff2b729e25f30229b2c9fb43e4a4089dc3 | Bears in the Midst_ Intrusion into the Democratic National Committee » | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.16.DNC/Bears%20in%20the%20Midst_%20Intrusion%20into%20the%20Democratic%20National%20Committee%20%C2%BB.pdf |
| 513 | 2016-06-17 | 3342a5172b2ecde86762dd35f61057006dbb7448 | Operation Daybreak | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.17.Operation_Daybreak/Operation%20Daybreak.pdf |
| 514 | 2016-06-21 | 572942e17d84b8ba92393deae0689d96f71a02bb | rpt-china-espionage | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.21.Redline_Drawn_China_Recalculates_Its_Use_of_Cyber_Espionage/rpt-china-espionage.pdf |
| 515 | 2016-06-21 | 98985054ab8d3b6c232132f1957fefc4ba01c7a6 | visiting_the_bear_den_recon_2016_calvet_campos_dupuy-1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.21.visiting_the_bear_den_recon_2016_calvet_campos_dupuy/visiting_the_bear_den_recon_2016_calvet_campos_dupuy-1.pdf |
| 516 | 2016-06-21 | a2b5632453fc7c70f07c1d331c54c610fa64c146 | the-curious-case-of-an-unknown-trojan-targeting-german-speaking-users | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.21.Unknown_Trojan_Targeting_German_Speaking_Users/the-curious-case-of-an-unknown-trojan-targeting-german-speaking-users.pdf |
| 517 | 2016-06-21 | ffa89bc1898a8f9569a69480d8f95ca59220d511 | the-curious-case-of-an-unknown-trojan-targeting-german-speaking-users_2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.21.Unknown_Trojan_Targeting_German_Speaking_Users/the-curious-case-of-an-unknown-trojan-targeting-german-speaking-users_2.pdf |
| 518 | 2016-06-23 | ef8b8170c53ea9a06f702ff07684ec51e0bc8a40 | unit42-tracking-elirks-variants-in-japan-similarities-to-previous-attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.23.Tracking_Elirks_Variants_in_Japan/unit42-tracking-elirks-variants-in-japan-similarities-to-previous-attacks.pdf |
| 519 | 2016-06-26 | 57b1fe8ffc1077abb782decf7a1a902338d17d8f | the-state-of-the-esilelotus-blossom-campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.26.The_State_of_the_ESILE_Lotus_Blossom_Campaign/the-state-of-the-esilelotus-blossom-campaign.pdf |
| 520 | 2016-06-26 | 6dec5ce81f1dbdbd7af97b4d5b1013422fc96534 | threat-update-nigerian-cybercriminals-target-high-impact-indian-industries-via-pony | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.26.Nigerian_Cybercriminals_Target_High_Impact_Industries_in_India/threat-update-nigerian-cybercriminals-target-high-impact-indian-industries-via-pony.pdf |
| 521 | 2016-06-28 | 12a79e8f73c77e470971f742f420a4f2f604b02e | unit42-prince-of-persia-game-over | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.28.prince-of-persia-game-over/unit42-prince-of-persia-game-over.pdf |
| 522 | 2016-06-28 | 4c492341f41d25aa5caff7ef05f20a75a77828ea | ref_researchers-disrupt-iranian-cyberespionage-campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.28.prince-of-persia-game-over/ref_researchers-disrupt-iranian-cyberespionage-campaign.pdf |
| 523 | 2016-06-28 | a7d161c9d48d00ad93a8e6ad2a907e35619d59f5 | 20160628ac-ir_research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.28.Attack_Tool_Investigation/20160628ac-ir_research.pdf |
| 524 | 2016-06-30 | e23eeb26d7468c2ff516ac170bfea387aa75d396 | asruex-malware-infecting-through-shortcut-files.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.06.30.Asruex/asruex-malware-infecting-through-shortcut-files.html.pdf |
| 525 | 2016-07-01 | 6289dff2cbd2750c76517007989483922179fa40 | Bitdefender-Whitepaper-PAC-A4-en-EN1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.01.Bitdefender_Pacifier_APT/Bitdefender-Whitepaper-PAC-A4-en-EN1.pdf |
| 526 | 2016-07-01 | 8fdd96ab4d0e95802cac838cb8221b93da24d1f2 | espionage-toolkit-targeting-central-eastern-europe-uncovered | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.01.SBDH_toolkit_targeting_Central_and_Eastern_Europe/espionage-toolkit-targeting-central-eastern-europe-uncovered.pdf |
| 527 | 2016-07-03 | 38547a8c4e19d82f9ea9424f33b87de8d3b48fb6 | HummingBad-Research-report_FINAL-62916 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.03_From_HummingBad_to_Worse/HummingBad-Research-report_FINAL-62916.pdf |
| 528 | 2016-07-07 | 727b9ed2242c7c62e18b721db3678c5d29df42e6 | Unveiling-Patchwork | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.07.UNVEILING_PATCHWORK/Unveiling-Patchwork.pdf |
| 529 | 2016-07-07 | c931257dcbda322fa1a28021d3454b1110aec308 | nettraveler-apt-targets-russian-european-interests | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.07.nettraveler-apt-targets-russian-european-interests/nettraveler-apt-targets-russian-european-interests.pdf |
| 530 | 2016-07-08 | ddbce0dd2907394801bd17ce8ecaf50ac0401ed2 | The Dropping Elephant actor - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.08.The_Dropping_Elephant/The%20Dropping%20Elephant%20actor%20-%20Securelist.pdf |
| 531 | 2016-07-12 | a2d672d0e620a3060792ca67fecc5bfe2720df50 | nanhaishu_whitepaper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.12.NanHaiShu_RATing_the_South_China_Sea/nanhaishu_whitepaper.pdf |
| 532 | 2016-07-13 | 34a7432982599a2adcdf264e58e7a593213e1a92 | SFG_ Furtim's Parent | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.13.State-Sponsored_SCADA_Malware_targeting_European_Energy_Companies/SFG_%20Furtim%27s%20Parent.pdf |
| 533 | 2016-07-13 | 807e0c662c79a8f4095d4934e004846d711d578e | sfg-furtims-parent | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.13.State-Sponsored_SCADA_Malware_targeting_European_Energy_Companies/sfg-furtims-parent.pdf |
| 534 | 2016-07-13 | b928b0a2e0c93ccfbb1590bc0f4460a9389089ce | Furtim_ The Ultra-Cautious Malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.13.State-Sponsored_SCADA_Malware_targeting_European_Energy_Companies/Furtim_%20The%20Ultra-Cautious%20Malware.pdf |
| 535 | 2016-07-21 | 21b8768b4a631b50c13f20d5668f12e237835874 | (Chinese)rmshixdAPT-C-15-20160630 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.21.Sphinx_Targeted_cyber-attack_in_the_Middle_East/%28Chinese%29rmshixdAPT-C-15-20160630.pdf |
| 536 | 2016-07-21 | f47efbaa0ca27a61c1eb8801e50393ff2fc991a5 | tta1-f04_hide-and-seek-how-threat-actors-respond-in-the-face-of-public-exposure | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.21.Hide_and_Seek/tta1-f04_hide-and-seek-how-threat-actors-respond-in-the-face-of-public-exposure.pdf |
| 537 | 2016-07-21 | f6e55a0b55a2f10bd2de7c9b37882faf4b8fd568 | rmsxden20160721 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.21.Sphinx_Targeted_cyber-attack_in_the_Middle_East/rmsxden20160721.pdf |
| 538 | 2016-07-26 | 37563d47952e48cc0223c8d8d1b84a24ba1f83b9 | unit-42-attack-delivers-9002-trojan-through-google-drive | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.26.Attack_Delivers_9002_Trojan_Through_Google_Drive/unit-42-attack-delivers-9002-trojan-through-google-drive.pdf |
| 539 | 2016-07-28 | 172d40de660b80ca939daaacc2fafc6222768e71 | ICIT-Brief-China-Espionage-Dynasty | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.07.28.China_Espionage_Dynasty/ICIT-Brief-China-Espionage-Dynasty.pdf |
| 540 | 2016-08-02 | 3939d4a4048e0ad0e4416e32763c8f69dc83af56 | Group5_ Syria and the Iranian Connection - The Citizen Lab | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.02.group5-syria/Group5_%20Syria%20and%20the%20Iranian%20Connection%20-%20The%20Citizen%20Lab.pdf |
| 541 | 2016-08-02 | 514d58015cd8abe0f9d65a85100dded872d707f8 | group5-syria | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.02.group5-syria/group5-syria.pdf |
| 542 | 2016-08-03 | cf6fad700146b469d54f47c1541a84bb0dc08bc6 | i-got-a-letter-from-the-government | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.03.i-got-a-letter-from-the-government/i-got-a-letter-from-the-government.pdf |
| 543 | 2016-08-04 | 312cecf6f6b163671637a87ce08b2d6645c0c58e | Running for Office_ Russian APT Toolkits Revealed | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.04.russian-apt-toolkits/Running%20for%20Office_%20Russian%20APT%20Toolkits%20Revealed.pdf |
| 544 | 2016-08-06 | 1e76a31e0437eaf70fd8cb3408a6da8f07b76deb | [CN]_APT-C-09_report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.06.APT-C-09/%5BCN%5D_APT-C-09_report.pdf |
| 545 | 2016-08-06 | fc24eb10e1af16744360738351528a688100844f | [CN]_APT-C-09 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.06.APT-C-09/%5BCN%5D_APT-C-09.pdf |
| 546 | 2016-08-07 | 20e3289035437c6b1465bb8b16da9b5795106a9a | strider-cyberespionage-group-turns-eye-sauron-targets | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.07.Strider_Cyberespionage_group_turns_eye_of_Sauron_on_targets/strider-cyberespionage-group-turns-eye-sauron-targets.pdf |
| 547 | 2016-08-07 | a7a8df94dc6cbbd33eadbb9e39538aa6fe78e798 | Symantec_Remsec_IOCs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.07.Strider_Cyberespionage_group_turns_eye_of_Sauron_on_targets/Symantec_Remsec_IOCs.pdf |
| 548 | 2016-08-08 | 684be4d1e962fbc2514e79dae62b9667b6fccc49 | ProjectSauron_ top level cyber-espionage platform covertly extracts encrypted government comms - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.08.ProjectSauron/ProjectSauron_%20top%20level%20cyber-espionage%20platform%20covertly%20extracts%20encrypted%20government%20comms%20-%20Securelist.pdf |
| 549 | 2016-08-08 | 6c8608b8efbca2ab69d8406d7d561e67cd7f9df8 | The-ProjectSauron-APT_Technical_Analysis_KL | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.08.ProjectSauron/The-ProjectSauron-APT_Technical_Analysis_KL.pdf |
| 550 | 2016-08-08 | a510a638576efbbd0eb7b5fa7dbce838ddde290b | The-ProjectSauron-APT_research_KL | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.08.ProjectSauron/The-ProjectSauron-APT_research_KL.pdf |
| 551 | 2016-08-08 | b910f06ecd66d0a297e2043369b82a29cf770eee | forcepoint-security-labs-monsoon-analysis-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.08.monsoon-analysis-apt-campaign/forcepoint-security-labs-monsoon-analysis-report.pdf |
| 552 | 2016-08-08 | bf2d4ed4b28658d9cb3d5f8787b264395d729961 | The-ProjectSauron-APT_IOCs_KL | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.08.ProjectSauron/The-ProjectSauron-APT_IOCs_KL.pdf |
| 553 | 2016-08-11 | 12503011cfce27ed282658baa893fa8791d27965 | us-16-Guarnieri-Anderson-Iran-And-The-Soft-War-For-Internet-Dominance-paper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.11.Iran-And-The-Soft-War-For-Internet-Dominance/us-16-Guarnieri-Anderson-Iran-And-The-Soft-War-For-Internet-Dominance-paper.pdf |
| 554 | 2016-08-16 | 48fef28b947c6068d84cc19ce4148036da4543c7 | unit42-aveo-malware-family-targets-japanese-speaking-users | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.16.aveo-malware-family-targets-japanese/unit42-aveo-malware-family-targets-japanese-speaking-users.pdf |
| 555 | 2016-08-17 | f562ca8ebe092d83ce673dee5343f728da333782 | Operation Ghoul_ targeted attacks on industrial and engineering organizations - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.17_operation-ghoul/Operation%20Ghoul_%20targeted%20attacks%20on%20industrial%20and%20engineering%20organizations%20-%20Securelist.pdf |
| 556 | 2016-08-19 | 1cb7f7b4f59a8f06892dfb692be6adf5366c1488 | Russian_Cyber_Operations_On_Steroids | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.19.fancy-bear-anti-doping-agency-phishing/Russian_Cyber_Operations_On_Steroids.pdf |
| 557 | 2016-08-24 | e7b604381d8c80c06acf01daef346539f9cc8e1e | million-dollar-dissident-iphone-zero-day-nso-group-uae | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.24.million-dollar-dissident-iphone-zero-day-nso-group-uae/million-dollar-dissident-iphone-zero-day-nso-group-uae.pdf |
| 558 | 2016-08-25 | 99f8d948b133c10f03dc642ffdefc72ec6ef4cf5 | lookout-pegasus-technical-analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.08.25.lookout-pegasus-technical-analysis/lookout-pegasus-technical-analysis.pdf |
| 559 | 2016-09-01 | 58b20802df0d91b67bc29bce5ccb50a90b723cd0 | human-rights-impersonation-malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.09.01.human-rights-impersonation-malware/human-rights-impersonation-malware.pdf |
| 560 | 2016-09-06 | 36cc8f9d42465b2ac2681772862e21ecb2eaa137 | Buckeye.cyberespionage.group.shifts.gaze.from.US.to.Hong.Kong.-.Symantec | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.09.06.buckeye-cyberespionage-group-shifts-gaze-us-hong-kong/Buckeye.cyberespionage.group.shifts.gaze.from.US.to.Hong.Kong.-.Symantec.pdf |
| 561 | 2016-09-14 | 2f19f28899cc89c7b74a4b9c646a1b0d6d59e3df | mile-tea-cyber-espionage-campaign-targets-asia-pacific-businesses-and-government-agencies | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.09.14.MILE_TEA/mile-tea-cyber-espionage-campaign-targets-asia-pacific-businesses-and-government-agencies.pdf |
| 562 | 2016-09-18 | 528e04eea263ae76084664f0c77f51ab500f50b3 | Hunting Libyan Scorpions _ Cyberkov _ Professional Cybersecurity & Consultation Firm_ | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.09.18.Hunting-Libyan-Scorpions/Hunting%20Libyan%20Scorpions%20_%20Cyberkov%20_%20Professional%20Cybersecurity%20%26%20Consultation%20Firm_.pdf |
| 563 | 2016-09-18 | 9030bce0306febd7e94fd047d480512583889389 | Hunting-Libyan-Scorpions-EN | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.09.18.Hunting-Libyan-Scorpions/Hunting-Libyan-Scorpions-EN.pdf |
| 564 | 2016-09-18 | a46df8cb683eda75ffe801ea611ae44201f1bc71 | Hunting-Libyan-Scorpions-AR | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.09.18.Hunting-Libyan-Scorpions/Hunting-Libyan-Scorpions-AR.pdf |
| 565 | 2016-09-26 | 3f02cc3588ec839349ff8abd3eaa358f4f286580 | unit42-sofacys-komplex-os-x-trojan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.09.26_Sofacy_Komplex_OSX_Trojan/unit42-sofacys-komplex-os-x-trojan.pdf |
| 566 | 2016-09-28 | 85b30d108bfd5951bb93730c2656346a967cbe21 | Confucius Says...Malware Families Get Further By Abusing Legitimate Websites | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.09.28.Confucius_Says/Confucius%20Says...Malware%20Families%20Get%20Further%20By%20Abusing%20Legitimate%20Websites.pdf |
| 567 | 2016-09-28 | 86c06d806c6a2f7fc9e863098cbe616aab222773 | Russia Hacks Bellingcat MH17 Investigation _ ThreatConnect | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.09.28.russia-hacks-bellingcat-mh17-investigation/Russia%20Hacks%20Bellingcat%20MH17%20Investigation%20_%20ThreatConnect.pdf |
| 568 | 2016-09-29 | 7b989c73b32583b752456c92556d654d3b6ce1b8 | CS_organisation_CHINA_092016 (1) | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.09.29.China_and_Cyber_Attitudes_Strategies_Organisation/CS_organisation_CHINA_092016%20%281%29.pdf |
| 569 | 2016-10-03 | b0a928c9b7bb1c8dfb4da791e5e928550d521478 | On the StrongPity Waterhole Attacks - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.03.StrongPity/On%20the%20StrongPity%20Waterhole%20Attacks%20-%20Securelist.pdf |
| 570 | 2016-10-05 | 12ecd2809c35c574672cb2b1b22323aa9de1d69a | Bartholomew-GuerreroSaade-VB2016 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.05_Wave_Your_False_flag/Bartholomew-GuerreroSaade-VB2016.pdf |
| 571 | 2016-10-16 | 4812e3e7c965cf14148feb5c4b2cb583612972a8 | threatconnect-discovers-chinese-apt-activity-in-europe | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.16.A_Tale_of_Two_Targets/threatconnect-discovers-chinese-apt-activity-in-europe.pdf |
| 572 | 2016-10-20 | aa59479dccb863926ace7d5a6d87e356eb9dad4a | eset-sednit-part1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.20.En_Route_with_Sednit/eset-sednit-part1.pdf |
| 573 | 2016-10-25 | 56fa70aae3ab16acfba094af1896d186038ad134 | Houdini.s.Magic.Reappearance.-.Palo.Alto.Networks.Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.25.Houdini_Magic_Reappearance/Houdini.s.Magic.Reappearance.-.Palo.Alto.Networks.Blog.pdf |
| 574 | 2016-10-25 | 6f1dfb7fc2367f5787b076deb44f37704a682caa | eset-sednit-part-2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.25.Lifting_the_lid_on_Sednit/eset-sednit-part-2.pdf |
| 575 | 2016-10-26 | 19e5a53b85457ad6aef593e18e190a7d6bcaa704 | moonlight-middle-east-targeted-attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.26.Moonlight_Middle_East/moonlight-middle-east-targeted-attacks.pdf |
| 576 | 2016-10-27 | 2cd04b3b878180782e8467c2cbe69d301a0d98ec | eset-sednit-part3 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.27.En_Route_Part3/eset-sednit-part3.pdf |
| 577 | 2016-10-27 | bd52c0809e379a7dabdb35fcbb07d077f10a6edc | BLACKGEAR.Espionage.Campaign.Evolves.-.Trend.Micro | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.27.BLACKGEAR_Espionage_Campaign_Evolves/BLACKGEAR.Espionage.Campaign.Evolves.-.Trend.Micro.pdf |
| 578 | 2016-10-27 | c7f1af600ea574490820cb2d86c1585a4908623d | TrendLabs Security Intelligence BlogBLACKGEAR Espionage Campaign Evolves, Adds Japan To Target List - TrendLabs Security Intelligence Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.27.BLACKGEAR_Espionage_Campaign_Evolves/TrendLabs%20Security%20Intelligence%20BlogBLACKGEAR%20Espionage%20Campaign%20Evolves%2C%20Adds%20Japan%20To%20Target%20List%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf |
| 579 | 2016-10-31 | 3773109fc3b0607f90b13d91f3c57da2b6aa618d | Emissary Trojan Changelog_ Did Operation Lotus Blossom Cause It to Evolve_ - Palo Alto Networks Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.31.Emissary_Trojan_Changelog/Emissary%20Trojan%20Changelog_%20Did%20Operation%20Lotus%20Blossom%20Cause%20It%20to%20Evolve_%20-%20Palo%20Alto%20Networks%20Blog.pdf |
| 580 | 2016-10-31 | 72b119031cde0a78ff6f778c6b8670f4d1f86b16 | emissary-trojan-changelog-did-operation-lotus-blossom-cause-it-to-evolve | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.10.31.Emissary_Trojan_Changelog/emissary-trojan-changelog-did-operation-lotus-blossom-cause-it-to-evolve.pdf |
| 581 | 2016-11-03 | 6a6ad533b71fd64fc9dd4948e920a0992f637302 | ukraine-report-when-the-lights-went-out | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.11.03.Ukraine_Cybersecurity_Threat_Briefing/ukraine-report-when-the-lights-went-out.pdf |
| 582 | 2016-11-09 | 0640ebb4e8649c9ae93cb0bba624deb30bbebc8e | Down the H-W0rm Hole with Houdini's RAT - Threat Geek | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.11.09_down-the-h-w0rm-hole-with-houdinis-rat/Down%20the%20H-W0rm%20Hole%20with%20Houdini%27s%20RAT%20-%20Threat%20Geek.pdf |
| 583 | 2016-11-09 | 6c7dc24ad7b53bb6cf0d606ba7537b7360f9b727 | down-the-h-w0rm-hole-with-houdinis-rat.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.11.09_down-the-h-w0rm-hole-with-houdinis-rat/down-the-h-w0rm-hole-with-houdinis-rat.html.pdf |
| 584 | 2016-11-22 | ef9fb290ad2bef98cd50f966dd8228714d0f68a0 | tropic-trooper-targets-taiwanese | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.11.22.tropic-trooper-targets-taiwanese-government-and-fossil-fuel-provider-with-poison-ivy/tropic-trooper-targets-taiwanese.pdf |
| 585 | 2016-11-30 | c1bcbdc216cbfe9228a31997a2d5da6abdb27699 | nic-cyber-security-themed-spear-phishing-target-indian-government-organizations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.11.30.nic-cyber-security-themed/nic-cyber-security-themed-spear-phishing-target-indian-government-organizations.pdf |
| 586 | 2016-12-13 | cce1f08c2f7f6a358b948a78a99be0f833563795 | rise-telebots-analyzing-disruptive-killdisk-attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.12.13.rise-telebots-analyzing-disruptive-killdisk-attacks/rise-telebots-analyzing-disruptive-killdisk-attacks.pdf |
| 587 | 2016-12-15 | d784a99302475c2a1bcc39fe42097d7d1908acc7 | Microsoft_Security_Intelligence_Report_Volume_21_English | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2016/2016.12.15.PROMETHIUM_and_NEODYMIUM/Microsoft_Security_Intelligence_Report_Volume_21_English.pdf |
| 588 | 2017-01-05 | 6cde19e1a9cff481845a16d962f1807c03d8fa1f | Iranian Fileless Attack Infiltrates Israeli Organizations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.05.Iranian_Threat_Agent_OilRig/Iranian%20Fileless%20Attack%20Infiltrates%20Israeli%20Organizations.pdf |
| 589 | 2017-01-05 | bc1f173e272722c900afb3bbba0c7bd44f4c9a19 | Iranian Threat Agent OilRig Delivers Digitally Signed Malware, Impersonates University of Oxford _ ClearSky Cybersecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.05.Iranian_Threat_Agent_OilRig/Iranian%20Threat%20Agent%20OilRig%20Delivers%20Digitally%20Signed%20Malware%2C%20Impersonates%20University%20of%20Oxford%20_%20ClearSky%20Cybersecurity.pdf |
| 590 | 2017-01-09 | f4216af597c0aa584753043e1c6821a3fa668137 | unit42-second-wave-shamoon-2-attacks-identified | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.09.second-wave-shamoon-2-attacks-identified/unit42-second-wave-shamoon-2-attacks-identified.pdf |
| 591 | 2017-01-11 | f5eb271671c7a2def034329d77843ac296266b0c | APT28-Center-of-Storm-2017 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.11.apt28_at_the_center/APT28-Center-of-Storm-2017.pdf |
| 592 | 2017-01-12 | 3bd94e429da7b43099a2d041deb5b68e6d426ac3 | The “EyePyramid” Attacks - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.12.EyePyramid.attacks/The%20%E2%80%9CEyePyramid%E2%80%9D%20Attacks%20-%20Securelist.pdf |
| 593 | 2017-01-15 | 010660f48c09725d25425216de0d985a62837ff2 | [tr1adx]_ Intel | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.15.Bear_Spotting_Vol.1/%5Btr1adx%5D_%20Intel.pdf |
| 594 | 2017-01-18 | d24be75959478224c4010d195a3db784a9dc56ca | Operation Grand Mars | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.18.Operation-Grand-Mars/Operation%20Grand%20Mars.pdf |
| 595 | 2017-01-19 | 1bc8aa72a26fa5236943b01a6a34704417419332 | Kashmir_Protest_Themed | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.19.uri-terror-attack/Kashmir_Protest_Themed.pdf |
| 596 | 2017-01-25 | 48d86b7a5c92c445dc1903dcf9f20fceb9f49ca5 | etecting-threat-actors-in-recent-german-industrial-attacks-with-windows-defender-atp | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.25.german-industrial-attacks/etecting-threat-actors-in-recent-german-industrial-attacks-with-windows-defender-atp.pdf |
| 597 | 2017-01-30 | b95f46cb8ba0cd021950a6afcd2599ce9ba370cd | unit42-downeks-and-quasar-rat-used-in-recent-targeted-attacks-against-governments | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.01.30.downeks-and-quasar-rat-used-in-recent-targeted-attacks-against-governments/unit42-downeks-and-quasar-rat-used-in-recent-targeted-attacks-against-governments.pdf |
| 598 | 2017-02-02 | 0963171828af8106b91aab81cb9ed2006275f0e5 | APT-targets-russia-belarus-zerot-plugx | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.02.APT_Targets_Russia_and_Belarus_with_ZeroT_and_PlugX/APT-targets-russia-belarus-zerot-plugx.pdf |
| 599 | 2017-02-03 | 74962bac9526b55dfcd0c6690b2980f7483e587b | kingslayer-a-supply-chain-attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.03.kingslayer-a-supply-chain-attack/kingslayer-a-supply-chain-attack.pdf |
| 600 | 2017-02-03 | deeba3d9eb8775ebcbd74616bf4dce178fbf8b2f | Several Polish banks hacked, information stolen by unknown attackers – BadCyber | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.03.several-polish-banks-hacked/Several%20Polish%20banks%20hacked%2C%20information%20stolen%20by%20unknown%20attackers%20%E2%80%93%20BadCyber.pdf |
| 601 | 2017-02-10 | 7f8c3d1d34755bd52f850bad0bc2dc1db6783661 | AR-17-20045_Enhanced_Analysis_of_GRIZZLY_STEPPE_Activity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.10.Enhanced_Analysis_of_GRIZZLY_STEPPE/AR-17-20045_Enhanced_Analysis_of_GRIZZLY_STEPPE_Activity.pdf |
| 602 | 2017-02-10 | bb761cada9851eb8e5c157b11dabf4f79bb58067 | Cyber_Attack_Targeting_Indian_Navy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.10.cyber-attack-targeting-indian-navys-submarine-warship-manufacturer/Cyber_Attack_Targeting_Indian_Navy.pdf |
| 603 | 2017-02-12 | 9b1e2f1d16bae995ad260ee499f0836c601807ee | lazarus-watering-hole-attacks.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.12.lazarus-watering-hole-attacks/lazarus-watering-hole-attacks.html.pdf |
| 604 | 2017-02-14 | 0cf03f3cf71ebd7edc4aa9996fa43138624bd302 | Operation Kingphish_ Uncovering a Campaign of Cyber Attacks against Civil Society in Qatar and… – Amnesty Insights – Medium | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.14.Operation_Kingphish/Operation%20Kingphish_%20Uncovering%20a%20Campaign%20of%20Cyber%20Attacks%20against%20Civil%20Society%20in%20Qatar%20and%E2%80%A6%20%E2%80%93%20Amnesty%20Insights%20%E2%80%93%20Medium.pdf |
| 605 | 2017-02-15 | 1997a46afb1d791a45ff71cce472b5c90b4631af | the-full-shamoon-how-the-devastating-malware-was-inserted-into-networks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.15.the-full-shamoon/the-full-shamoon-how-the-devastating-malware-was-inserted-into-networks.pdf |
| 606 | 2017-02-15 | 5dc3430cb566bde8ba4dbd49b3b209b0a435e30d | unit42-magic-hound-campaign-attacks-saudi-targets | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.15.magic-hound-campaign/unit42-magic-hound-campaign-attacks-saudi-targets.pdf |
| 607 | 2017-02-15 | 6eaba42a64f8c2e1868e6edf441fffe082a4959d | Deep Dive on the DragonOK Rambo Backdoor _ Morphick Cyber Security | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.15.deep-dive-dragonok-rambo-backdoor/Deep%20Dive%20on%20the%20DragonOK%20Rambo%20Backdoor%20_%20Morphick%20Cyber%20Security.pdf |
| 608 | 2017-02-15 | b9a73685d0d59c0b8103e2890250b550c7ac2b96 | iranian-pupyrat-bites-middle-eastern-organizations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.15.iranian-pupyrat-bites-middle-eastern-organizations/iranian-pupyrat-bites-middle-eastern-organizations.pdf |
| 609 | 2017-02-16 | a6c62ce04ae30424f380773023950d94455fc349 | Technical analysis of recent attacks against Polish banks – BadCyber | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.16.Technical_analysis_Polish_banks/Technical%20analysis%20of%20recent%20attacks%20against%20Polish%20banks%20%E2%80%93%20BadCyber.pdf |
| 610 | 2017-02-17 | 62d2eb6112d88baf0b14302e12e31425265ccb74 | chches-malware--93d6.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.17.chches-malware/chches-malware--93d6.html.pdf |
| 611 | 2017-02-20 | 9072321a018c8810d71002113c3b3f4a0873e676 | lazarus-false-flag-malware.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.20.Lazarus_False_Flag_Malware/lazarus-false-flag-malware.html.pdf |
| 612 | 2017-02-21 | 9bc78d8d0e54e6bed8370304f3ce4c81826f0eda | additional-insights-shamoon2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.21.Additional_Insights_on_Shamoon2/additional-insights-shamoon2.pdf |
| 613 | 2017-02-22 | 15a0e44be3330d20b64852a04cad695dc699bd8c | spear_phishing_techn.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.22.Spear_Phishing_Mongolian_Government/spear_phishing_techn.html.pdf |
| 614 | 2017-02-23 | d206b485a42c611ed9fe6a0b1a3ed086e954bd30 | Bitdefender-Whitepaper-APT-Mac-A4-en-EN-web | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.23.APT28_Mac_OS_X_Payload/Bitdefender-Whitepaper-APT-Mac-A4-en-EN-web.pdf |
| 615 | 2017-02-27 | 7c7567206d222546376079a19c07b615d9538cf3 | The Gamaredon Group Toolset Evolution - Palo Alto Networks Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.27.gamaredon-group-toolset-evolution/The%20Gamaredon%20Group%20Toolset%20Evolution%20-%20Palo%20Alto%20Networks%20Blog.pdf |
| 616 | 2017-02-28 | 841e63f842029a2a45047edee7312cae9a3e1353 | AtomBombing_ Brand New Code Injection for Windows - Breaking Malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_%20Brand%20New%20Code%20Injection%20for%20Windows%20-%20Breaking%20Malware.pdf |
| 617 | 2017-02-28 | 8b3ebc21903c070ac70264bd8dd7ecd681e9b78e | Dridex's Cold War_ Enter AtomBombing | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.28.dridexs-cold-war-enter-atombombing/Dridex%27s%20Cold%20War_%20Enter%20AtomBombing.pdf |
| 618 | 2017-02-28 | 8ffce0fd5ec946cbb5da03a5a0f2796525aa600a | AtomBombing_ A Code Injection that Bypasses Current Security Solutions | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.02.28.dridexs-cold-war-enter-atombombing/AtomBombing_%20A%20Code%20Injection%20that%20Bypasses%20Current%20Security%20Solutions.pdf |
| 619 | 2017-03-06 | 59a92a3bd0a359bb6353578ab1a241fc50529225 | Report_Shamoon_StoneDrill_final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.03.06.from-shamoon-to-stonedrill/Report_Shamoon_StoneDrill_final.pdf |
| 620 | 2017-03-08 | f8e850c0d5b3db84e2271da13afb043d2c55819d | Targeted Attack Campaigns with Multi-Variate Malware Observed in the Cloud - Netskope | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.03.08.Targeted_Attack_Campaigns/Targeted%20Attack%20Campaigns%20with%20Multi-Variate%20Malware%20Observed%20in%20the%20Cloud%20-%20Netskope.pdf |
| 621 | 2017-03-14 | 73e541a765c5634ef9beb3ff02cbce03387eb322 | Operation_Electric_Powder | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.03.14.Operation_Electric_Powder/Operation_Electric_Powder.pdf |
| 622 | 2017-03-15 | 61d6c5357eb7d3f894947eca04307396beb7d77f | english-report-of-fhappi-freehosting | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.03.15.FHAPPI_Campaign/english-report-of-fhappi-freehosting.pdf |
| 623 | 2017-04-05 | b2f76581b1f81deb6f482301f120bf103dfee7fe | Targeted Attacks in the Middle East Using KASPERAGENT and MICROPSIA - Palo Alto Networks Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.04.05.KASPERAGENT_and_MICROPSIA/Targeted%20Attacks%20in%20the%20Middle%20East%20Using%20KASPERAGENT%20and%20MICROPSIA%20-%20Palo%20Alto%20Networks%20Blog.pdf |
| 624 | 2017-04-06 | 21fa3482e808cc32ef762131560c8889b1bb641e | cloud-hopper-report-final-v4 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.04.06.Operation_Cloud_Hopper/cloud-hopper-report-final-v4.pdf |
| 625 | 2017-04-06 | 363c1f74cffd26d777fc13bc99276a8874da4828 | cloud-hopper-report-final-upda_72977 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.04.06.Operation_Cloud_Hopper/cloud-hopper-report-final-upda_72977.pdf |
| 626 | 2017-04-10 | d4ac9a7d29ae849228c231d4a329a0de75db03f5 | Longhorn_ Tools used by cyberespionage group linked to Vault 7 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.04.10_Longhorn/Longhorn_%20Tools%20used%20by%20cyberespionage%20group%20linked%20to%20Vault%207.pdf |
| 627 | 2017-04-11 | fc7f3b5e0274380f2dcbf1314e416156782749b2 | Unraveling the Lamberts Toolkit | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.04.11.Lamberts_Toolkit/Unraveling%20the%20Lamberts%20Toolkit.pdf |
| 628 | 2017-04-13 | 749fcb8711afe06402e0a97903bfe2b4073bacc6 | callisto-group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.04.13.callisto-group/callisto-group.pdf |
| 629 | 2017-04-27 | 8e2d9ead7e25aea7ce175ae4ce6c753961695de2 | iranian-fileless-cyberattack-on-israel | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.04.27.iranian-fileless-cyberattack-on-israel-word-vulnerability/iranian-fileless-cyberattack-on-israel.pdf |
| 630 | 2017-05-03 | 576a6743910be6c4f9ed71ab63e9d9f20665e1a7 | kazuar | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.05.03.kazuar-multiplatform-espionage-backdoor-api-access/kazuar.pdf |
| 631 | 2017-05-03 | ada599ed6529fb13552b715d63fc150dc439d2bd | konni-malware-under-radar-for-years.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.05.03.konni-malware-under-radar-for-years/konni-malware-under-radar-for-years.html.pdf |
| 632 | 2017-05-14 | f8e9e357ff59df2cdcb81b18271e8f544663cd0e | cyber-espionage-apt32 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.05.14.cyber-espionage-apt32/cyber-espionage-apt32.pdf |
| 633 | 2017-05-24 | cffa0201901e5c88040f4b3688b60bb3a11c3f76 | operation-cobalt-kitty | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.05.24.OPERATION_COBALT_KITTY/operation-cobalt-kitty.pdf |
| 634 | 2017-05-30 | 63539ba31b08519f49476e7d509f0b1a9b2445d0 | Group-IB_Lazarus | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.05.30.Lazarus_Arisen/Group-IB_Lazarus.pdf |
| 635 | 2017-06-12 | 9e6f9b8b5b22c32c1ec5d53ed1992f8f83013140 | Win32_Industroyer | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.12.INDUSTROYER/Win32_Industroyer.pdf |
| 636 | 2017-06-12 | f86cc703b475135372a6639e12d4651121e23fff | CrashOverride-01 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.12.CRASHOVERRIDE/CrashOverride-01.pdf |
| 637 | 2017-06-13 | 975f32de446850319102be1462f9c232c9a9a716 | TA17-164A | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.13.HIDDEN_COBRA/TA17-164A.pdf |
| 638 | 2017-06-14 | 6e20a79dbcbfb4449a38878bc5652538b6ac6c7f | KASPERAGENT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.14.KASPERAGENT/KASPERAGENT.pdf |
| 639 | 2017-06-15 | 9d01db23f6ca3a44838c7ece1e023878807c9b35 | North Korea Is Not Crazy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.15.north-korea-cyber-activity/North%20Korea%20Is%20Not%20Crazy.pdf |
| 640 | 2017-06-18 | 4bae883feddc4e8b1c2593c848b7f434b125b6e4 | RECON-MTL-2017-evolution_of_pirpi | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.18.APT3_Uncovered_The_code_evolution_of_Pirpi/RECON-MTL-2017-evolution_of_pirpi.pdf |
| 641 | 2017-06-19 | 259bf1dfeb4a1f9edec3b8fedc85bb07d74fa18b | PoS Malware ShellTea PoSlurp_0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.19.SHELLTEA_POSLURP_MALWARE/PoS%20Malware%20ShellTea%20PoSlurp_0.pdf |
| 642 | 2017-06-22 | 7c07a6c907e151bfdb785f4ada9de8e1e6d8d003 | TrendLabs Security Intelligence BlogFollowing the Trail of BlackTech’s Cyber Espionage Campaigns - TrendLabs Security Intelligence Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.22.following-trail-blacktech-cyber-espionage-campaigns/TrendLabs%20Security%20Intelligence%20BlogFollowing%20the%20Trail%20of%20BlackTech%E2%80%99s%20Cyber%20Espionage%20Campaigns%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf |
| 643 | 2017-06-22 | d3b5aa6085c4ed0c90681c8cbd1d680cb5cff17a | unit42-new-improved-macos-backdoor-oceanlotus | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.22.new-improved-macos-backdoor-oceanlotus/unit42-new-improved-macos-backdoor-oceanlotus.pdf |
| 644 | 2017-06-22 | df18330841082d967b74c11762561c16666ed9a2 | following-trail-blacktech-cyber-espionage-campaigns | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.22.following-trail-blacktech-cyber-espionage-campaigns/following-trail-blacktech-cyber-espionage-campaigns.pdf |
| 645 | 2017-06-26 | d6bc0def8943d25eaef9486fd352eec104b6ea6c | threat-group-4127-targets-google-accounts | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.26.Threat_Group-4127/threat-group-4127-targets-google-accounts.pdf |
| 646 | 2017-06-30 | a00e87b7c84b238136e6b7e03faa7032a1f1462b | From BlackEnergy to ExPetr - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.30.From_BlackEnergy_to_ExPetr/From%20BlackEnergy%20to%20ExPetr%20-%20Securelist.pdf |
| 647 | 2017-06-30 | e3f17c26a1e9baf918a27b23ed3e6b7e972f0fb1 | TeleBots are back_ supply-chain attacks against Ukraine | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.06.30.telebots-back-supply-chain/TeleBots%20are%20back_%20supply-chain%20attacks%20against%20Ukraine.pdf |
| 648 | 2017-07-05 | 8f18178e7e830fe97544869badff8d42441ac398 | Insider_Information | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.05.insider-information/Insider_Information.pdf |
| 649 | 2017-07-06 | a732599e776cfca3ffcd998b07d4e2b489ca639b | operation-desert-eagle.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.06.Operation_Desert_Eagle/operation-desert-eagle.html.pdf |
| 650 | 2017-07-10 | 2af1cf8ac72832ec56cd0f4b6de1e7c4ebb64709 | osx_dok-mac-malware-emmental-hijacks-user-network-traffic | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.10.osx_dok-mac-malware-emmental-hijacks-user-network-traffic/osx_dok-mac-malware-emmental-hijacks-user-network-traffic.pdf |
| 651 | 2017-07-11 | affa81ab17dd8a0e884e10a393b7027a4e6a580c | winnti-evolution-going-open-source.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.11.winnti-evolution-going-open-source/winnti-evolution-going-open-source.html.pdf |
| 652 | 2017-07-18 | 39e53915de468512258066c3ae2875770bd68c45 | Bitdefender-Whitepaper-Inexsmar-A4-en-EN | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.18.Inexsmar/Bitdefender-Whitepaper-Inexsmar-A4-en-EN.pdf |
| 653 | 2017-07-18 | 4b6319176b1caca3eac47744e74716aafa8e7e3a | Recent Winnti Infrastructure and Samples _ ClearSky Cybersecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.18.winnti/Recent%20Winnti%20Infrastructure%20and%20Samples%20_%20ClearSky%20Cybersecurity.pdf |
| 654 | 2017-07-18 | 5fe96500781232a5b174eaedd85e81a6bbcebebf | blog Inexsmar | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.18.Inexsmar/blog%20Inexsmar.pdf |
| 655 | 2017-07-24 | 511167edf95430fe5f3fb8ec664fd8c00ee5053c | unit42-tick-group-continues-attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.24.Tick_group/unit42-tick-group-continues-attacks.pdf |
| 656 | 2017-07-27 | 05208f1ec08dcce22f2e0a99eaa27310a108d869 | Operation_Wilted_Tulip (1) | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.27.Operation_Wilted_Tulip/Operation_Wilted_Tulip%20%281%29.pdf |
| 657 | 2017-07-27 | 4746babb3e6b979dac62ea0ecb213c93bd06b04d | chessmaster-cyber-espionage-campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.27.chessmaster-cyber-espionage-campaign/chessmaster-cyber-espionage-campaign.pdf |
| 658 | 2017-07-27 | e09481571961cea9b0f3153c97c5c16038e1401d | unit42-oilrig-uses-ismdoor-variant-possibly-linked-greenbug-threat-group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.27.oilrig-uses-ismdoor-variant-possibly-linked-greenbug-threat-group/unit42-oilrig-uses-ismdoor-variant-possibly-linked-greenbug-threat-group.pdf |
| 659 | 2017-07-27 | e93db24a29cac99be5fef3ba7cde258776b68eef | Appendix | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.07.27.chessmaster-cyber-espionage-campaign/Appendix.pdf |
| 660 | 2017-08-01 | 6d975a5497a8214758417eadb9a5d2fb79e40cb1 | cobalt-group-2017-cobalt-strikes-back.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.08.01.cobalt-group-2017-cobalt-strikes-back/cobalt-group-2017-cobalt-strikes-back.html.pdf |
| 661 | 2017-08-08 | 6b92046c8fb69c2eba71325a808f9b5772e76ae7 | APT Trends report Q2 2017 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.08.08.APT_Trends_Report_2017Q2/APT%20Trends%20report%20Q2%202017.pdf |
| 662 | 2017-08-11 | 96183f8abeab7d62d5db6f2d4761766d05ec4507 | apt28-targets-hospitality-sector.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.08.11.apt28-targets-hospitality-sector/apt28-targets-hospitality-sector.html.pdf |
| 663 | 2017-08-15 | 18fcefcdc2861109df40b7d4f89c88f01153ebe6 | Notepad_and_Chthonic | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.08.15.Notepad_and_Chthonic/Notepad_and_Chthonic.pdf |
| 664 | 2017-08-17 | 480311eaa22f578ef695b43791d9f76754f77af1 | Turla_APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.08.17.turla-apt-actor-refreshes-kopiluwak-javascript-backdoor/Turla_APT.pdf |
| 665 | 2017-08-18 | c42879e3e3393f1cd6a716273d4eee1b023029bd | Russian-Bank-Offices | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.08.18.Russian_Bank_Offices_Hit/Russian-Bank-Offices.pdf |
| 666 | 2017-08-25 | ee48407bd11f46dcc700d8d43e1eedfd49e8ef3d | operation-rat-cook-chinese-apt-actors-use-fake-game-thrones-leaks-lures | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.08.25.operation-rat-cook/operation-rat-cook-chinese-apt-actors-use-fake-game-thrones-leaks-lures.pdf |
| 667 | 2017-08-30 | 2c5e1689900d6f92ec985be4f9f1df9f9b52de30 | eset-gazer | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.08.30.Gazing_at_Gazer/eset-gazer.pdf |
| 668 | 2017-08-30 | c6ae240fe72e85a0e413aefda3bd980ade0df153 | Introducing WhiteBear - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.08.30.Introducing_WhiteBear/Introducing%20WhiteBear%20-%20Securelist.pdf |
| 669 | 2017-09-06 | 1ed7aca75422d01c464e9786e6a156d1fb6e7720 | Dragonfly_ Western energy sector targeted by sophisticated attack group _ Symantec Connect Community | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.06.dragonfly-western-energy-sector-targeted-sophisticated-attack-group/Dragonfly_%20Western%20energy%20sector%20targeted%20by%20sophisticated%20attack%20group%20_%20Symantec%20Connect%20Community.pdf |
| 670 | 2017-09-06 | 29e1e27c9564c0a7b52481295a83b1b8482393dc | blog Dragonfly 2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.06.intelligence-games-in-the-power-grid-2016/blog%20Dragonfly%202.pdf |
| 671 | 2017-09-06 | cbcdc4cb1305cfea35df9364e347f2989cc435c9 | intelligence-games-in-the-power-grid-2016 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.06.intelligence-games-in-the-power-grid-2016/intelligence-games-in-the-power-grid-2016.pdf |
| 672 | 2017-09-12 | 4216dbf87e7728c248780b5abf6a455435562107 | zero-day-used-to-distribute-finspy.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.12.FINSPY_CVE-2017-8759/zero-day-used-to-distribute-finspy.html.pdf |
| 673 | 2017-09-18 | ad56b26eb6144508b32feb518a73707a99247c03 | CCleanup | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.18.CCleanup/CCleanup.pdf |
| 674 | 2017-09-18 | fa92c0e06a7469a3dab6a34d37528bc173d517eb | An (un)documented Word feature abused by attackers _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.18.Windows_branch_of_the_Cloud_Atlas/An%20%28un%29documented%20Word%20feature%20abused%20by%20attackers%20_%20Securelist.pdf |
| 675 | 2017-09-20 | 5180b9f4648bda9dbcecb6d60bcd1213a1ebf97c | CCleaner_C2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.20.CCleanup_C2/CCleaner_C2.pdf |
| 676 | 2017-09-20 | a39f0d00e020ea4eb9e104a3aeed959c01bf8306 | Insights into Iranian Cyber Espionage_ APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware « Threat Research Blog _ FireEye Inc | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.20.apt33-insights-into-iranian-cyber-espionage/Insights%20into%20Iranian%20Cyber%20Espionage_%20APT33%20Targets%20Aerospace%20and%20Energy%20Sectors%20and%20has%20Ties%20to%20Destructive%20Malware%20%C2%AB%20Threat%20Research%20Blog%20_%20FireEye%20Inc.pdf |
| 677 | 2017-09-20 | f5cadff536797504676152ebb92faeeb32539406 | Aurora_Operation_CCleaner | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.20.Aurora_Operation_CCleaner/Aurora_Operation_CCleaner.pdf |
| 678 | 2017-09-28 | 2de8ba6f7036c042204203b326a2d4b28596b5a4 | Threat Actors Target Government of Belarus Using CMSTAR Trojan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.28.Belarus_CMSTAR_Trojan/Threat%20Actors%20Target%20Government%20of%20Belarus%20Using%20CMSTAR%20Trojan.pdf |
| 679 | 2017-10-02 | 07798378a61e5b51e15ec24e0c28cdfba50fedf1 | Aurora_Operation_CCleaner_II | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.02.Aurora_Operation_CCleaner_II/Aurora_Operation_CCleaner_II.pdf |
| 680 | 2017-10-10 | c11ac6a6b4d8b2e45afa90658104f92d3315d229 | TW SpiderLabs Advanced Brief_Post-Soviet Bank Heists_PDF | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.10.Post-Soviet-Bank-Heists/TW%20SpiderLabs%20Advanced%20Brief_Post-Soviet%20Bank%20Heists_PDF.pdf |
| 681 | 2017-10-12 | ca5db110c6eff4afde63016823a546599e49dba6 | bronze-butler-targets-japanese-businesses | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.12.BRONZE_BUTLER/bronze-butler-targets-japanese-businesses.pdf |
| 682 | 2017-10-16 | 0d98f0605864ff868915aebe136216db46d997d6 | Leviathan_Espionage_actor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.16.Leviathan/Leviathan_Espionage_actor.pdf |
| 683 | 2017-10-16 | 0d9aab08a0ef223d0fba363b8c2ed4d0093ee291 | BAESytems_Taiwan-Heist-Lazarus-Tools-Ransomware(10-16-2017) | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.16.Taiwan-Heist/BAESytems_Taiwan-Heist-Lazarus-Tools-Ransomware%2810-16-2017%29.pdf |
| 684 | 2017-10-16 | ed0376c06e97bf7f9887dcbf789e165d52f70070 | BlackOasis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.16.BlackOasis_APT/BlackOasis.pdf |
| 685 | 2017-10-19 | 67d5b56d384ebc3eff678ca4a3544fcbcfd48e6e | Bitdefender-Business-2017-WhitePaper-PZCHAO-crea2452-en-EN-GenericUse | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.19.Operation_PZCHAO/Bitdefender-Business-2017-WhitePaper-PZCHAO-crea2452-en-EN-GenericUse.pdf |
| 686 | 2017-10-24 | 2d3ca80570c9425fec0b86e8788672b51c05d798 | Greenbug | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.24.greenbug/Greenbug.pdf |
| 687 | 2017-10-27 | a7aeb82c38c24d916f743f63d8dd3a44245f8824 | bellingcat - Bahamut Revisited, More Cyber Espionage in the Middle East and South Asia - bellingcat | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.27.bahamut-revisited/bellingcat%20-%20Bahamut%20Revisited%2C%20More%20Cyber%20Espionage%20in%20the%20Middle%20East%20and%20South%20Asia%20-%20bellingcat.pdf |
| 688 | 2017-10-30 | 8fa264721c32e66ec94ceb77645c22edbffc9259 | Gaza Cybergang - updated activity in 2017_ - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.30.Gaza_Cybergang/Gaza%20Cybergang%20-%20updated%20activity%20in%202017_%20-%20Securelist.pdf |
| 689 | 2017-10-31 | c88964f86dee3dddad544afaa958f19d5b078700 | Night_of_the_Devil | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.10.31.MBR-ONI.Japan/Night_of_the_Devil.pdf |
| 690 | 2017-11-02 | 3e8197de6b5d3ee28900addba58d37693ab48c35 | New Insights into Energetic Bear's Attacks on Turkish Critical Infrastructure | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.02.Energetic_Bear_on_Turkish_Critical_Infrastructure/New%20Insights%20into%20Energetic%20Bear%27s%20Attacks%20on%20Turkish%20Critical%20Infrastructure.pdf |
| 691 | 2017-11-02 | 7cc47ac6e2afeaccc7f6b81e7aee36a98b2fcc08 | LeetMX - a Yearlong Cyber-Attack Campaign Against Targets in Latin America - ClearSky Cyber Security | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.02.LeetMX/LeetMX%20-%20a%20Yearlong%20Cyber-Attack%20Campaign%20Against%20Targets%20in%20Latin%20America%20-%20ClearSky%20Cyber%20Security.pdf |
| 692 | 2017-11-02 | 8a525f0a9399a4c2a02e14d9bdaa98992be9c07d | Recent InPage Exploits Lead to Multiple Malware Families | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.02.InPage_Exploits/Recent%20InPage%20Exploits%20Lead%20to%20Multiple%20Malware%20Families.pdf |
| 693 | 2017-11-02 | f7b0f598b3b294086661de8ff38a25cffd626845 | The KeyBoys are back in town | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.02.KeyBoys_are_back/The%20KeyBoys%20are%20back%20in%20town.pdf |
| 694 | 2017-11-06 | 7c2f93f1fbe764ff94de5e5d5f29daea4a512956 | chessmasters-new-strategy-evolving-tools-tactics | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.06.ChessMaster_New_Strategy/chessmasters-new-strategy-evolving-tools-tactics.pdf |
| 695 | 2017-11-06 | b14204853e9ec3f569a4783e38ce7edc945a9eaf | oceanlotus-blossoms | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.06.oceanlotus-blossoms/oceanlotus-blossoms.pdf |
| 696 | 2017-11-07 | 1df3af6ed515b55238da5e596ff5b0aa4b6e3a82 | Threat_Group_APT28_Slips_Office_Malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.07.APT28_Slips_Office_Malware/Threat_Group_APT28_Slips_Office_Malware.pdf |
| 697 | 2017-11-07 | 54217b0c066f77f19aeb47d323c9606ece22ffab | sowbug-cyber-espionage-group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.07.sowbug-cyber-espionage-group-targets/sowbug-cyber-espionage-group.pdf |
| 698 | 2017-11-10 | 02a66278756c7c3a068d5eff9bc05f3ae9a836cd | unit42-new-malware-with-ties-to-sunorcal-discovered | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.10.New_Malware_with_Ties_to_SunOrcal_Discovered/unit42-new-malware-with-ties-to-sunorcal-discovered.pdf |
| 699 | 2017-11-14 | f9210ad09b22553ea32f550d032385a6a93a6214 | muddying-the-water-targeted-attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.14.Muddying_the_Water/muddying-the-water-targeted-attacks.pdf |
| 700 | 2017-11-22 | 391659a97773a0330bafdee3af6fdbcfeaa11280 | muddywater-apt-targeting-middle-east | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.11.22.MuddyWater_APT/muddywater-apt-targeting-middle-east.pdf |
| 701 | 2017-12-04 | 3b669818816e3d888b2546bc75ac0f44782f7faf | paper_the-shadows-of-ghosts-carbanak-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.12.04.The_Shadows_of_Ghosts/paper_the-shadows-of-ghosts-carbanak-report.pdf |
| 702 | 2017-12-04 | bb99d7c51232dc5abfdad6c5771ce784405d95d7 | blog_anatomy-of-an-attack-carbanak | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.12.04.The_Shadows_of_Ghosts/blog_anatomy-of-an-attack-carbanak.pdf |
| 703 | 2017-12-05 | bba8af0fe4254863c86aafeedb7d86f7af7b0e99 | Charming_Kitten_2017 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.12.05.Charming_Kitten/Charming_Kitten_2017.pdf |
| 704 | 2017-12-07 | 4e20c78a1ab7fbd0140472388e206f0efbee8c26 | targeted-attack-in-middle-east-by-apt34.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.12.07.New_Targeted_Attack_in_the_Middle_East_by_APT34/targeted-attack-in-middle-east-by-apt34.html.pdf |
| 705 | 2017-12-11 | 7a57e05aab003604657afa1bb06af954004215c7 | Group-IB_MoneyTaker_report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.12.11.MoneyTaker/Group-IB_MoneyTaker_report.pdf |
| 706 | 2017-12-11 | a6d08e61d4a12fe4914671ba3550e95ad61691f2 | appendix-untangling-the-patchwork-cyberespionage-group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.12.11.Patchwork_APT/appendix-untangling-the-patchwork-cyberespionage-group.pdf |
| 707 | 2017-12-11 | dafed0f2a46c513004287c96588d3be3b7ae513a | tech-brief-untangling-the-patchwork-cyberespionage-group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.12.11.Patchwork_APT/tech-brief-untangling-the-patchwork-cyberespionage-group.pdf |
| 708 | 2017-12-14 | a6c087f2a4264e891068021c52dc954aba7c64b3 | attackers-deploy-new-ics-attack-framework-triton.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.12.14.attackers-deploy-new-ics-attack-framework-triton/attackers-deploy-new-ics-attack-framework-triton.html.pdf |
| 709 | 2017-12-17 | 8a146c79ec045eee3b72971c2285b63f28ec4407 | Operation_Dragonfly_Analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.12.17.operation-dragonfly-analysis-suggests-links-to-earlier-attacks/Operation_Dragonfly_Analysis.pdf |
| 710 | 2017-12-19 | ce6ea1a9d82cec62a78fbaa5a04afe54c0167101 | blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.12.19.North_Korea_Bitten_by_Bitcoin_Bug/blog.pdf |
| 711 | 2017-12-19 | d8ba9a371c7dc7e6608b92e8a671b82191d6c67a | pfpt-us-wp-north-korea-bitten-by-bitcoin-bug | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.12.19.North_Korea_Bitten_by_Bitcoin_Bug/pfpt-us-wp-north-korea-bitten-by-bitcoin-bug.pdf |
| 712 | 2018-01-04 | 4f9469a732dd8c2d32c8a2b017e9378e95e40611 | Iran_Cyber_Final_Full_v2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.04.Iran_Cyber_Threat_Carnegie/Iran_Cyber_Final_Full_v2.pdf |
| 713 | 2018-01-06 | 891959666596264d8f2bd7b309e8321b67d86844 | Malicious Document Targets Pyeongchang Olympics _ McAfee Blogs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.06.malicious-document-targets-pyeongchang-olympics/Malicious%20Document%20Targets%20Pyeongchang%20Olympics%20_%20McAfee%20Blogs.pdf |
| 714 | 2018-01-09 | 345ecd81d3f862caf8de882514c6c4e01ddcc048 | blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.09.Turla_Mosquito/blog.pdf |
| 715 | 2018-01-09 | 64ee9966b41640d4a8477e2bf5ad288422dd0829 | ESET_Turla_Mosquito | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.09.Turla_Mosquito/ESET_Turla_Mosquito.pdf |
| 716 | 2018-01-11 | 612116140e5b452ec1053a6017401f125a8c9375 | North_Korean_Defectors_and_Journalists_Targeted | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.11.North_Korean_Defectors_and_Journalists_Targeted/North_Korean_Defectors_and_Journalists_Targeted.pdf |
| 717 | 2018-01-12 | 71cf247af339cad51681bf1b3e5ad9702b92d676 | Pawn_Storm_Update_2018.Jan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.12.update-pawn-storm-new-targets-politically/Pawn_Storm_Update_2018.Jan.pdf |
| 718 | 2018-01-15 | ee187d05c2c5fc97fd78d9dbd18477c3eed8702b | New_killdisk | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.15.new-killdisk-variant-hits-financial-organizations-in-latin-america/New_killdisk.pdf |
| 719 | 2018-01-16 | 12c62600afe97d1309bc920524391e9ab9f4b01e | APT3_Adversary_Emulation_Plan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2017/2017.09.XX.APT3_Adversary_Emulation_Plan/APT3_Adversary_Emulation_Plan.pdf |
| 720 | 2018-01-16 | 586b976b5f81e93b76cf48534c9da8ec239e7b0b | korea-in-crosshairs.html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.16.korea-in-crosshairs/korea-in-crosshairs.html.pdf |
| 721 | 2018-01-16 | 691670cb4b4edb4b77c1215538a4a88c9933182d | cta-2018-0116 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.16.north-korea-cryptocurrency-campaign/cta-2018-0116.pdf |
| 722 | 2018-01-16 | 910813be6275d9db2a482a92c26eddae3786bc34 | Skygofree_appendix_eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.16.skygofree/Skygofree_appendix_eng.pdf |
| 723 | 2018-01-16 | a72a88d6a9cc5739aad7802ffb6b29f63af16bc4 | Skygofree_ Following in the footsteps of HackingTeam - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.16.skygofree/Skygofree_%20Following%20in%20the%20footsteps%20of%20HackingTeam%20-%20Securelist.pdf |
| 724 | 2018-01-18 | a91289e835991b389e01254492d0fe84aeb21752 | Turla Neuron Malware Update | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.18.Turla_group_update_Neuron_malware/Turla%20Neuron%20Malware%20Update.pdf |
| 725 | 2018-01-18 | d5c605fd42adb5312d17a54d246d8178a6a9094c | Lookout_Dark-Caracal_srr_20180118_us_v.1.0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.18.Dark_Caracal/Lookout_Dark-Caracal_srr_20180118_us_v.1.0.pdf |
| 726 | 2018-01-24 | 84890f780369eac214755f96faa225aa8d855a4c | Lazarus_Campaign_Targeting_Cryptocurrencies | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.24.lazarus-campaign-targeting-cryptocurrencies/Lazarus_Campaign_Targeting_Cryptocurrencies.pdf |
| 727 | 2018-01-25 | 15ca73fd7d7d91a93d1d31c372977ded81ce4098 | unit42-oilrig-uses-rgdoor-iis-backdoor-targets-middle-east | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.25.oilrig_Middle_East/unit42-oilrig-uses-rgdoor-iis-backdoor-targets-middle-east.pdf |
| 728 | 2018-01-26 | 8c10db53c54a7b7fd8644cfd7e2bc8da4edb4d37 | unit42-the-tophat-campaign-attacks-within-the-middle-east-region-using-popular-third-party-services | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.26.TopHat_Campaign/unit42-the-tophat-campaign-attacks-within-the-middle-east-region-using-popular-third-party-services.pdf |
| 729 | 2018-01-27 | 70fae1539b2e714ac6876d64dacbead9671fc003 | Accenture-Security-Dragonfish-Threat-Analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.27.DRAGONFISH/Accenture-Security-Dragonfish-Threat-Analysis.pdf |
| 730 | 2018-01-29 | 0bece4337b4372e52cf6b23dd4f9da12f8175fa7 | VERMIN_ Quasar RAT and Custom Malware Used In Ukraine | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.29.VERMIN_Quasar_RAT_and_Custom_Malware_Used_In_Ukraine/VERMIN_%20Quasar%20RAT%20and%20Custom%20Malware%20Used%20In%20Ukraine.pdf |
| 731 | 2018-01-29 | bde5a789f1778ea6abc0c03231e448bdac2e378f | PoriewSpy.India | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.29.PoriewSpy.India/PoriewSpy.India.pdf |
| 732 | 2018-01-30 | a98b3a495b906d5e966dd4afa536b736030aaa35 | apt32-continues-asean-targeting | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.30.APT32_Continues_ASEAN_Targeting/apt32-continues-asean-targeting.pdf |
| 733 | 2018-01-31 | a2425e6cac6127d7c43e5135ede2b9cc7fdb2543 | unit42-comnie-continues-target-organizations-east-asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.01.31.Comnie_Continues_to_Target_Organizations_in_East_Asia/unit42-comnie-continues-target-organizations-east-asia.pdf |
| 734 | 2018-02-02 | 43d4c021682681ff6061a74b794744f74ef5bea2 | Gold_Dragon_Olympics | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.02.gold-dragon-widens-olympics-malware/Gold_Dragon_Olympics.pdf |
| 735 | 2018-02-07 | 6a573fc0b111b0a65146d74cd956ecea94561f6d | Targeted-attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.07.targeted-attacks-in-middle-east_VBS_CAMPAIGN/Targeted-attacks.pdf |
| 736 | 2018-02-13 | 1a0cdfb6c8a5518e7e5f24a70f125e7bc0442e9f | deciphering-confucius | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.13.deciphering-confucius/deciphering-confucius.pdf |
| 737 | 2018-02-13 | c38fc4d7de7c5546e9395c0399ea02441da355b2 | Lotus Blossom Continues ASEAN Targeting | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.13.Lotus-Blossom-Continues/Lotus%20Blossom%20Continues%20ASEAN%20Targeting.pdf |
| 738 | 2018-02-20 | 0e701c174ea21495258d3070c2092ae2c1071ab3 | APT37.blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.20.APT37/APT37.blog.pdf |
| 739 | 2018-02-20 | 64b4473af2ffaf520043f90f688735a53e8860b7 | A Slice of 2017 Sofacy Activity - Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.20.a-slice-of-2017-sofacy-activity/A%20Slice%20of%202017%20Sofacy%20Activity%20-%20Securelist.pdf |
| 740 | 2018-02-20 | 8742755080062ec87eb6ae0059fd7925cde83a9b | rpt_APT37 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.20.APT37/rpt_APT37.pdf |
| 741 | 2018-02-20 | ba3b8e6a764ce36c0826bbc39a5012caf7048ecb | Musical Chairs Playing Tetris | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.20.musical-chairs-playing-tetris/Musical%20Chairs%20Playing%20Tetris.pdf |
| 742 | 2018-02-21 | 19b2258d841699869a494c3752d0f7ec9b1ba3d2 | Avast tracks down Tempting Cedar Spyware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.21.Tempting_Cedar/Avast%20tracks%20down%20Tempting%20Cedar%20Spyware.pdf |
| 743 | 2018-02-28 | 68ea1b735d59a6f13e33b91b7c43d399919d9d69 | Chafer_ Latest Attacks Reveal Heightened Ambitions _ Symantec Blogs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.28.Chafer_Latest_Attacks_Reveal/Chafer_%20Latest%20Attacks%20Reveal%20Heightened%20Ambitions%20_%20Symantec%20Blogs.pdf |
| 744 | 2018-02-28 | c8e577f6df534895f4b9e25a8da67a7b32d381af | Sofacy Attacks Multiple Government Entities | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.02.28.sofacy-attacks-multiple-government-entities/Sofacy%20Attacks%20Multiple%20Government%20Entities.pdf |
| 745 | 2018-03-01 | 3aa1366f97a1345531af82567897baeef7624dd3 | MuddyWater's Recent Activity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.01.a-quick-dip-into-muddywaters-recent/MuddyWater%27s%20Recent%20Activity.pdf |
| 746 | 2018-03-02 | 1948c9c82dd21358b57d1bcf962fe704bbac6b20 | Operation_Honeybee | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.02.Operation_Honeybee/Operation_Honeybee.pdf |
| 747 | 2018-03-05 | 991be81293e8d94a7cd79741bf18005158ff319b | New_ComboJack_Steal_Cryptocurrency | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.05.New_ComboJack_Malware/New_ComboJack_Steal_Cryptocurrency.pdf |
| 748 | 2018-03-06 | 42bc3ed806d32f12e7fcb224aa184abfda49d079 | The-Slingshot-APT_report_ENG_final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.06.The-Slingshot-APT/The-Slingshot-APT_report_ENG_final.pdf |
| 749 | 2018-03-07 | 128ea779dec6b3799b81e1536db23b51dbab67ce | patchwork-continues-deliver-badnews | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.07.patchwork-continues-deliver-badnews-indian-subcontinent/patchwork-continues-deliver-badnews.pdf |
| 750 | 2018-03-08 | a6a5420dfb31ba77269ecf7fec57c2524308f131 | Donot Team in South Asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.08.donot-team-leverages-new-modular/Donot%20Team%20in%20South%20Asia.pdf |
| 751 | 2018-03-08 | d103eb6b97caa34ba67ed9ed9eb588acb7409e1e | ukatemicrysys_territorialdispute | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.08.Territorial_Dispute/ukatemicrysys_territorialdispute.pdf |
| 752 | 2018-03-08 | e742065989523b8a47ec060eeb8337b3ecb6695d | olympicdestroyer | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.08.olympicdestroyer-is-here-to-trick-the-industry/olympicdestroyer.pdf |
| 753 | 2018-03-08 | f73b8c4566e4f8c356e28c091e4eb5956ef7172a | hidden-cobra-targets-turkish-financial-sector-new-bankshot-implant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.08.hidden-cobra-targets-turkish-financial/hidden-cobra-targets-turkish-financial-sector-new-bankshot-implant.pdf |
| 754 | 2018-03-09 | 2ce1536757accf7b76da6cc2900300e702ac7f3a | New tools uncovered from hacking group APT15 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.09.APT15_is_alive_and_strong/New%20tools%20uncovered%20from%20hacking%20group%20APT15.pdf |
| 755 | 2018-03-09 | 57eb61b0d2d2e8b62ea44f6ce4e108e85d9facb6 | BAD TRAFFIC_ Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads_ | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.09.Sandvine_PacketLogic_Devices_APT/BAD%20TRAFFIC_%20Sandvine%E2%80%99s%20PacketLogic%20Devices%20Used%20to%20Deploy%20Government%20Spyware%20in%20Turkey%20and%20Redirect%20Egyptian%20Users%20to%20Affiliate%20Ads_.pdf |
| 756 | 2018-03-09 | 7dcaea7c97091bd953bfb58e83ee329c92ba04d6 | new-traces-hacking-team-wild | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.09.new-traces-hacking-team-wild/new-traces-hacking-team-wild.pdf |
| 757 | 2018-03-09 | f4024179748d1abc9e6bfe6e2f0536fc42003b91 | An analysis of RoyalCli and RoyalDNS | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.09.APT15_is_alive_and_strong/An%20analysis%20of%20RoyalCli%20and%20RoyalDNS.pdf |
| 758 | 2018-03-09 | fb43da79eb861c4678fb04c4614436d73db8deeb | masha-and-these-bears | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.09.masha-and-these-bears/masha-and-these-bears.pdf |
| 759 | 2018-03-12 | 723fc308e141c4e6ea7b1b4d1730a4de4eae19d0 | MuddyWater_Middle_East_and_Central_Asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.12.MuddyWater_Middle_East_and_Central_Asia/MuddyWater_Middle_East_and_Central_Asia.pdf |
| 760 | 2018-03-13 | 1229852bbb049d1ed9c63e41a02d089b288328cf | iranian-threat-group-updates-ttps-in-spear-phishing-campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.13.Iranian-threat-group/iranian-threat-group-updates-ttps-in-spear-phishing-campaign.pdf |
| 761 | 2018-03-13 | 81a85270e8e412603a86d7226cbd9407306d0a2c | BlackTDS | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.13.BlackTDS/BlackTDS.pdf |
| 762 | 2018-03-13 | 86b083b7b5a796325b9d99291fbece2c71bf2b70 | therapeutic_postmortem_of_connected_medicine | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.13.A_therapeutic_postmortem_of_connected_medicine/therapeutic_postmortem_of_connected_medicine.pdf |
| 763 | 2018-03-13 | cc77d1604a80c26bfb1846a84a27dea99278242b | ESET_OceanLotus | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.13.OceanLotus_Old_techniques_new_backdoor/ESET_OceanLotus.pdf |
| 764 | 2018-03-14 | 4965ed073067deeb6e8d354301e6f9923fb2687e | Tropic Trooper’s New Strategy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.14.tropic-trooper-new-strategy/Tropic%20Trooper%E2%80%99s%20New%20Strategy.pdf |
| 765 | 2018-03-14 | 740dfa57dee188f7e1e086b5ba87ddef5460ce4e | Inception Framework_ Alive and Well, and Hiding Behind Proxies _ Symantec Blogs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.14.Inception_Framework/Inception%20Framework_%20Alive%20and%20Well%2C%20and%20Hiding%20Behind%20Proxies%20_%20Symantec%20Blogs.pdf |
| 766 | 2018-03-15 | 1b0b1d53362b0a5210164197a7132e4ae3aa5749 | Russian_Government_Cyber_Activity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.15.Russian_Government_Cyber_Activity_TA18-074A/Russian_Government_Cyber_Activity.pdf |
| 767 | 2018-03-23 | 5e759d952b6255cad781503243d2dc75cba479f9 | Tech_Report_Malicious_Hancom | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.23.Targeted_Attacks_on_South_Korean_Organizations/Tech_Report_Malicious_Hancom.pdf |
| 768 | 2018-03-27 | 077153aaf5a20fe602dad41b71b2602183f81849 | Panda Banker Zeros | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.27.panda-banker-zeros-in-on-japanese-targets/Panda%20Banker%20Zeros.pdf |
| 769 | 2018-03-29 | 5afff604991deb7f3ab7d035f5b4090011c4a10c | ChessMaster Adds Updated Tools to Its Arsenal | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.29.ChessMaster_Adds_Updated_Tools/ChessMaster%20Adds%20Updated%20Tools%20to%20Its%20Arsenal.pdf |
| 770 | 2018-03-31 | f3aa0853f78397774f0a44b0fec343256c3c9567 | NavRAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.03.31.NavRAT_Uses_US-North_Korea_Summit_As_Decoy/NavRAT.pdf |
| 771 | 2018-04-04 | 1f4fb94a88d7ad303157e3a5ce3d5ec33833a3bf | MacOS_Backdoor_OceanLotus | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.04.MacOS_Backdoor_OceanLotus/MacOS_Backdoor_OceanLotus.pdf |
| 772 | 2018-04-12 | f0d3b63788e00dc8682feae721a4df8d7471fc85 | Operation-Parliament | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.12.operation-parliament/Operation-Parliament.pdf |
| 773 | 2018-04-17 | 36f3657d3cc0cf94d1287e49874008e839c9151a | nccgroup.trust-Decoding network data from a Gh0st RAT variant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.17.Iron_Tiger_Gh0st_RAT_variant/nccgroup.trust-Decoding%20network%20data%20from%20a%20Gh0st%20RAT%20variant.pdf |
| 774 | 2018-04-23 | 059fd3de304083e79ca083605aff7cf58d9b17cb | energetic-bear-crouching | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.23.energetic-bear-crouching-yeti/energetic-bear-crouching.pdf |
| 775 | 2018-04-23 | 95344b8198280e7ccdf0f148a812f3a6afa0ffa4 | orangeworm-targets-healthcare-us-europe-asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.23.New_Orangeworm/orangeworm-targets-healthcare-us-europe-asia.pdf |
| 776 | 2018-04-23 | ca851ce01b6f9c123af07bd5c41d267b5f0c49ce | Accenture-Hogfish-Threat-Analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.23.HOGFISH_REDLEAVES_CAMPAIGN/Accenture-Hogfish-Threat-Analysis.pdf |
| 777 | 2018-04-24 | 4e0284460cc68c0fdf80a26c55a9f54d790e0432 | sednit-update-analysis-zebrocy_ | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.24.sednit-update-analysis-zebrocy/sednit-update-analysis-zebrocy_.pdf |
| 778 | 2018-04-24 | 6470021efdeb316fd19cb16537ce9102ed7e59d1 | operation-ghostsecret | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.24.Operation_GhostSecret/operation-ghostsecret.pdf |
| 779 | 2018-04-24 | 9e3057bfa16352f56a7d026fac330e3a1487b861 | metamorfo-campaign-targeting-brazilian-users_html | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.24.metamorfo-campaign/metamorfo-campaign-targeting-brazilian-users_html.pdf |
| 780 | 2018-04-26 | e135ed30a2ce96d99b5227e77e0ed65fb2655158 | GravityRAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.26.GravityRAT/GravityRAT.pdf |
| 781 | 2018-04-27 | 251139b66d8a6e68a38000d1e05befd26bf535ca | [CN]_OceanLotus_new_malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.04.27.OceanLotus_new_malware/%5BCN%5D_OceanLotus_new_malware.pdf |
| 782 | 2018-05-03 | 149418e27ac9b1965b9ab713c26dc4671a207e70 | Red_Eyes_Hacking_Group_Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.05.03.Red_Eyes_Hacking_Group/Red_Eyes_Hacking_Group_Report.pdf |
| 783 | 2018-05-03 | 65dbdb2c06922707a0979295c9645c71cf0d2963 | 20180503_Burning_Umbrella | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.05.03.Burning_Umbrella/20180503_Burning_Umbrella.pdf |
| 784 | 2018-05-03 | 8a8e334f804ece05996db6dbe8c055991cca013e | ZooPark_for_public_final_edit | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.05.03.whos-who-in-the-zoo/ZooPark_for_public_final_edit.pdf |
| 785 | 2018-05-03 | dbc9026e9f8f76b9cac91b86dd97780f81d8e9ae | blog_whos-who-in-the-zoo | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.05.03.whos-who-in-the-zoo/blog_whos-who-in-the-zoo.pdf |
| 786 | 2018-05-09 | 5d18ef46d4a6927bdfd56840ec2ed1fc29bf22df | cta-2018-0509 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.05.09.Iran_Hacker_Hierarchy_Exposed/cta-2018-0509.pdf |
| 787 | 2018-05-09 | 5ebc5e943ec07f77f1c8bd72772cb77f96fac565 | blogs_360_cn_blog_cve-2018-8174-en_ | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.05.09.APT-C-06_CVE-2018-8174/blogs_360_cn_blog_cve-2018-8174-en_.pdf |
| 788 | 2018-05-22 | 04146a1e3e7dd4d5e3e2fbd5b0fe8f06720a6a6b | turla-mosquito-shift-towards-generic-tools | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.05.22.Turla_Mosquito/turla-mosquito-shift-towards-generic-tools.pdf |
| 789 | 2018-05-22 | 6fa8f171b0c54e32f84947822529ec3577304030 | The_destruction_of_APT3 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.05.22.The_destruction_of_APT3/The_destruction_of_APT3.pdf |
| 790 | 2018-05-23 | 3935d58c55bf257dff7b3c263f60e35ea2ab736c | VPNFilter | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.05.23.New_VPNFilter/VPNFilter.pdf |
| 791 | 2018-05-23 | c49e6365631d1feafe04dcbfdc7baac5c049d43f | Confucius_Update | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.05.23.Confucius_Update/Confucius_Update.pdf |
| 792 | 2018-05-29 | 879ec150de81d3f3408badccc873146e9722c828 | iron-cybercrime-group-under-the-scope-2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.05.29.iron-cybercrime-group/iron-cybercrime-group-under-the-scope-2.pdf |
| 793 | 2018-06-06 | 2691cc0a9f42e4f472935f28a6606b4f9f2345b4 | vpnfilter-update | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.06.vpnfilter-update/vpnfilter-update.pdf |
| 794 | 2018-06-06 | 2add24d5de90473d4953c4634e8c06e4d96194c1 | operation-prowli-traffic-manipulation-cryptocurrency-mining | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.06.OPERATION_PROWLI/operation-prowli-traffic-manipulation-cryptocurrency-mining.pdf |
| 795 | 2018-06-06 | 897566b9fcbdf30e026ba61172ccb56766948a4a | sofacy-groups-parallel-attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.06.sofacy-groups-parallel-attacks/sofacy-groups-parallel-attacks.pdf |
| 796 | 2018-06-07 | 36c8db6ae5dbc1534364202bd3dafe4f812d5ab7 | adobe-flash-zero-day-targeted-attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.07.dobe-flash-zero-day-targeted-attack/adobe-flash-zero-day-targeted-attack.pdf |
| 797 | 2018-06-07 | c58320595990b936d91523bd64c8b40fe6869d5d | patchwork-apt-group-targets-us-think-tanks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.07.patchwork-apt-group-targets-us-think-tanks/patchwork-apt-group-targets-us-think-tanks.pdf |
| 798 | 2018-06-07 | d721478a2354fb695d2f066e276e69ad5d1eaf73 | totally-tubular-treatise-on-triton-and-tristation | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.07.Totally_Tubular_Treatise_on_TRITON_TriStation/totally-tubular-treatise-on-triton-and-tristation.pdf |
| 799 | 2018-06-13 | 035f7ce343df0a51728acb98c5fd196fad498092 | luckymouse-hits-national-data-center | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.13.LuckyMouse/luckymouse-hits-national-data-center.pdf |
| 800 | 2018-06-14 | 30247dcb727eaa945d77ffc1f1daf9304691a849 | miragefox-apt15-resurfaces-with-new-tools-based-on-old-ones | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.14.MirageFox_APT15/miragefox-apt15-resurfaces-with-new-tools-based-on-old-ones.pdf |
| 801 | 2018-06-14 | ed2e653577bfc48e3354a65f006bce987454a0a2 | another-potential-muddywater-campaign-uses-powershell-based-prb-backdoor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.14.another-potential-muddywater-campaign/another-potential-muddywater-campaign-uses-powershell-based-prb-backdoor.pdf |
| 802 | 2018-06-15 | 411a7ffe8c11fbe9edd49575bcf4e94270e3b7be | Mustang Panda _ Threat Actor Profile _ CrowdStrike | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.15.Mustang_Panda/Mustang%20Panda%20_%20Threat%20Actor%20Profile%20_%20CrowdStrike.pdf |
| 803 | 2018-06-19 | 267c3ec477cc853b163bb41a8fd82cdf6c51f4db | olympic-destroyer | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.19.olympic-destroyer-is-still-alive/olympic-destroyer.pdf |
| 804 | 2018-06-20 | 0e8b74584de702a9c0fa48f65e3f19b97537642e | thrip-hits-satellite-telecoms-defense-targets | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.20.thrip-hits-satellite-telecoms-defense-targets/thrip-hits-satellite-telecoms-defense-targets.pdf |
| 805 | 2018-06-22 | dd16552805b96e7cafc27d7edcd05e15014e4091 | Tick Group Weaponized Secure USB Drives to Target Air-Gapped Critical Systems | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.22.Iick.Group-weaponized-secure-usb/Tick%20Group%20Weaponized%20Secure%20USB%20Drives%20to%20Target%20Air-Gapped%20Critical%20Systems.pdf |
| 806 | 2018-06-23 | ef3dd05bee369a7cfb633d03e0545097845a73bc | [AhnLab]Andariel_a_Subgroup_of_Lazarus (3) | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.23.Andariel_Group/%5BAhnLab%5DAndariel_a_Subgroup_of_Lazarus%20%283%29.pdf |
| 807 | 2018-06-25 | b4e7f944cadd35119444c6c346a5ab01023bfd43 | [KR]_ASEC_REPORT_vol.91 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.xx.Operation_Red_Gambler/%5BKR%5D_ASEC_REPORT_vol.91.pdf |
| 808 | 2018-06-26 | dc7912fdc23452e38d28768ce42a18c17f17ebce | rancor-targeted-attacks-south-east-asia-using-plaintee-ddkong-malware-families_ | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.06.26.RANCOR/rancor-targeted-attacks-south-east-asia-using-plaintee-ddkong-malware-families_.pdf |
| 809 | 2018-07-08 | 1ef1ae557b1ed60177dc52891e7248e714a6fa68 | apt-attack-middle-east-big-bang | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.07.08.Big_Bang/apt-attack-middle-east-big-bang.pdf |
| 810 | 2018-07-08 | af6cf2581e3ae03234ddda2ad04cc1065498279e | hussarini---targeted-cyber-attack-in-the-philippines | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.07.08.Hussarini/hussarini---targeted-cyber-attack-in-the-philippines.pdf |
| 811 | 2018-07-09 | f53aa3d8c7b6f9185fd3d7957aeb4d6cd1192ffb | certificates-stolen-taiwanese-tech | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.07.09.certificates-stolen-taiwanese-tech-companies-plead-malware-campaign/certificates-stolen-taiwanese-tech.pdf |
| 812 | 2018-07-12 | 032acfce8fe08469434ef3752263665844e620e6 | MDM_India | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.07.12.Advanced_Mobile_Malware_Campaign_in_India/MDM_India.pdf |
| 813 | 2018-07-13 | e5a45010194433a959766fec55f99aed226abb59 | 20180713_CSE_APT28_X-Agent_Op-Roman Holiday-Report_v6_1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.07.13.Operation_Roman_Holiday/20180713_CSE_APT28_X-Agent_Op-Roman%20Holiday-Report_v6_1.pdf |
| 814 | 2018-07-16 | 9ec73a98fdbceb783f5061a0da13d34e1c5a5745 | new-andariel-reconnaissance-tactics-hint-at-next-targets | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.07.16.new-andariel/new-andariel-reconnaissance-tactics-hint-at-next-targets.pdf |
| 815 | 2018-07-23 | 840074e9139ef478efa15583e254af3d947577e1 | 20180723_CSE_APT27_Syria_v1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.07.23_APT27_Syria/20180723_CSE_APT27_Syria_v1.pdf |
| 816 | 2018-07-27 | e8a3316d1aa5c9c81aa0fe685014ac3a3f6c66a2 | New Threat Actor Group DarkHydrus Targets Middle East Government | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.07.27.DarkHydrus/New%20Threat%20Actor%20Group%20DarkHydrus%20Targets%20Middle%20East%20Government.pdf |
| 817 | 2018-07-31 | 06a70ab2849fb7fe98adf961d33e8e419dc5f81f | bisonal-malware-used-attacks-russia-south-korea | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.07.31.bisonal-malware-used-attacks-russia-south-korea/bisonal-malware-used-attacks-russia-south-korea.pdf |
| 818 | 2018-07-31 | 2036f6c6c100cf783e8bf0e95046196e5ba188c1 | malicious-document-targets-vietnamese-officials | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.07.31.APT_SideWinder_Malicious_Doc/malicious-document-targets-vietnamese-officials.pdf |
| 819 | 2018-08-01 | 4fe9b6b9623341caa9ef78300626c8d15758955d | Malicious document targets Vietnamese officials | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.01.Vietnamese_officials_Targets/Malicious%20document%20targets%20Vietnamese%20officials.pdf |
| 820 | 2018-08-02 | 40aa0ef5a5f3a7318de9208871684cfa5f188c70 | Goblin_Panda_against_Bears | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.02.Goblin_Panda/Goblin_Panda_against_Bears.pdf |
| 821 | 2018-08-02 | 4a22ceafcbdd3e8b7a349e8c80792be8377ff4d2 | The Gorgon Group Slithering Between Nation State and Cybercrime | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.02.Gorgon_Group/The%20Gorgon%20Group%20Slithering%20Between%20Nation%20State%20and%20Cybercrime.pdf |
| 822 | 2018-08-02 | 75e144bb2f67929f91e7565ad9a75464d2fba7f7 | Accenture-Goldfin-Security-Alert-1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.02.Goldfin_Security_Alert/Accenture-Goldfin-Security-Alert-1.pdf |
| 823 | 2018-08-09 | b2c6738adde90a2abbbb24a07102e46bc8f26b2e | examining-code-reuse-reveals-undiscovered-links-among-north-koreas-malware-families | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.09.north-koreas-malware-families/examining-code-reuse-reveals-undiscovered-links-among-north-koreas-malware-families.pdf |
| 824 | 2018-08-16 | 330121e6427cfb64f61b8494eb8cdce572b57698 | cta-2018-0816 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.16.Chinese_Cyberespionage_Tsinghua_University/cta-2018-0816.pdf |
| 825 | 2018-08-21 | 57849370296edd38929812a6832edeacaf56685e | supply-chain-attack-operation-red-signature-targets-south-korean-organizations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.21.Operation_Red_Signature/supply-chain-attack-operation-red-signature-targets-south-korean-organizations.pdf |
| 826 | 2018-08-21 | c2ec1036a969d9b8e470e0b1bcaf88069a058b98 | Eset-Turla-Outlook-Backdoor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.21.Turla.Outlook.Backdoor/Eset-Turla-Outlook-Backdoor.pdf |
| 827 | 2018-08-23 | 1efa2d8bbe61fed9c3f97f5dbdb65566f3e2024d | Operation_AppleJeus | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.23.Operation_AppleJeus/Operation_AppleJeus.pdf |
| 828 | 2018-08-28 | ecc2daeb3c747d13f4f94c6058df8564a1474ca3 | ceidpagelock-a-chinese-rootkit | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.28.CeidPageLock/ceidpagelock-a-chinese-rootkit.pdf |
| 829 | 2018-08-29 | 1614224bb566bb4c8e82501440d26fb707108757 | The Urpage Connection to Bahamut Confucius and Patchwork | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.29.Bahamut_Confucius_Patchwork/The%20Urpage%20Connection%20to%20Bahamut%20Confucius%20and%20Patchwork.pdf |
| 830 | 2018-08-29 | b6c547c6d2911413cd04f4e8a5f218097c6b3a28 | Appendix-TheUrpageConnectiontoBahamutConfuciusandPatchwork | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.29.Bahamut_Confucius_Patchwork/Appendix-TheUrpageConnectiontoBahamutConfuciusandPatchwork.pdf |
| 831 | 2018-08-30 | 0e7109f06710132f6e6db736a9628fd394412204 | Two Birds One STONE PANDA | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.30.Stone_Panda/Two%20Birds%20One%20STONE%20PANDA.pdf |
| 832 | 2018-08-30 | 3a8b95623bfbca0404372fe5d4a9fa89dbfa3aa8 | In the Trails of WINDSHIFT APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.30.WINDSHIFT_APT/In%20the%20Trails%20of%20WINDSHIFT%20APT.pdf |
| 833 | 2018-08-30 | b36210fbdd48447cc39ec77e317f1f3ec43b8ae6 | Reversing malware in a custom format_ Hidden Bee elements | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.30.Hidden_Bee_Custom_format/Reversing%20malware%20in%20a%20custom%20format_%20Hidden%20Bee%20elements.pdf |
| 834 | 2018-08-30 | b6d1d7e93428e9ee1d8ce9ca8d21cad84c983077 | Double the Infection Double the Fun | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.08.30.Cobalt_Group_Fun/Double%20the%20Infection%20Double%20the%20Fun.pdf |
| 835 | 2018-09-04 | a5209b418cad0bcc8212683bef7ee75db512b59b | oilrig-targets-middle-eastern-government-adds-evasion-techniques-oopsie | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.04.OilRig_Targets_Middle_Eastern/oilrig-targets-middle-eastern-government-adds-evasion-techniques-oopsie.pdf |
| 836 | 2018-09-04 | ab329ec81cc6bbc20a38b69ae91c1327a390ecd5 | silence_moving-into-the-darkside | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.04.Silence/silence_moving-into-the-darkside.pdf |
| 837 | 2018-09-07 | 05ded0be2899badb166a94ef2855569121c60a82 | Targeted Attack on Indian Ministry of External Affairs using Crimson RAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.07.indian-ministry_crimson-rat/Targeted%20Attack%20on%20Indian%20Ministry%20of%20External%20Affairs%20using%20Crimson%20RAT.pdf |
| 838 | 2018-09-07 | 5cd0e57ee8d76d9ee8e08467a2811b888b20bbb5 | Goblin_Panda_targets_Cambodia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.07.Goblin_Panda_targets_Cambodia/Goblin_Panda_targets_Cambodia.pdf |
| 839 | 2018-09-07 | 6bc74c0f6105d807ef6fa586a562f016460a802f | Domestic Kitten An Iranian Surveillance Operation | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.07.Domestic_Kitten/Domestic%20Kitten%20An%20Iranian%20Surveillance%20Operation.pdf |
| 840 | 2018-09-10 | 02a54821df905cc36b4d7433febead45a7881633 | LuckyMouse | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.10.LuckyMouse/LuckyMouse.pdf |
| 841 | 2018-09-13 | cd622003433b7744a621fc95a1902e3df81c3059 | APT10 Targeting Japanese Corporations Using Updated TTPs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.13.APT10_Targeting_Japanese/APT10%20Targeting%20Japanese%20Corporations%20Using%20Updated%20TTPs.pdf |
| 842 | 2018-09-19 | d46f8f9f955dae7486b9c9b96c533ebb56a739b9 | 20180919 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.19.Green_Spot_APT/20180919.pdf |
| 843 | 2018-09-20 | 667f1379170388a9984c24154da1507f02b5fd19 | CN_APT-C-01 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.20.Poison_Trumpet_Vine_Operation/CN_APT-C-01.pdf |
| 844 | 2018-09-27 | c1d45e9e295ef68265aaab4d84c14f89109ea3cd | ESET-LoJax | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.09.27.LoJax/ESET-LoJax.pdf |
| 845 | 2018-10-03 | 37e523977a82a5bf0f8cff84b5b183efc266d133 | rpt-apt38-2018-web_v4 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.03.APT38/rpt-apt38-2018-web_v4.pdf |
| 846 | 2018-10-10 | cd799bccd0560735d3c5bb4efb7b95bcdc392ad1 | MuddyWater expands operations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.10.MuddyWater_expands/MuddyWater%20expands%20operations.pdf |
| 847 | 2018-10-11 | d26e508ee0247d9cb909e0fe9cd542488c0396fa | Gallmaker New Attack Group Eschews Malware to Live off the Land | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.11.Gallmaker/Gallmaker%20New%20Attack%20Group%20Eschews%20Malware%20to%20Live%20off%20the%20Land.pdf |
| 848 | 2018-10-15 | 86b482a16690c51947f30b16dbe692dba2850897 | Russian-language actor exploits hype over Telegram ban in Central Asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.15.Octopus_Central_Asia/Russian-language%20actor%20exploits%20hype%20over%20Telegram%20ban%20in%20Central%20Asia.pdf |
| 849 | 2018-10-17 | 279f5467a697ab8ea2ecc9a896ac005b7f525721 | blog_GreyEnergy_Updated | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.17.GreyEnergy/blog_GreyEnergy_Updated.pdf |
| 850 | 2018-10-17 | 3b2d947a0db2be931e548b29e8f0604494cc4766 | SpyRATsofOceanLotusMalwareWhitePaper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.17.OceanLotus_SpyRATs/SpyRATsofOceanLotusMalwareWhitePaper.pdf |
| 851 | 2018-10-17 | 4bb6d80c828654e3bff8610397c39d440371cbf3 | MartyMcFly Malware_ Targeting Naval Industry | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.17_MartyMcFly_Targeting_Naval_Industry/MartyMcFly%20Malware_%20Targeting%20Naval%20Industry.pdf |
| 852 | 2018-10-17 | b8a1f025fec78996380d3e1045fea11c877610e2 | Cyber-Espionage Campaign Targeting the Naval Industry MartyMcFly | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.17.Targeting_the_Naval_Industry/Cyber-Espionage%20Campaign%20Targeting%20the%20Naval%20Industry%20MartyMcFly.pdf |
| 853 | 2018-10-17 | e374781848bd51add20e73f9dab3e0559e4db342 | ESET_GreyEnergy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.17.GreyEnergy/ESET_GreyEnergy.pdf |
| 854 | 2018-10-18 | 1bf64f3fe87c916e250e3c9058d7de553e1cbbd2 | rp-operation-oceansalt | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.18.Operation_Oceansalt/rp-operation-oceansalt.pdf |
| 855 | 2018-10-18 | 9867f20bf345ae417068e4e248f3ca610679ab67 | Tracking Tick Through Recent Campaigns Targeting East Asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.18.Datper_Bronze_Butler/Tracking%20Tick%20Through%20Recent%20Campaigns%20Targeting%20East%20Asia.pdf |
| 856 | 2018-10-18 | ad122d87969c575dd5e33baa8fb1d9c81ba87a37 | APT Sidewinder changes theirs TTPs to install their backdoor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.18.APT_Sidewinder_changes/APT%20Sidewinder%20changes%20theirs%20TTPs%20to%20install%20their%20backdoor.pdf |
| 857 | 2018-10-19 | f6d34d11a7ff08fe70d0597bc5c9170c6bd0d1a0 | DarkPulsar | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.10.19.DarkPulsar/DarkPulsar.pdf |
| 858 | 2018-11-01 | e484a67cc8eea37971aca97bbd9b4a82f33d6867 | Perl-Based Shellbot Looks to Target Organizations via C&C - TrendLabs Security Intelligence Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.01_Outlaw_group/Perl-Based%20Shellbot%20Looks%20to%20Target%20Organizations%20via%20C%26C%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf |
| 859 | 2018-11-05 | edb93a3ba0243acaaff29dc0534fcd8c51485210 | Inception Attackers Target Europe with Year-old Office Vulnerability | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.05.Inception_Attackers_Target_Europe/Inception%20Attackers%20Target%20Europe%20with%20Year-old%20Office%20Vulnerability.pdf |
| 860 | 2018-11-08 | 28bff667e0ace1f45ae14494dc87eb0bec7706b1 | FASTCash How the Lazarus Group is Emptying Millions from ATMs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.08.FASTCash/FASTCash%20How%20the%20Lazarus%20Group%20is%20Emptying%20Millions%20from%20ATMs.pdf |
| 861 | 2018-11-13 | e1df7c52e9fd6492e4f03cfbc92c38e8cfbab629 | cta-2018-1113 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.13.China.TEMP.Periscope.Using.Russian_APT/cta-2018-1113.pdf |
| 862 | 2018-11-19 | ad4a68888093e0ce4d64f65aa14740dae5e72267 | not-so-cozy-an-uncomfortable-examination-of-a-suspected-apt29-phishing-campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.19.APT29_Phishing/not-so-cozy-an-uncomfortable-examination-of-a-suspected-apt29-phishing-campaign.pdf |
| 863 | 2018-11-20 | 132278dbc802a2ada7f65716e8838627bee0e34e | blog.trendmicro.com-Lazarus Continues Heists Mounts Attacks on Financial Organizations in Latin America | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.20.lazarus-in-latin-america/blog.trendmicro.com-Lazarus%20Continues%20Heists%20Mounts%20Attacks%20on%20Financial%20Organizations%20in%20Latin%20America.pdf |
| 864 | 2018-11-26 | c10757263570d6941a5f0ca2b5b6923271b54eb8 | 3ve_google_whiteops_whitepaper_final_nov_2018 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.The_Hunt_for_3ve/3ve_google_whiteops_whitepaper_final_nov_2018.pdf |
| 865 | 2018-11-27 | 5217218444c642545031eaaabe9a0dd0f8dc4644 | DNSpionage Campaign Targets Middle East | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.27.dnspionage-campaign-targets-middle-east/DNSpionage%20Campaign%20Targets%20Middle%20East.pdf |
| 866 | 2018-11-28 | 31a8d8375950c344cb78209108b22421c173c360 | MuddyWater-Operations-in-Lebanon-and-Oman | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.28.MuddyWater-Operations-in-Lebanon-and-Oman/MuddyWater-Operations-in-Lebanon-and-Oman.pdf |
| 867 | 2018-11-28 | 35e08265a41e32c77ebe08160d03ce089538a540 | Tropic_Trooper_microsoft | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.28.Tropic_Trooper_microsoft/Tropic_Trooper_microsoft.pdf |
| 868 | 2018-11-29 | acc670862c4fc12a28385b0c4438d1e32fd917ed | EN_version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.29.Attack_Pakistan_By_Exploiting_InPage/EN_version.pdf |
| 869 | 2018-11-29 | eeb029f9c371d643f873c820de334e46f7bf65b1 | CN_version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.29.Attack_Pakistan_By_Exploiting_InPage/CN_version.pdf |
| 870 | 2018-11-30 | 23c0a1812535edbe41637784380ff52e7f9fb777 | PowerShell-based Backdoor Found in Turkey Strikingly Similar to MuddyWater Tools | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.11.30.MuddyWater_Turkey/PowerShell-based%20Backdoor%20Found%20in%20Turkey%20Strikingly%20Similar%20to%20MuddyWater%20Tools.pdf |
| 871 | 2018-12-11 | a8dce1d441f06cebb3143ab16b50b4e227334433 | Poking the Bear Three-Year Campaign Targets Russian Critical Infrastructure | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.11.Poking_the_Bear/Poking%20the%20Bear%20Three-Year%20Campaign%20Targets%20Russian%20Critical%20Infrastructure.pdf |
| 872 | 2018-12-12 | 2998cd09a78c8243fbeea94dc6735e8fef7a81f4 | Donot_Group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.12.Donot_Group/Donot_Group.pdf |
| 873 | 2018-12-12 | 47f5e50b6f18b96f012420b536a1ff120f74c45f | rp-operation-sharpshooter | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.12.Operation_Sharpshooter/rp-operation-sharpshooter.pdf |
| 874 | 2018-12-13 | 26d05e39aa461719fe2b2cf00ac510e976374624 | The Return of The Charming Kitten | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.13.Charming_Kitten_Return/The%20Return%20of%20The%20Charming%20Kitten.pdf |
| 875 | 2018-12-13 | 9aaded6d8c889c00bb1f185c511815ecdaba7c29 | Shamoon 3 Targets Oil and Gas Organization | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.13.Shamoon_3/Shamoon%203%20Targets%20Oil%20and%20Gas%20Organization.pdf |
| 876 | 2018-12-13 | e0e24015e1791320e5e81cd74aa57d88d4f5ef08 | tech-brief-tildeb-analyzing-the-18-year-old-implant-from-the-shadow-brokers-leak | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.13.Tildeb_Shadow_Brokers/tech-brief-tildeb-analyzing-the-18-year-old-implant-from-the-shadow-brokers-leak.pdf |
| 877 | 2018-12-18 | eb626a52cbeb7c4a61000db8969ff6b7b0b3fdb4 | URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.18.ursnif-emotet-dridex-and-bitpaymer-gangs/URSNIF%2C%20EMOTET%2C%20DRIDEX%20and%20BitPaymer%20Gangs%20Linked%20by%20a%20Similar%20Loader.pdf |
| 878 | 2018-12-20 | 3e599de2f9e4fcf383811d108da149e929ac811e | analyzing WindShift implant OSX.WindTail | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.20.WindShift_Middle_East/analyzing%20WindShift%20implant%20OSX.WindTail.pdf |
| 879 | 2018-12-27 | 758d6fbdac76f237dea044f336fc70cdadc5ccdc | The Enigmatic Roma225 Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.27.Roma225_Campaign/The%20Enigmatic%20Roma225%20Campaign.pdf |
| 880 | 2018-12-28 | 2373a41ce9dd7c86d4491d978fddf887d9a1fc87 | Goblin Panda changes the dropper and reuses the old infrastructure | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2018/2018.12.28.Goblin_Panda/Goblin%20Panda%20changes%20the%20dropper%20and%20reuses%20the%20old%20infrastructure.pdf |
| 881 | 2019-01-07 | bf6386b0b06d481f5a8ae83e4147602a801a722a | The APT Chronicles_December 2018nbspedition | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2019.01.07.APT_chronicles_december_2018_edition/The%20APT%20Chronicles_December%202018nbspedition.pdf |
| 882 | 2019-01-09 | 962b31ff9078b4fee4cc8c01a10526e988094227 | 2018 APT Summary Report CN version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2019.01.09.360_APT_Summary_report_2018_CN_Version/2018%20APT%20Summary%20Report%20CN%20version.pdf |
| 883 | 2019-01-15 | ac2bcbe0818c394ec66612060f81d4f6860ade30 | 2018_ A Year of Cyber Attacks – HACKMAGEDDON | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2019.01.15.2018-a-year-of-cyber-attacks/2018_%20A%20Year%20of%20Cyber%20Attacks%20%E2%80%93%20HACKMAGEDDON.pdf |
| 884 | 2019-01-15 | d6591e1135863c0b593212b46cd3886c79431371 | 2018 Master Table | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2019.01.15.2018-a-year-of-cyber-attacks/2018%20Master%20Table.pdf |
| 885 | 2019-01-16 | ca53a7cbf0df4fedcd284d8879c1b04273b46371 | darkhydruns-group-against-middle-east-cn | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.16.DarkHydruns/darkhydruns-group-against-middle-east-cn.pdf |
| 886 | 2019-01-16 | d1eece026635773310f0aa00e05898db7853dab0 | darkhydruns-group-against-middle-east-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.16.DarkHydruns/darkhydruns-group-against-middle-east-en.pdf |
| 887 | 2019-01-17 | 878dfa6ec75c711215f74a8761c62bd1fbbcf130 | Malware Used by Rocke Group Evolves to Evade Detection by Cloud Security Products | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.17.Rocke_Group/Malware%20Used%20by%20Rocke%20Group%20Evolves%20to%20Evade%20Detection%20by%20Cloud%20Security%20Products.pdf |
| 888 | 2019-01-18 | 3dfeb09452c6e80bcde7e900ed00034245bc7e98 | DarkHydrus delivers new Trojan that can use Google Drive for C2 communications | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.18.DarkHydrus/DarkHydrus%20delivers%20new%20Trojan%20that%20can%20use%20Google%20Drive%20for%20C2%20communications.pdf |
| 889 | 2019-01-18 | 9242d06642b234904eae8d1d9535e8b97a7ac902 | [Lab52] WIRTE Group attacking the Middle East | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.18.WIRTE_Group_attacking_the_Middle_East/%5BLab52%5D%20WIRTE%20Group%20attacking%20the%20Middle%20East.pdf |
| 890 | 2019-01-24 | 4873e2465fc56fca681074f5069788baa80841fb | GandCrab and Ursnif Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.24.GandCrab_and_Ursnif/GandCrab%20and%20Ursnif%20Campaign.pdf |
| 891 | 2019-01-24 | 64827e1bc8da8e53ee871703e5844d4e7e36a504 | ENISA_Threat_Landscape_2018 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/ENISA/ENISA_Threat_Landscape_2018.pdf |
| 892 | 2019-01-30 | 6d3e9e4aedd2b19d03cec69e62ea1a21dfc109c2 | dragos.com-Webinar Summary Uncovering ICS Threat Activity Groups | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2019.01.30.Uncovering_ICS_Threat_Activity_Groups/dragos.com-Webinar%20Summary%20Uncovering%20ICS%20Threat%20Activity%20Groups.pdf |
| 893 | 2019-01-30 | 78015d4cfa050ab7bb0c91c85832826ad622c699 | dragosactivitygroupswebinarfinal-190122171111 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2019.01.30.Uncovering_ICS_Threat_Activity_Groups/dragosactivitygroupswebinarfinal-190122171111.pdf |
| 894 | 2019-01-30 | 9707e48b8b7bdca8d17e74292142a5a4dd344f64 | Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.30.Chafer_APT_Spy_Iran/Chafer%20used%20Remexi%20malware%20to%20spy%20on%20Iran-based%20foreign%20diplomatic%20entities.pdf |
| 895 | 2019-01-30 | bcbf65db4d9ef65d3e835ba3ad2823bac5116cd7 | New Campaign delivers orcus rat | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.30.ORCUS_RAT/New%20Campaign%20delivers%20orcus%20rat.pdf |
| 896 | 2019-01-30 | ed0a08898e6dbfeda9f312589c6fbb3e8cdd6d8c | Operation_Kitty_Phishing | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.01.30.Operation_Kitty_Phishing/Operation_Kitty_Phishing.pdf |
| 897 | 2019-02-01 | 31aeff98e5ecc985d570f5b88204900aba65a6cd | OceanLotus_KerrDown | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.01.OceanLotus_KerrDown/OceanLotus_KerrDown.pdf |
| 898 | 2019-02-02 | dc4c90680a3172d00bf5ec6c025aab587c55f7b2 | Threat_Intel_Reads_January_2019 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2019.02.02.Threat_Intel_Reads_January_2019/Threat_Intel_Reads_January_2019.pdf |
| 899 | 2019-02-05 | b8827637dc77db1c5fbe8b5f83ca0e517cfe6742 | Analyzing Digital Quartermasters in Asia Do Chinese and Indian APTs Have a Shared Supply Chain | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.05.China_India_APT_shared/Analyzing%20Digital%20Quartermasters%20in%20Asia%20%20Do%20Chinese%20and%20Indian%20APTs%20Have%20a%20Shared%20Supply%20Chain.pdf |
| 900 | 2019-02-06 | 06cd0e5cf1092f8950dd6736f684ad5d4c9c4d63 | APT10 Targeted Norwegian MSP and US Companies in Sustained Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.06.APT10_Sustained_Campaign/APT10%20Targeted%20Norwegian%20MSP%20and%20US%20Companies%20in%20Sustained%20Campaign.pdf |
| 901 | 2019-02-06 | 87f5158d77ea898b705d34760578696818ed5ad8 | cta-2019-0206 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.06.APT10_Sustained_Campaign/cta-2019-0206.pdf |
| 902 | 2019-02-12 | 0f2ab054007a34b73bcaa8f0fffe93d0854903ea | 2019.01.03.Tencent_APT_Summary_report_2018_CN_Version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Tencent/2019.01.03.Tencent_APT_Summary_report_2018_CN_Version.pdf |
| 903 | 2019-02-14 | b5eb1493e06e786d1bb670970292444aca01b0eb | suspected-molerats-new-attack-in-the-middle-east-cn | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.14.Molerats_APT/suspected-molerats-new-attack-in-the-middle-east-cn.pdf |
| 904 | 2019-02-14 | d0b189531bfd952480d2453dc52fae166f5e2d38 | suspected-molerats-new-attack-in-the-middle-east-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.14.Molerats_APT/suspected-molerats-new-attack-in-the-middle-east-en.pdf |
| 905 | 2019-02-18 | e92cedebb135ec0a3c3eb63be47e1b1ac7684868 | apt-c-36-continuous-attacks-targeting-colombian-government-institutions-and-corporations-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.18.APT-C-36.Colombian/apt-c-36-continuous-attacks-targeting-colombian-government-institutions-and-corporations-en.pdf |
| 906 | 2019-02-20 | 43107b5d8f5782f17154718c9ba4de0487bcfc8e | LAZARUS GROUP DIRECTED TO ORGANIZATIONS IN RUSSIA_google_translate | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.20.LAZARUS_to_RUSSIA/LAZARUS%20GROUP%20DIRECTED%20TO%20ORGANIZATIONS%20IN%20RUSSIA_google_translate.pdf |
| 907 | 2019-02-20 | ac9f460fc3837cd78ae7f801a5879186e0fe486d | SE IDENTIFICÓ ATAQUES DEL GRUPO CIBERCRIMINAL LAZARUS DIRIGIDOS A ORGANIZACIONES EN RUSIA | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.20.LAZARUS_to_RUSSIA/SE%20IDENTIFIC%C3%93%20ATAQUES%20DEL%20GRUPO%20CIBERCRIMINAL%20LAZARUS%20DIRIGIDOS%20A%20ORGANIZACIONES%20EN%20RUSIA.pdf |
| 908 | 2019-02-25 | e8da32324db0d8ffd0eefdaf2b3e68ed75920bd4 | Defeating Compiler-Level Obfuscations Used in APT10 Malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.25.APT10_Defeating_Compiler_Level/Defeating%20Compiler-Level%20Obfuscations%20Used%20in%20APT10%20Malware.pdf |
| 909 | 2019-02-26 | ed64dc87623be86dd2022c5e54468c28ba346579 | The Arsenal Behind the Australian Parliament Hack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.26.Australian_Parliament_Hack/The%20Arsenal%20Behind%20the%20Australian%20Parliament%20Hack.pdf |
| 910 | 2019-02-27 | fe1ecb3fe582b44e53db1af17692b656a85e7a71 | A Peek into BRONZE UNION’s Toolbox | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.27.BRONZE_UNION_Toolbox/A%20Peek%20into%20BRONZE%20UNION%E2%80%99s%20Toolbox.pdf |
| 911 | 2019-02-28 | 1e1e10f905ed8c228a9f2d12da860c7f7defa1f1 | Ransomware, Trojan and Miner together against “PIK-Group” | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.02.28_RIK_Group/Ransomware%2C%20Trojan%20and%20Miner%20together%20against%20%E2%80%9CPIK-Group%E2%80%9D.pdf |
| 912 | 2019-03-03 | 7b5e4cedebc4e632266e8ecfcd590e44472600f2 | rpt-mtrends-2019 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/FireEye/rpt-mtrends-2019.pdf |
| 913 | 2019-03-04 | 6c3b0f70362d993f6d48d87bcb2013a237ab4dc0 | APT40 Examining a China-Nexus Espionage Actor APT40 Examining a China-Nexus Espionage Actor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.04.APT40/APT40%20Examining%20a%20China-Nexus%20Espionage%20Actor%20%20APT40%20Examining%20a%20China-Nexus%20Espionage%20Actor.pdf |
| 914 | 2019-03-06 | 85447c9971470c2e679bb3d87d2244d1e75bf208 | Whitefly_ Espionage Group has Singapore in Its Sights | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.06.Whitefly/Whitefly_%20Espionage%20Group%20has%20Singapore%20in%20Its%20Sights.pdf |
| 915 | 2019-03-06 | b458794cf9d35847c92bd2b231e52e85eb228ae2 | taidoor_analysis_jp | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.06_Taidoor_Analysis/taidoor_analysis_jp.pdf |
| 916 | 2019-03-06 | fc4dc028e5a66d4b050a04ab4216843f0c4ee2f2 | Operation_Pistacchietto | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.06.Operation_Pistacchietto/Operation_Pistacchietto.pdf |
| 917 | 2019-03-07 | ad73a0c600d6ad86f41a78f57fd76aa2d62192f4 | security-report-2019 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2019.02.Targeted_Attacks/security-report-2019.pdf |
| 918 | 2019-03-07 | d5fb10e16b4f2346fe2fcbeac9f8f2beccc914e3 | New SLUB Backdoor Uses GitHub Communicates via Slack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.07.SLUB_Backdoor/New%20SLUB%20Backdoor%20Uses%20GitHub%20Communicates%20via%20Slack.pdf |
| 919 | 2019-03-08 | edbd146351a40f307247b887b8f95e625cb62336 | Supply Chain – The Major Target of Cyberespionage Groups | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.08.Supply_Chain_Groups/Supply%20Chain%20%E2%80%93%20The%20Major%20Target%20of%20Cyberespionage%20Groups.pdf |
| 920 | 2019-03-11 | ad4f0b93e90f4b08ed4fd3087fcee922b799caf9 | Gaming-Industry.Asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.11.Gaming-Industry.Asia/Gaming-Industry.Asia.pdf |
| 921 | 2019-03-12 | 0a2d87f6690cff2fee583b3cdb44a2bf10c0dd6a | Operation_Comando | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.12.Operation_Comando/Operation_Comando.pdf |
| 922 | 2019-03-13 | 0402511221158a29056e8ec6f9337fe40fec18c7 | Operation_Sheep | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.13.Operation_Sheep/Operation_Sheep.pdf |
| 923 | 2019-03-13 | 33b3a24e5f3bbb9d99289fa01f2cdab26d21b7a6 | DMSniff_POS_Malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.13.DMSniff_POS_Malware/DMSniff_POS_Malware.pdf |
| 924 | 2019-03-13 | 6180b9b0b136037f8cc95d9d536cd7d3aaecf9c9 | GlitchPOS_New_Pos_Malwre_for_sale | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.13.GlitchPOS_POS_Malware/GlitchPOS_New_Pos_Malwre_for_sale.pdf |
| 925 | 2019-03-13 | 7a817b1dd112b073102b2ca818c1b5ffb66dd6a2 | Report2019GlobalThreatReport | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/CrowdStrike/Report2019GlobalThreatReport.pdf |
| 926 | 2019-03-22 | ea7913a00bfc6a4a9e71a5a3c2f251f67fe8c423 | LUCKY ELEPHANT Campaign Masquerading | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.22.LUCKY_ELEPHANT/LUCKY%20ELEPHANT%20Campaign%20Masquerading.pdf |
| 927 | 2019-03-25 | 49542f14b3ca6ec343864ac390278b879c443272 | Operation ShadowHammer | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.25.Operation_ShadowHammer/Operation%20ShadowHammer.pdf |
| 928 | 2019-03-27 | 6feab33a7a268f5e3b6facf38d46d0db42cfb664 | Elfin Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and US | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.27.Elfin/Elfin%20Relentless%20Espionage%20Group%20Targets%20Multiple%20Organizations%20in%20Saudi%20Arabia%20and%20US.pdf |
| 929 | 2019-03-28 | 04a318c39f4453a0ccab6901c8558035fb28c88e | Desktop, Mobile Phishing Campaign Targets South Korean Websites, Steals Credentials Via Watering Hole | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.28.Desktop_Mobile_Phishing_Campaign/Desktop%2C%20Mobile%20Phishing%20Campaign%20Targets%20South%20Korean%20Websites%2C%20Steals%20Credentials%20Via%20Watering%20Hole.pdf |
| 930 | 2019-03-28 | a402f58c3fec03e316f0a32a06f8d27e1139e91f | Above+Us+Only+Stars | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.28.Exposing_GPS_Spoofing_in_Russia_and_Syria/Above%2BUs%2BOnly%2BStars.pdf |
| 931 | 2019-03-28 | bc9559486d50da1b8b146b9e79eac54a3f687ad9 | Threat Actor Group using UAC Bypass Module to run BAT File | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.03.28.UAC_Bypass_BAT_APT/Threat%20Actor%20Group%20using%20UAC%20Bypass%20Module%20to%20run%20BAT%20File.pdf |
| 932 | 2019-03-29 | b65c2bd1f50ac2172ba00b59e1dc08750f7d7089 | Group-IB_js-sniffers | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Group-IB/Group-IB_js-sniffers.pdf |
| 933 | 2019-04-02 | 6645296c925133446d4e213a547235692761d5c2 | OceanLotus-Steganography-Malware-Analysis-White-Paper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.02.OceanLotus_Steganography/OceanLotus-Steganography-Malware-Analysis-White-Paper.pdf |
| 934 | 2019-04-10 | 3480bf45d133f7d3ba136459a553b7e31d0a7945 | ASEC_REPORT_vol.94_ENG | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/AhnLab/ASEC_REPORT_vol.94_ENG.pdf |
| 935 | 2019-04-10 | 6b072f25aa4a4e3071a95d5a0fd24db526982ab5 | Gaza Cybergang Group1 operation SneakyPastes | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.10.Operation_SneakyPastes/Gaza%20Cybergang%20Group1%20operation%20SneakyPastes.pdf |
| 936 | 2019-04-10 | c3cd4cdd06ff5b16a71e70b7553ccf9f8e6b7398 | Project TajMahal | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.10.Project_TajMahal/Project%20TajMahal.pdf |
| 937 | 2019-04-10 | dbc6091818e127de82037d85aacb7c481c4f5cf9 | The Muddy Waters of APT Attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.10.Muddy_Waters/The%20Muddy%20Waters%20of%20APT%20Attacks.pdf |
| 938 | 2019-04-17 | 63d59610f60df26243e333a3b55f0b24e4b277ce | DNS Hijacking Abuses Trust In Core Internet Service | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.17.Operation_Sea_Turtle/DNS%20Hijacking%20Abuses%20Trust%20In%20Core%20Internet%20Service.pdf |
| 939 | 2019-04-17 | 85bcaafddb3ff5885c24b6c80dbb6a400225c7e7 | Aggah Campaign_ Bit.ly, BlogSpot, and Pastebin Used for C2 in Large Scale Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.17.Aggah_Campaign/Aggah%20Campaign_%20Bit.ly%2C%20BlogSpot%2C%20and%20Pastebin%20Used%20for%20C2%20in%20Large%20Scale%20Campaign.pdf |
| 940 | 2019-04-19 | 0acc6bd7228fe5a1b059de2ba51e76cbe9717fc4 | Funky malware format found in Ocean Lotus sample | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.19.Funky_malware_format/Funky%20malware%20format%20found%20in%20Ocean%20Lotus%20sample.pdf |
| 941 | 2019-04-22 | 0a977831b7d744518f28166129f70d575f59c706 | FINTEAM Trojanized TeamViewer Against Government Targets | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.22.FINTEAM/FINTEAM%20Trojanized%20TeamViewer%20Against%20Government%20Targets.pdf |
| 942 | 2019-04-23 | abc7a05c68aa39ac904c0f59a30c583f7c379da0 | Operation ShadowHammer | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.23.Operation_ShadowHammer/Operation%20ShadowHammer.pdf |
| 943 | 2019-04-24 | caac870b8cbd272994634d3816596b7cffaf3a65 | CyberInt_Legit Remote Access Tools Turn Into Threat Actors' Tools_Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.24.TA505_Abusing_Legit_Remote_Admin_Tool/CyberInt_Legit%20Remote%20Access%20Tools%20Turn%20Into%20Threat%20Actors%27%20Tools_Report.pdf |
| 944 | 2019-04-30 | ebffba8a872949b48dfccc012ab5ddb43e72ec32 | SectorB06 using Mongolian language in lure document | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.04.30.SectorB06_Mongolian/SectorB06%20using%20Mongolian%20language%20in%20lure%20document.pdf |
| 945 | 2019-05-03 | 2a4e1461e95a6686cc8674c594d657864af2fdd4 | ZooPark_for_public_final_edited | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.03.ZooPark/ZooPark_for_public_final_edited.pdf |
| 946 | 2019-05-07 | 2a04fb97ff89595bc49dd71a7246402e3b355cc6 | ATMitch_ New Evidence Spotted In The Wild | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.07.ATMitch/ATMitch_%20New%20Evidence%20Spotted%20In%20The%20Wild.pdf |
| 947 | 2019-05-07 | 44ea6ae12ca986a5d64d3207c7aa4fb3cf33559f | ESET-LightNeuron | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.07.Turla_LightNeuron/ESET-LightNeuron.pdf |
| 948 | 2019-05-07 | cc79d68f7bbad680581f53cc4a797e27ff7f2d6d | Buckeye_ Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.07.Buckeye/Buckeye_%20Espionage%20Outfit%20Used%20Equation%20Group%20Tools%20Prior%20to%20Shadow%20Brokers%20Leak.pdf |
| 949 | 2019-05-08 | 30c64f7061efd41ebb2621201ff7bcda966b9bf4 | FIN7.5_ the infamous cybercrime rig “FIN7” continues its activities | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.08.Fin7.5/FIN7.5_%20the%20infamous%20cybercrime%20rig%20%E2%80%9CFIN7%E2%80%9D%20continues%20its%20activities.pdf |
| 950 | 2019-05-08 | 619395650b3c940cb49565b2d3ec3f720aab829c | OceanLotus Attacks to Indochinese Peninsula | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.08.OceanLotus/OceanLotus%20Attacks%20to%20Indochinese%20Peninsula.pdf |
| 951 | 2019-05-09 | ce32030f97d19ef396191e8fe995c48d22e5d345 | Iranian-Nation-State-APT-Leak-Analysis-and-Overview | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.09.Iranian_APT_Leak/Iranian-Nation-State-APT-Leak-Analysis-and-Overview.pdf |
| 952 | 2019-05-11 | 41c70ebe7812a4294dd57b68c88f759a5e0ce383 | Chineses Actor APT target Ministry of Justice Vietnamese | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.11.Chinese_APT_Vietnamese/Chineses%20Actor%20APT%20target%20Ministry%20of%20Justice%20Vietnamese.pdf |
| 953 | 2019-05-13 | 9d46bb706eb0d5d43dc905423023e9aff6991c55 | ScarCruft continues to evolve, introduces Bluetooth harvester _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.13.ScarCruft_Bluetooth/ScarCruft%20continues%20to%20evolve%2C%20introduces%20Bluetooth%20harvester%20_%20Securelist.pdf |
| 954 | 2019-05-13 | bde94f1f14bf4eab0c2e31a11b49fe9876052b8b | APT_trends_report_Q1_2019_Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Kaspersky/APT_trends_report_Q1_2019_Securelist.pdf |
| 955 | 2019-05-15 | 62d22fd778d5bf335028f9386e92f8b9aa9811a3 | Winnti_ More than just Windows and Gates | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.15.Winnti_More/Winnti_%20More%20than%20just%20Windows%20and%20Gates.pdf |
| 956 | 2019-05-18 | 8dd85d0b058d6c9b1690bf6fb27664580cb3bf8a | Operation_BlackLion_CN_Version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.18.Operation_BlackLion/Operation_BlackLion_CN_Version.pdf |
| 957 | 2019-05-19 | c8ff7fe5837302a788e0d7f6c3fa24c05085399f | HiddenWasp Malware Stings Targeted Linux Systems | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.19.HiddenWasp_Linux/HiddenWasp%20Malware%20Stings%20Targeted%20Linux%20Systems.pdf |
| 958 | 2019-05-22 | 292a82b4d699244f339dfa66e7e8d0f7661a2c8f | A journey to Zebrocy land | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.22.Zebrocy_Land/A%20journey%20to%20Zebrocy%20land.pdf |
| 959 | 2019-05-24 | fe7fcff34a36daaf1e988c0f20d828109848738f | Uncovering New Activity By APT10 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.24_APT10_New_Activity/Uncovering%20New%20Activity%20By%20APT10.pdf |
| 960 | 2019-05-27 | 2efff1ec551ea165c19822b678c4d3368f066159 | APT-C-38_cn | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.27.APT-C-38/APT-C-38_cn.pdf |
| 961 | 2019-05-27 | 3c39c3b63249d38e1637d2d0a47edb52c25276bf | APT-C-38_en_google_translate | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.27.APT-C-38/APT-C-38_en_google_translate.pdf |
| 962 | 2019-05-28 | 9ddcf2053edf7a3ec8fb74ab679878d82c6641e7 | Emissary Panda Attacks Middle East Government Sharepoint Servers | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.28.Emissary_Panda/Emissary%20Panda%20Attacks%20Middle%20East%20Government%20Sharepoint%20Servers.pdf |
| 963 | 2019-05-29 | 3aaa08c08ae5f7adadadc35a1e4302dc943be6c2 | TA505 is Expanding its Operations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.29.TA505/TA505%20is%20Expanding%20its%20Operations.pdf |
| 964 | 2019-05-29 | a6ba7a30e00dec1c0341a901572825a60753e53b | A dive into Turla PowerShell usage | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.29.Turla_PowerShell/A%20dive%20into%20Turla%20PowerShell%20usage.pdf |
| 965 | 2019-05-30 | 76e14cfaa39d05af8d921b02aab1016b5d998f1a | Talos Blog __ Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ 10 years of virtual dynamite_ A high-level retrospective of ATM malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.05.30.10_Years_ATM_Malware/Talos%20Blog%20__%20Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%2010%20years%20of%20virtual%20dynamite_%20A%20high-level%20retrospective%20of%20ATM%20malware.pdf |
| 966 | 2019-06-03 | 7a66214339c20e72e3fe442504e81a8b552f6a2b | Zebrocy Multilanguage Malware Salad | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.03.Zebrocy/Zebrocy%20Multilanguage%20Malware%20Salad.pdf |
| 967 | 2019-06-04 | 1d2a2587e69517b4af1af2aca67f3048e624583c | An-APT-Blueprint-Gaining-New-Visibility-into-Financial-Threats-interactive | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.04.APT_Blueprint/An-APT-Blueprint-Gaining-New-Visibility-into-Financial-Threats-interactive.pdf |
| 968 | 2019-06-05 | da5367c9a88967ac55d056236f865d9f220995be | scattered-canary | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.05.Scattered_Canary/scattered-canary.pdf |
| 969 | 2019-06-10 | 65d6629d404ee56e787d34e1220ebb9fc59e3733 | Threat Spotlight_ MenuPass_QuasarRAT Backdoor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.10.MenuPass_QuasarRAT_Backdoor/Threat%20Spotlight_%20MenuPass_QuasarRAT%20Backdoor.pdf |
| 970 | 2019-06-10 | ae3f5f3ef2ca2f5e90c1909b47566255452291ed | wp_new_muddywater_findings_uncovered | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.10.MuddyWater_Resurfaces/wp_new_muddywater_findings_uncovered.pdf |
| 971 | 2019-06-10 | f09b15eefe23d664f889c7ffcfd4fb1be6667ff7 | blog_new_muddywater_findings_uncovered | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.10.MuddyWater_Resurfaces/blog_new_muddywater_findings_uncovered.pdf |
| 972 | 2019-06-11 | 400e04bf19bcfa10af7df51240f27bab15f12644 | The Discovery of Fishwrap_ A New Social Media Information Operation Methodology | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.11.Fishwrap_Group/The%20Discovery%20of%20Fishwrap_%20A%20New%20Social%20Media%20Information%20Operation%20Methodology.pdf |
| 973 | 2019-06-11 | e9a48a1a62bc4d489aad6ebc74effcd32185c39a | cta-2019-0612 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.11.Fishwrap_Group/cta-2019-0612.pdf |
| 974 | 2019-06-12 | 995f3a4bce373530924a55e84cc574ee6d3fcfbf | Threat Group Cards | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.12.Threat_Group_Cards/Threat%20Group%20Cards.pdf |
| 975 | 2019-06-20 | 2b11ea5b0277264f527bfaff62e4ae5510b7521a | OceanLotus | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.20.OceanLotus_New_Approaches/OceanLotus.pdf |
| 976 | 2019-06-21 | 59a715d0a7248235ea9291d0ff374cc9036ce956 | Waterbug_ Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.21.Waterbug/Waterbug_%20Espionage%20Group%20Rolls%20Out%20Brand-New%20Toolset%20in%20Attacks%20Against%20Governments.pdf |
| 977 | 2019-06-25 | a2c44d6f87fc6ec9067b543489eda3e5212a92f6 | MuddyC3 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.25.MuddyC3/MuddyC3.pdf |
| 978 | 2019-06-25 | fa04b0ea75e68099ee012da02872f9138b6362c0 | Operation Soft Cell_ A Worldwide Campaign Against Telecommunications Providers | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.25.Operation_Soft_Cell/Operation%20Soft%20Cell_%20A%20Worldwide%20Campaign%20Against%20Telecommunications%20Providers.pdf |
| 979 | 2019-06-26 | 34e9bd7aa78ee059a78b0575dfe21ef50cc8714a | ASEC_REPORT_vol.95_ENG | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/AhnLab/ASEC_REPORT_vol.95_ENG.pdf |
| 980 | 2019-06-26 | de735ed34de84f6101fb2a90f36d69f0fd90ba6e | cta-2019-0626 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.26.Iranian_to_Saudi/cta-2019-0626.pdf |
| 981 | 2019-06-27 | f48dd456559ef8f158786535e70c8fb86f193086 | ShadowGate Returns to Worldwide Operations With Evolved Greenflash Sundown Exploit Kit | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.06.27.ShadowGate_Returns/ShadowGate%20Returns%20to%20Worldwide%20Operations%20With%20Evolved%20Greenflash%20Sundown%20Exploit%20Kit.pdf |
| 982 | 2019-07-01 | ac7434961a98d0994f352e917c30b1bf118cbb7f | New Network Vermin from OceanLotus | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.01.OceanLotus_Ratsnif/New%20Network%20Vermin%20from%20OceanLotus.pdf |
| 983 | 2019-07-01 | af54e77fd3be3089a4cb100c87b57243eeb33c5c | Operation Tripoli | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.01.Operation_Tripoli/Operation%20Tripoli%20.pdf |
| 984 | 2019-07-03 | b2d41d9df27085f0362d6ce402bd438191e44611 | Multiple Chinese Threat Groups Exploiting CVE-2018-0798 Equation Editor Vulnerability Since Late 2018 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.03.Chinese_APT_CVE-2018-0798/Multiple%20Chinese%20Threat%20Groups%20Exploiting%20CVE-2018-0798%20Equation%20Editor%20Vulnerability%20Since%20Late%202018.pdf |
| 985 | 2019-07-04 | 04da12e4c212bd727bc80d7fd34b99a99fbc01f0 | Twas the night before | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.04.NewsBeef_APT/Twas%20the%20night%20before.pdf |
| 986 | 2019-07-04 | 64aaf1f5805a05b764dce466e56b95d949384d3d | Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.04.TA505_Gelup_FlowerPippi/Latest%20Spam%20Campaigns%20from%20TA505%20Now%20Using%20New%20Malware%20Tools%20Gelup%20and%20FlowerPippi.pdf |
| 987 | 2019-07-04 | a082ec5024c8f285011e9287fa2b4c65dc13f784 | Tech-Brief-Latest-Spam-Campaigns-from-TA505-Now-Using-New-Malware-Tools-Gelup-and-FlowerPippi | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.04.TA505_Gelup_FlowerPippi/Tech-Brief-Latest-Spam-Campaigns-from-TA505-Now-Using-New-Malware-Tools-Gelup-and-FlowerPippi.pdf |
| 988 | 2019-07-04 | ca8b92328e1e85f3aa6e210d755b2304a7ac92c5 | Appendix-Latest-Spam-Campaigns-from-TA505-Now-Using-New-Malware-Tools-Gelup-and-FlowerPippi | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.04.TA505_Gelup_FlowerPippi/Appendix-Latest-Spam-Campaigns-from-TA505-Now-Using-New-Malware-Tools-Gelup-and-FlowerPippi.pdf |
| 989 | 2019-07-09 | 395d694e53af9f7d880ea552184d73da10113932 | Sea Turtle keeps on swimming, finds new victims, DNS hijacking techniques | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.09.SeaTurtle_swimming/Sea%20Turtle%20keeps%20on%20swimming%2C%20finds%20new%20victims%2C%20DNS%20hijacking%20techniques.pdf |
| 990 | 2019-07-11 | 93a54e05256a696ca20d04ad96cac47ff217fe46 | Buhtrap group uses zero‑day in latest espionage campaigns | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.11.Buhtrap_Group/Buhtrap%20group%20uses%20zero%E2%80%91day%20in%20latest%20espionage%20campaigns.pdf |
| 991 | 2019-07-15 | f70124b7928375bd7bcfaacfc82a3ce0c2f915b9 | Comprehensive Threat Intelligence_ SWEED_ Exposing years of Agent Tesla campaigns | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.15.SWEED/Comprehensive%20Threat%20Intelligence_%20SWEED_%20Exposing%20years%20of%20Agent%20Tesla%20campaigns.pdf |
| 992 | 2019-07-16 | 55126780b716d34c5c6008e532a90033d711b9ce | SLUB Gets Rid of GitHub, Intensifies Slack Use | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.16.SLUB/SLUB%20Gets%20Rid%20of%20GitHub%2C%20Intensifies%20Slack%20Use.pdf |
| 993 | 2019-07-17 | d7d64b499ca32d365e725759c7954e2402245243 | Newly identified StrongPity operations _ AT&T Alien Labs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.17.StrongPity_operations/Newly%20identified%20StrongPity%20operations%20_%20AT%26T%20Alien%20Labs.pdf |
| 994 | 2019-07-17 | e5e69cfd5429be15882d043f1938318d889b9f13 | EvilGnome_ Rare Malware Spying on Desktop Users | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.17.EvilGnome/EvilGnome_%20Rare%20Malware%20Spying%20on%20Desktop%20Users.pdf |
| 995 | 2019-07-18 | 0dad2641edd25884332561da5c6f489ad7f03287 | Appendix_Spam_Campaign_Targets_Colombian_Entities_with_Custom_made_Proyecto_RAT_Uses_Email_Service_YOPmail_for_C&C | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.18.Proyecto_RAT_Colombian/Appendix_Spam_Campaign_Targets_Colombian_Entities_with_Custom_made_Proyecto_RAT_Uses_Email_Service_YOPmail_for_C%26C.pdf |
| 996 | 2019-07-18 | 358d09240838bd7382a6ee58371630ba664417f3 | ESET_Okrum_and_Ketrican | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.18.Okrum/ESET_Okrum_and_Ketrican.pdf |
| 997 | 2019-07-18 | ab5a3d917c59c67a94fde5589a312a8e6ad8226b | Hard Pass_ Declining APT34’s Invite to Join Their Professional Network | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.18.APT34_Hard_Pass/Hard%20Pass_%20Declining%20APT34%E2%80%99s%20Invite%20to%20Join%20Their%20Professional%20Network.pdf |
| 998 | 2019-07-18 | d1a406b5f3f4da0e835a7a2615a75c39dc97625e | Spam Campaign Targets Colombian Entities with Custom-made Proyecto RAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.18.Proyecto_RAT_Colombian/Spam%20Campaign%20Targets%20Colombian%20Entities%20with%20Custom-made%20Proyecto%20RAT.pdf |
| 999 | 2019-07-24 | 1ed4d23f831d5a39400067baba7180048ed14bcc | Chinese_APT_Operation_LagTime_IT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.24.Operation_LagTime_IT/Chinese_APT_Operation_LagTime_IT.pdf |
| 1000 | 2019-07-24 | a5d4f0b2aee94d71881c40b25ef7e195397c1238 | Winnti_ Attacking the Heart of the German Industry | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.24.Winnti_German/Winnti_%20Attacking%20the%20Heart%20of%20the%20German%20Industry.pdf |
| 1001 | 2019-07-24 | e4772882fe35af3650068b0665a2d12c24999e51 | Resurgent Iron Liberty Targeting Energy Sector | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.07.24.Resurgent_Iron_Liberty/Resurgent%20Iron%20Liberty%20Targeting%20Energy%20Sector.pdf |
| 1002 | 2019-08-05 | 652b8faba79ef2ce0319b32a248f5119df2becea | MACHETE_JUST_GOT_SHARPER | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.05.Sharpening_the_Machete/MACHETE_JUST_GOT_SHARPER.pdf |
| 1003 | 2019-08-05 | c7a8c2597269ab369b4f0527056f9bb13c65a2a6 | blog_Sharpening the Machete | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.05.Sharpening_the_Machete/blog_Sharpening%20the%20Machete.pdf |
| 1004 | 2019-08-05 | fd101f08963e1a83893fb0b6d4c9a87fa767366f | Latest Trickbot Campaign Delivered via Highly Obfuscated JS File | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.05.Trickbot_Obfuscated_JS/Latest%20Trickbot%20Campaign%20Delivered%20via%20Highly%20Obfuscated%20JS%20File%20.pdf |
| 1005 | 2019-08-07 | 019a477a367638a85bdbe72d36a1b44c227f5311 | report_APT41 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.07.APT41/report_APT41.pdf |
| 1006 | 2019-08-07 | b8d1d27753e223c940bd1e4e3da2ceaa9aa5c798 | blog_APT41 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.07.APT41/blog_APT41.pdf |
| 1007 | 2019-08-08 | 8941ac19c6806e460c52e06bca9091a528747bfe | APT_trends_report_Q2_2019_Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Kaspersky/APT_trends_report_Q2_2019_Securelist.pdf |
| 1008 | 2019-08-08 | 9ec45ba171c3e3e0553aa587c0ea245ee641e624 | Suspected BITTER APT Continues Targeting Government of China and Chinese Organizations _ Anomali | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.08.BITTER_APT/Suspected%20BITTER%20APT%20Continues%20Targeting%20Government%20of%20China%20and%20Chinese%20Organizations%20_%20Anomali.pdf |
| 1009 | 2019-08-12 | 24908852ae8e0ddf8bd67d2357d3666c12a5cf65 | Recent Cloud Atlas activity _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.12.Cloud_Atlas_activity/Recent%20Cloud%20Atlas%20activity%20_%20Securelist.pdf |
| 1010 | 2019-08-14 | 36044243987dace8e439a54a8d4fce6f3508126a | In the Balkans, businesses are under fire from a double‑barreled weapon | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.14.Balkans_Campaign/In%20the%20Balkans%2C%20businesses%20are%20under%20fire%20from%20a%20double%E2%80%91barreled%20weapon.pdf |
| 1011 | 2019-08-19 | 67440565b692e876ec56665cf26abff2be2a9019 | Cybersecurity-threatscape-2019-Q1-eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/PTSecurity/Cybersecurity-threatscape-2019-Q1-eng.pdf |
| 1012 | 2019-08-20 | 1480230e06960862b7e019f750647ddc9d5d9954 | CyberThreatIntel_Malware analysis 20-08-19.md at master · StrangerealIntel_CyberThreatIntel | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.20.unknown_Chinese_APT/CyberThreatIntel_Malware%20analysis%2020-08-19.md%20at%20master%20%C2%B7%20StrangerealIntel_CyberThreatIntel.pdf |
| 1013 | 2019-08-21 | 49745a6ffd7b522f125c3fd57068a6071f3ddb98 | Cybersecurity-threatscape-2019-Q2-eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/PTSecurity/Cybersecurity-threatscape-2019-Q2-eng.pdf |
| 1014 | 2019-08-21 | bb4b9c2d558621a3feee2b00f4edcec0448646ed | silence_2.0.going_global | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.21.Silence_2.0/silence_2.0.going_global.pdf |
| 1015 | 2019-08-21 | cfaa2dfdf88f75f5a6d8587bbb80d8080290e999 | The Gamaredon Group_ A TTP Profile Analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.21.Gamaredon_Group/The%20Gamaredon%20Group_%20A%20TTP%20Profile%20Analysis.pdf |
| 1016 | 2019-08-22 | 8e6ded91de2f0755c2dabc9576cbd97d62535c68 | Operation-Taskmasters-2019-eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.22.Operation_TaskMasters/Operation-Taskmasters-2019-eng.pdf |
| 1017 | 2019-08-26 | 6f061c5514738986949d75a81905dc4556e27605 | APT-C-09 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.26.APT-C-09/APT-C-09.pdf |
| 1018 | 2019-08-27 | 07056592eb633d1fb9a42b38da28d3fd2fcc5c95 | China Chopper still active 9 years later | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.27.China_Chopper/China%20Chopper%20still%20active%209%20years%20later.pdf |
| 1019 | 2019-08-27 | 588b19b571321e82e811aaf1179803da45f8c6cf | Cyber Threat Group LYCEUM Takes Center Stage in Middle East Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.27.LYCEUM_threat_group/Cyber%20Threat%20Group%20LYCEUM%20Takes%20Center%20Stage%20in%20Middle%20East%20Campaign.pdf |
| 1020 | 2019-08-27 | 9ced6cf135cc62446e18b0fb170b3b6fe8441047 | TA505 At It Again_ Variety is the Spice of ServHelper and FlawedAmmyy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.27.TA505_Again/TA505%20At%20It%20Again_%20Variety%20is%20the%20Spice%20of%20ServHelper%20and%20FlawedAmmyy.pdf |
| 1021 | 2019-08-27 | b9e9c9068ccf57ff43360db27a1e992a313c7514 | Malware analysis about sample of APT Patchwork | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.27.Patchwork_Malware_Analysis/Malware%20analysis%20about%20sample%20of%20APT%20Patchwork.pdf |
| 1022 | 2019-08-29 | 61ab7b454558c8b432bda47f784667aa11f5a074 | SectorJ04 Group’s Increased Activity in 2019 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.29.SectorJ04_2019/SectorJ04%20Group%E2%80%99s%20Increased%20Activity%20in%202019.pdf |
| 1023 | 2019-08-29 | bcbd65daf124728e6731e0decb7b4e01b64864dc | Heatstroke Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.29.Heatstroke_Campaign/Heatstroke%20Campaign%20Uses%20Multistage%20Phishing%20Attack%20to%20Steal%20PayPal%20and%20Credit%20Card%20Information.pdf |
| 1024 | 2019-08-29 | e1ba4c5db4982f4aac36cea2429be505196f7ff9 | tickgroupavar201920191111chaminseokpublish-191126231730 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.29_Tick_Tock/tickgroupavar201920191111chaminseokpublish-191126231730.pdf |
| 1025 | 2019-08-29 | f7e0afcb7fd22d35bb6ca3bd665f830c2991b713 | More_eggs, Anyone_ Threat Actor ITG08 Strikes Again | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.29.FIN6_ITG08/More_eggs%2C%20Anyone_%20Threat%20Actor%20ITG08%20Strikes%20Again.pdf |
| 1026 | 2019-08-31 | ce6de200409d558d88c026c9ab087ed1c836db28 | Bitter_APT_Malware_analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.08.31.Bitter_APT_Malware_analysis/Bitter_APT_Malware_analysis.pdf |
| 1027 | 2019-09-04 | 8cde271eb5fe7b54b667ee88368518c7b2fdbacc | Glupteba Campaign Hits Network Routers and Updates C&C Servers with Data from Bitcoin Transactions | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.04.Glupteba_Campaign/Glupteba%20Campaign%20Hits%20Network%20Routers%20and%20Updates%20C%26C%20Servers%20with%20Data%20from%20Bitcoin%20Transactions.pdf |
| 1028 | 2019-09-05 | 5b6bccee4b358c195ea7d80c118d6e9a793f3ed7 | UPSynergy_ Chinese-American Spy vs. Spy Story | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.05.UPSynergy/UPSynergy_%20Chinese-American%20Spy%20vs.%20Spy%20Story.pdf |
| 1029 | 2019-09-06 | cf011cca773f812145c8e81d8f1bade04e716732 | BITTER APT_ Not So Sweet | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.06.BITTER_APT_Not_So_Sweet/BITTER%20APT_%20Not%20So%20Sweet.pdf |
| 1030 | 2019-09-09 | 537bd87d34bbeab8077bb7e199475a9dffa9f58f | Thrip_ Ambitious Attacks Against High Level Targets Continue | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.09.Thrip/Thrip_%20Ambitious%20Attacks%20Against%20High%20Level%20Targets%20Continue.pdf |
| 1031 | 2019-09-11 | a873e9f1ba1904911a92497f949b9b10c701d931 | RANCOR APT_ Suspected targeted attacks against South East Asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.11.RANCOR_APT/RANCOR%20APT_%20Suspected%20targeted%20attacks%20against%20South%20East%20Asia.pdf |
| 1032 | 2019-09-15 | 453956dd602ee94ea82c44135308783d153507ba | The-Kittens-Are-Back-in-Town-Charming-Kitten-2019 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.15_Kittens_back/The-Kittens-Are-Back-in-Town-Charming-Kitten-2019.pdf |
| 1033 | 2019-09-18 | 1932e05dd6ba26e752fb89960c24fee7afe7a42b | Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.18.Magecart_Hotel_Chain_Booking/Magecart%20Skimming%20Attack%20Targets%20Mobile%20Users%20of%20Hotel%20Chain%20Booking%20Websites.pdf |
| 1034 | 2019-09-18 | 5d08b29ec4f76e1a6bce6d1507de01df1b188666 | Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.18.Tortoiseshell-APT/Tortoiseshell%20Group%20Targets%20IT%20Providers%20in%20Saudi%20Arabia%20in%20Probable%20Supply%20Chain%20Attacks.pdf |
| 1035 | 2019-09-24 | a713bdf75154084b9f6841ace63fa1919bf504e0 | DeadlyKiss_TAAR | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.24.DeadlyKiss_APT/DeadlyKiss_TAAR.pdf |
| 1036 | 2019-09-24 | d1592835be4b0370146d53603f6eddd0681131a3 | Mapping the connections inside Russia APT Ecosystem | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.24_Russia_APT_Ecosystem/Mapping%20the%20connections%20inside%20Russia%20APT%20Ecosystem.pdf |
| 1037 | 2019-09-24 | e4129398913943732e62a603877b9bb70b998fd9 | How Tortoiseshell created a fake veteran hiring website to host malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.24_New_Tortoiseshell/How%20Tortoiseshell%20created%20a%20fake%20veteran%20hiring%20website%20to%20host%20malware.pdf |
| 1038 | 2019-09-26 | 4231fdbb3b27a90a81d25f8bd60bff7904e910f8 | Chinese APT Hackers Attack Windows Users via FakeNarrator Malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.26_China_APT_FakeNarrator_To_PcShare/Chinese%20APT%20Hackers%20Attack%20Windows%20Users%20via%20FakeNarrator%20Malware.pdf |
| 1039 | 2019-09-30 | 3b57873600b96e7474e6aa88f6c924dd81775b41 | HELO Winnti_ Attack or Scan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.09.30_HELO_Winnti/HELO%20Winnti_%20Attack%20or%20Scan.pdf |
| 1040 | 2019-10-01 | 095871915af386b3addb87036dfca584473b283c | New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.01.kovcoreg-malvertising-campaign/New%20Fileless%20Botnet%20Novter%20Distributed%20by%20KovCoreG%20Malvertising%20Campaign.pdf |
| 1041 | 2019-10-01 | 4169a4d2143afaf8d91eda2397dbbe34c294fdb4 | Tech-Brief-New-Fileless-Botnet-Novter-Distributed-by-KovCoreG-Malvertising-Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.01.kovcoreg-malvertising-campaign/Tech-Brief-New-Fileless-Botnet-Novter-Distributed-by-KovCoreG-Malvertising-Campaign.pdf |
| 1042 | 2019-10-01 | 880e01c8cadd72f8318f79d5c95cc57556b69c56 | New Adwind Campaign targets US Petroleum Industry | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.01.Adwind_Campaign_US_Petroleum_Industry/New%20Adwind%20Campaign%20targets%20US%20Petroleum%20Industry.pdf |
| 1043 | 2019-10-01 | c7a5dcf44c6e0f1f8eb0048caf82f9c436558d73 | Appendix-New-Fileless-Botnet-Novter-Distributed-by-KovCoreG-Malvertising-Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.01.kovcoreg-malvertising-campaign/Appendix-New-Fileless-Botnet-Novter-Distributed-by-KovCoreG-Malvertising-Campaign.pdf |
| 1044 | 2019-10-03 | 0c794545e8fa5eba2e1e806d9817b85ea12cdd88 | PKPLUG_ Chinese Cyber Espionage Group Attacking Asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.03.PKPLUG/PKPLUG_%20Chinese%20Cyber%20Espionage%20Group%20Attacking%20Asia.pdf |
| 1045 | 2019-10-04 | d9104f80cde5ce7667b3acbab40b38f6d2079f00 | VB2019-Garcia-etal | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.04.GEOST_BOTNET/VB2019-Garcia-etal.pdf |
| 1046 | 2019-10-07 | 426093a99e7a45aa88da697cd1503fb3a5fd745d | The Kittens Are Back in Town 2 - Charming Kitten Campaign Keeps Going on, Using New Impersonation Methods - ClearSky Cyber Security | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.07.Charming_Kitten_Back_in_Town_2/The%20Kittens%20Are%20Back%20in%20Town%202%20-%20Charming%20Kitten%20Campaign%20Keeps%20Going%20on%2C%20Using%20New%20Impersonation%20Methods%20-%20ClearSky%20Cyber%20Security.pdf |
| 1047 | 2019-10-07 | 93a3c3b7f8285726b22ead392e71b3e1626f7d10 | The-Kittens-Are-Back-in-Town-2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.07.Charming_Kitten_Back_in_Town_2/The-Kittens-Are-Back-in-Town-2.pdf |
| 1048 | 2019-10-07 | bf791907d880bddae90894ed89b4b453d0c11498 | CERTFR-2019-CTI-005 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.07.Supply_Chain_Attacks/CERTFR-2019-CTI-005.pdf |
| 1049 | 2019-10-07 | d7541e81aea48ec49932896620416f0dd9f9dfde | China-Based APT Mustang Panda Targets Minority Groups, Public and Private Sector Organizations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.07.Panda_minority-groups/China-Based%20APT%20Mustang%20Panda%20Targets%20Minority%20Groups%2C%20Public%20and%20Private%20Sector%20Organizations.pdf |
| 1050 | 2019-10-09 | 9e96e893e70535aacbc087d16f73a909fd2602d9 | FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.09_FIN6_Magecart/FIN6%20Compromised%20E-commerce%20Platform%20via%20Magecart%20to%20Inject%20Credit%20Card%20Skimmers%20Into%20Thousands%20of%20Online%20Shops.pdf |
| 1051 | 2019-10-10 | 23e4d67dd76553f78f40f1a30aef6bd88ca7200e | Mahalo_FIN7 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.10.Fin7/Mahalo_FIN7.pdf |
| 1052 | 2019-10-10 | 6b2579a0886d2a14bb3f4a86cb5f18782da63fe3 | ASEC_REPORT_vol.96_ENG | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/AhnLab/ASEC_REPORT_vol.96_ENG.pdf |
| 1053 | 2019-10-10 | bbb2512ccf7681d73faa6a447fdbda1fb5da9b2d | ESET discovers Attor, a spy platform with curious GSM fingerprinting _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.10.Attor_GSM_fingerprinting_spy_platform/ESET%20discovers%20Attor%2C%20a%20spy%20platform%20with%20curious%20GSM%20fingerprinting%20_%20WeLiveSecurity.pdf |
| 1054 | 2019-10-10 | dc342c30cc53686416204d97ceb44156f1ecf5e8 | ESET_Attor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.10.Attor_GSM_fingerprinting_spy_platform/ESET_Attor.pdf |
| 1055 | 2019-10-10 | fa008c2924f69b019af1924b429744d76ca11e1f | ESET_Winnti | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.10.Winnti_Group/ESET_Winnti.pdf |
| 1056 | 2019-10-14 | c0061604b409cad311414bd47b97ba6ec79bb642 | winnti_EN | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.14.From_tweet_to_rootkit/winnti_EN.pdf |
| 1057 | 2019-10-14 | d30068cc3f5856ba52df3b019e5eaa8653e22d77 | huge-fan-of-your-work-intelligence-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.14.TURBINE_PANDA/huge-fan-of-your-work-intelligence-report.pdf |
| 1058 | 2019-10-14 | eb99c745139bd6e46e81745dfd72e41325a02ad4 | Is Emotet gang targeting companies with external SOC | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.14.Emotet_external_SOC/Is%20Emotet%20gang%20targeting%20companies%20with%20external%20SOC.pdf |
| 1059 | 2019-10-15 | 0511740e527c025858aa577e7b6b198f28e2a1ac | LOWKEY_ Hunting for the Missing Volume Serial ID | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.15.LOWKEY/LOWKEY_%20Hunting%20for%20the%20Missing%20Volume%20Serial%20ID.pdf |
| 1060 | 2019-10-17 | d6f66a51549b7c2090135e8cb8c40a68c152018d | ESET_Operation_Ghost_Dukes | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.17.Operation_Ghost/ESET_Operation_Ghost_Dukes.pdf |
| 1061 | 2019-10-21 | 152af7cf47b0d2a89e2415d2d44acf4a50e15f4c | VB2019-Garcia-etal | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.21_Geost_botnet/VB2019-Garcia-etal.pdf |
| 1062 | 2019-10-21 | 7f98a609e1dcd3f69a822d3636c28f7a9e2dd105 | Winnti Group’s skip‑2.0_ A Microsoft SQL Server backdoor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.21.Winnti_skip_2.0/Winnti%20Group%E2%80%99s%20skip%E2%80%912.0_%20A%C2%A0Microsoft%20SQL%20Server%20backdoor.pdf |
| 1063 | 2019-10-28 | 29d8473954434c405b838e895f2adfd734dd215b | SWEED Targeting Precision Engineering Companies in Italy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.28_SWEED_Italy/SWEED%20Targeting%20Precision%20Engineering%20Companies%20in%20Italy.pdf |
| 1064 | 2019-10-31 | cb3f46cb9def5b9bc1185e5fd60d390f77dc3834 | MESSAGETAP_ Who’s Reading Your Text Messages | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.31.MESSAGETAP/MESSAGETAP_%20Who%E2%80%99s%20Reading%20Your%20Text%20Messages.pdf |
| 1065 | 2019-10-31 | fa36f2632e6b9ff400f8b3ad9539f3bf4a586dec | calypso-apt-2019-eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.10.31.Calypso_APT/calypso-apt-2019-eng.pdf |
| 1066 | 2019-11-04 | d043d2ce37e8e5a249f59e30eb2608801a3a3f30 | Is Lazarus_APT38 Targeting Critical Infrastructures _ – Marco Ramilli Web Corner | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.04.Lazarus_APT38/Is%20Lazarus_APT38%20Targeting%20Critical%20Infrastructures%20_%20%E2%80%93%20Marco%20Ramilli%20Web%20Corner.pdf |
| 1067 | 2019-11-04 | f17a8bf210b805556ebaa1488ab937d8a035d27d | (cn)_higaisa_apt_report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.04.Higaisa_APT/%28cn%29_higaisa_apt_report.pdf |
| 1068 | 2019-11-05 | 8b90e283d66e6e3222641f09269ad28eda4127bf | LAZARUS_GAZE_APT38 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.05.LAZARUS_GAZE/LAZARUS_GAZE_APT38.pdf |
| 1069 | 2019-11-08 | 80b06f28ee5e364f47ca3a290b160b2de61bcc0f | Titanium_ the Platinum group strikes again | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.08_Titanium_Action_Platinum_group/Titanium_%20the%20Platinum%20group%20strikes%20again.pdf |
| 1070 | 2019-11-08 | 9d6dcfc9a673613fdafe7d967945a0a97308de19 | Massive malicious campaign by FakeSecurity JS-sniffer | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.08_FakeSecurity_JS-sniffer/Massive%20malicious%20campaign%20by%20FakeSecurity%20JS-sniffer.pdf |
| 1071 | 2019-11-12 | 3836ed16ed8e861c19344558cb4bd40b6d3b6415 | TA-505 Cybercrime on System Integrator Companies | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.12_TA-505_On_SI/TA-505%20Cybercrime%20on%20System%20Integrator%20Companies.pdf |
| 1072 | 2019-11-13 | 91c0a6c0cd95b42991ea7981be1bec29974df17f | sophoslabs-uncut-2020-threat-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Sophos/sophoslabs-uncut-2020-threat-report.pdf |
| 1073 | 2019-11-13 | fe8df78646bee14a74f2f88f76bdda52a611f8b6 | More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.13.APT33_Extreme%EF%BC%BFNarrow_Targeting/More%20than%20a%20Dozen%20Obfuscated%20APT33%20Botnets%20Used%20for%20Extreme%20Narrow%20Targeting.pdf |
| 1074 | 2019-11-20 | 192be8ca1c779e40ef93e950065e84f5d900161e | APT-C-34.cn | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.20.Golden_Eagle_APT-C-34/APT-C-34.cn.pdf |
| 1075 | 2019-11-20 | cf1750865234a5840d529a498a5fa1107d79fe64 | Mac Backdoor Linked to Lazarus Targets Korean Users | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.20.Mac_Lazarus/Mac%20Backdoor%20Linked%20to%20Lazarus%20Targets%20Korean%20Users.pdf |
| 1076 | 2019-11-21 | f9ec0ec31ccab12f99b03f09a0882b3d30a3365a | Registers as “Default Print Monitor”, but is a malicious downloader. Meet DePriMon | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.21.DePriMon/Registers%20as%20%E2%80%9CDefault%20Print%20Monitor%E2%80%9D%2C%20but%20is%20a%20malicious%20downloader.%20Meet%20DePriMon.pdf |
| 1077 | 2019-11-25 | 688771ff7a16425f001508bbb46242248d74545e | Studying Donot Team | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.25_Donot_Team/Studying%20Donot%20Team.pdf |
| 1078 | 2019-11-25 | 7c4c067c4853d72e3c561eaf388d8494f57c514c | cybersecurity-threatscape-2019-q3-eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/PTSecurity/cybersecurity-threatscape-2019-q3-eng.pdf |
| 1079 | 2019-11-26 | 6226f5e623d80ddcce349e617498a339d78927d0 | Insights from one year of tracking a polymorphic threat | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.26.Dexphot/Insights%20from%20one%20year%20of%20tracking%20a%20polymorphic%20threat.pdf |
| 1080 | 2019-11-28 | 27c033bcdacc4271b9bd9b08714026ad3832ac73 | RevengeHotels_ cybercrime targeting hotel front desks worldwide | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.28.RevengeHotels/RevengeHotels_%20cybercrime%20targeting%20hotel%20front%20desks%20worldwide.pdf |
| 1081 | 2019-11-29 | 502c37a11fc85045efc1cc7ab019875aba9906a8 | Operation-ENDTRADE-TICK-s-Multi-Stage-Backdoors-for-Attacking-Industries-and-Stealing-Classified-Data | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.29.Operation_ENDTRADE/Operation-ENDTRADE-TICK-s-Multi-Stage-Backdoors-for-Attacking-Industries-and-Stealing-Classified-Data.pdf |
| 1082 | 2019-11-29 | 626f179b5bfca66c6cd149ca061c9717dca2c03d | Group-IB_Hi-Tech_Crime_Trends_2019-2020 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Group-IB/Group-IB_Hi-Tech_Crime_Trends_2019-2020.pdf |
| 1083 | 2019-12-03 | 2e3173ba71b32d02b261f61e1194feccfd8ed085 | Threat Actor Targeting Hong Kong Pro-Democracy Figures | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.03.Hong_Kong_Pro-Democracy/Threat%20Actor%20Targeting%20Hong%20Kong%20Pro-Democracy%20Figures.pdf |
| 1084 | 2019-12-04 | 843e820608adc7a51abb9a74a689d4c3bdb92d75 | Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.04.KurdishCoder_Campaign/Obfuscation%20Tools%20Found%20in%20the%20Capesand%20Exploit%20Kit%20Possibly%20Used%20in%20%E2%80%9CKurdishCoder%E2%80%9D%20Campaign.pdf |
| 1085 | 2019-12-04 | a93d869bc0d4893c042f91e40e777d72db92a77e | New_Destructive_Wiper_ZeroCleare_Final_ | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.04.ZeroCleare/New_Destructive_Wiper_ZeroCleare_Final_.pdf |
| 1086 | 2019-12-06 | b1ec8d737865e2e7feba57c220bd62290a93ed67 | Cosmic Banker campaign is still active revealing link with Banload malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.06.Cosmic_Banker_campaign/Cosmic%20Banker%20campaign%20is%20still%20active%20revealing%20link%20with%20Banload%20malware.pdf |
| 1087 | 2019-12-09 | 0db3e90a27d93efb360e8e0eee9ac0421a09f233 | Group-IB_Hi-Tech_Crime_Trends_2019-2020_en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Group-IB/Group-IB_Hi-Tech_Crime_Trends_2019-2020_en.pdf |
| 1088 | 2019-12-10 | 8acef95af9d674a45608198eb5e80dc7ab65617f | sentinel-one-sentine-6 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.10_TrickBot_Planeswalker/sentinel-one-sentine-6.pdf |
| 1089 | 2019-12-11 | 322a9344111331462baab10d055d78f7055b3c4f | Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.11.1.Operation_WizardOpium/Chrome%200-day%20exploit%20CVE-2019-13720%20used%20in%20Operation%20WizardOpium%20.pdf |
| 1090 | 2019-12-11 | 69bf39301d6e5df6314314995c021963c7f18c94 | Dropping Anchor_ From a TrickBot Infection to the Discovery of the Anchor Malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.11_DROPPING_ANCHOR/Dropping%20Anchor_%20From%20a%20TrickBot%20Infection%20to%20the%20Discovery%20of%20the%20Anchor%20Malware.pdf |
| 1091 | 2019-12-11 | f69b318bff05a1abc62c42a01b120a1e2e54d665 | Waterbear is Back, Uses API Hooking to Evade Security Product Detection | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.11.Waterbear_Back/Waterbear%20is%20Back%2C%20Uses%20API%20Hooking%20to%20Evade%20Security%20Product%20Detection.pdf |
| 1092 | 2019-12-11 | fed1378dbf09119779790de36b53cffcc6bfae5b | Anchor IOCs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.11_DROPPING_ANCHOR/Anchor%20IOCs.pdf |
| 1093 | 2019-12-12 | 3d4b6ef9ea3d3d64c174b6eaf85434ffa4af8d61 | cta-2019-1212 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.12.Operation_Gamework/cta-2019-1212.pdf |
| 1094 | 2019-12-12 | 54840544c79d24dace32a7a4caa8678036b4f7e7 | GALLIUM_ Targeting global telecom | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.12.GALLIUM/GALLIUM_%20Targeting%20global%20telecom.pdf |
| 1095 | 2019-12-12 | 5af7b3313dafaf307421e6de17add21c894cb59c | wp-drilling-deep-a-look-at-cyberattacks-on-the-oil-and-gas-industry | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.12.Drilling_Deep/wp-drilling-deep-a-look-at-cyberattacks-on-the-oil-and-gas-industry.pdf |
| 1096 | 2019-12-16 | 58b815814e28d00219c6b4dec546c23c6a6f2162 | sophoslabs-uncut-mykings-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.16.MyKings/sophoslabs-uncut-mykings-report.pdf |
| 1097 | 2019-12-17 | 17c168147b6c7d7b313a6a014ae6bdb153e778e8 | Dacls, the Dual platform RAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.17.Dacls_RAT/Dacls%2C%20the%20Dual%20platform%20RAT.pdf |
| 1098 | 2019-12-17 | c95263e812d3e831061753ff3d432e50b1c4c571 | CN_Dacls, the Dual platform RAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.17.Dacls_RAT/CN_Dacls%2C%20the%20Dual%20platform%20RAT.pdf |
| 1099 | 2019-12-17 | e54539e7a87e229b70384bd20943c2afd689445c | Rancor_ Cyber Espionage Group Uses New Custom Malware to Attack Southeast Asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.17.Rancor/Rancor_%20Cyber%20Espionage%20Group%20Uses%20New%20Custom%20Malware%20to%20Attack%20Southeast%20Asia.pdf |
| 1100 | 2019-12-19 | 85ddad10bbd8e93e8de1bfedee6563ce5f0c6f96 | 201912_Report_Operation_Wacao | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.19.Operation_Wocao/201912_Report_Operation_Wacao.pdf |
| 1101 | 2019-12-26 | 53ef5f11eca852b962543eb4c172ae012456be72 | Targeting Portugal_ A new trojan 'Lampion' has spread using template emails from the Portuguese Government Finance & Tax | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.26.Trojan-Lampion/Targeting%20Portugal_%20A%20new%20trojan%20%27Lampion%27%20has%20spread%20using%20template%20emails%20from%20the%20Portuguese%20Government%20Finance%20%26%20Tax.pdf |
| 1102 | 2019-12-29 | 1a37382df05d162c04564b538f7bd0229f1f8e7e | BRONZE PRESIDENT Targets NGOs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2019/2019.12.29_BRONZE_PRESIDENT_NGO/BRONZE%20PRESIDENT%20Targets%20NGOs.pdf |
| 1103 | 2020-01-01 | 8fc0ccc71a8dc6fec2584ed73ffe8fbef5b43e74 | [CN]_SideWinder_APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.01.SideWinder_APT/%5BCN%5D_SideWinder_APT.pdf |
| 1104 | 2020-01-06 | 0663cef97989f69df67f59cab5071d3b4ef742f1 | First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.06.SideWinder_Google_Play/First%20Active%20Attack%20Exploiting%20CVE-2019-2215%20Found%20on%20Google%20Play%2C%20Linked%20to%20SideWinder%20APT%20Group.pdf |
| 1105 | 2020-01-07 | 9df38c6e2d7d8347a0e922df462f20049f16a797 | Iranian Cyber Response to Death of IRGC Head Would Likely Use Reported TTPs and Previous Access | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.07_Iranian_Cyber_Response/Iranian%20Cyber%20Response%20to%20Death%20of%20IRGC%20Head%20Would%20Likely%20Use%20Reported%20TTPs%20and%20Previous%20Access.pdf |
| 1106 | 2020-01-07 | bfa9143ed25f03e8a3273a392583de3292d64e35 | Saudi-Arabia-CNA-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.07_Destructive_Attack_DUSTMAN/Saudi-Arabia-CNA-report.pdf |
| 1107 | 2020-01-08 | 8d45b1a37d3fc6784fa2f55d4fde6f10e19802c5 | Operation AppleJeus Sequel | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.08_Operation_AppleJeus_Sequel/Operation%20AppleJeus%20Sequel.pdf |
| 1108 | 2020-01-09 | 0ca55a185d1faaa2c0b3576999faad5147eccc76 | NA-EL-Threat-Perspective-2019 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.09.NA-EL-Threat-Perspective/NA-EL-Threat-Perspective-2019.pdf |
| 1109 | 2020-01-13 | 441f48b969b4448c18c6382282db8ac548f8a3e5 | APT27 ZXShell RootKit module updates | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.13.APT27_ZxShell_RootKit/APT27%20ZXShell%20RootKit%20module%20updates.pdf |
| 1110 | 2020-01-13 | 587a7a2e1f2251135b851ad40fdf13359efa9b63 | Reviving MuddyC3 Used by MuddyWater (IRAN) APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.13.muddyc3.Revived/Reviving%20MuddyC3%20Used%20by%20MuddyWater%20%28IRAN%29%20APT.pdf |
| 1111 | 2020-01-16 | 1036c13f75483a87237103247da0b9e99e16fee6 | JSAC2020_3_takai_jp | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/other/JSAC2020_3_takai_jp.pdf |
| 1112 | 2020-01-16 | 59e37b1b95367583cc5cc181fee309b96f786fd0 | JhoneRAT_ Cloud based python RAT targeting Middle Eastern countries | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.16.JhoneRAT/JhoneRAT_%20Cloud%20based%20python%20RAT%20targeting%20Middle%20Eastern%20countries.pdf |
| 1113 | 2020-01-20 | cd96b74b284193b21abeadedfc64e2257545d9db | ASEC_REPORT_vol.97_ENG | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/AhnLab/ASEC_REPORT_vol.97_ENG.pdf |
| 1114 | 2020-01-22 | a83f4b160e2543812bf9ee048af1d8ce27aaa730 | 200122_IBM_X-Force_IRIS_ZeroCleare_Paper | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.xx.ZeroCleare_Wiper/200122_IBM_X-Force_IRIS_ZeroCleare_Paper.pdf |
| 1115 | 2020-01-31 | 33e67d5669920778611140f7b293a4d807de35e5 | welivesecurity.com-Winnti Group targeting universities in Hong Kong | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.01.31.Winnti_universities_in_HK/welivesecurity.com-Winnti%20Group%20targeting%20universities%20in%20Hong%20Kong.pdf |
| 1116 | 2020-02-03 | 653171288c2d534959efd7c9060e178593465be9 | Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.03.SharePoint_Vulnerability_Middle_East/Actors%20Still%20Exploiting%20SharePoint%20Vulnerability%20to%20Attack%20Middle%20East%20Government%20Organizations.pdf |
| 1117 | 2020-02-10 | fad082e169f6f4bca710eef792f0711c6a9d98cc | Outlaw Updates Kit to Kill Older Miner Versions, Targets More Systems | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.10_Outlaw_Updates/Outlaw%20Updates%20Kit%20to%20Kill%20Older%20Miner%20Versions%2C%20Targets%20More%20Systems.pdf |
| 1118 | 2020-02-12 | d6b452fe46682f1bd964eb8cae720076bf30c592 | 2020.02.22_APT_threat_report_2019_CN_version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/QianXin/2020.02.22_APT_threat_report_2019_CN_version.pdf |
| 1119 | 2020-02-13 | b2c9a2d88fe19485808d261e58a2fca4dbbf27ed | New Cyber Espionage Campaigns Targeting Palestinians - Part 2_ The Discovery of the New, Mysterious Pierogi Backdoor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.13.PIEROGI_BACKDOOR_APT/New%20Cyber%20Espionage%20Campaigns%20Targeting%20Palestinians%20-%20Part%202_%20The%20Discovery%20of%20the%20New%2C%20Mysterious%20Pierogi%20Backdoor.pdf |
| 1120 | 2020-02-17 | 73bf0529f33594669d849df43de2d78a38eab8cc | ClearSky-Fox-Kitten-Campaign-v1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.17_Fox_Kitten_Campaign/ClearSky-Fox-Kitten-Campaign-v1.pdf |
| 1121 | 2020-02-17 | 916b7687b6d0a73686f1515fe228b1c4ff95122a | CLAMBLING - A New Backdoor Base On Dropbox (EN) | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.17_CLAMBLING_Dropbox_Backdoor/CLAMBLING%20-%20A%20New%20Backdoor%20Base%20On%20Dropbox%20%28EN%29.pdf |
| 1122 | 2020-02-17 | bead11e2acc0a0690136d7963bb52e8fd93bb80b | Cyberwarfare_ A deep dive into the latest Gamaredon Espionage Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.17.Cyberwarfare_Gamaredon_Campaign/Cyberwarfare_%20A%20deep%20dive%20into%20the%20latest%20Gamaredon%20Espionage%20Campaign.pdf |
| 1123 | 2020-02-18 | 0e43d375e0d1f9ce30a9df30b8c2c27d21df5d83 | wp-uncovering-DRBcontrol | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.18_Operation_DRBControl/wp-uncovering-DRBcontrol.pdf |
| 1124 | 2020-02-19 | 8a127514c633f3298d1eedc3ee1d7d439648950e | Lexfo-WhitePaper-The_Lazarus_Constellation | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.19_The_Lazarus_Constellation/Lexfo-WhitePaper-The_Lazarus_Constellation.pdf |
| 1125 | 2020-02-21 | ea7ee7903aac206a471642078ade87af0d183c68 | [KR]Analysis Report_MyKings Botnet | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.21_MyKings_Botnet/%5BKR%5DAnalysis%20Report_MyKings%20Botnet.pdf |
| 1126 | 2020-02-22 | e786a69583d446ea26e7151b0a534b539b7d5fc3 | Weaponizing a Lazarus Group Implant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.22_Lazarus_Group_Weaponizing/Weaponizing%20a%20Lazarus%20Group%20Implant.pdf |
| 1127 | 2020-02-25 | 5689d93fa60e88759d1b0d9a23674a43caf87717 | CloudSnooper_report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.25_Cloud_Snooper/CloudSnooper_report.pdf |
| 1128 | 2020-02-28 | 6683391f26af54d6c995a4df80fbde6419638cdc | Nortrom_Lion_APT_CN_version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.02.28_Nortrom_Lion_APT/Nortrom_Lion_APT_CN_version.pdf |
| 1129 | 2020-03-02 | ab9e7ac7d48f727dab0986a1672f60c1a7d8dec2 | apt34-aka-oilrig-attacks-lebanon-government-entities-with-maildropper-implant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.02_APT34_MAILDROPPER/apt34-aka-oilrig-attacks-lebanon-government-entities-with-maildropper-implant.pdf |
| 1130 | 2020-03-02 | fed84094f8bd8822542b76820b569235ff6cd98a | Report2020CrowdStrikeGlobalThreatReport | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/CrowdStrike/Report2020CrowdStrikeGlobalThreatReport.pdf |
| 1131 | 2020-03-03 | 126e1841bb7a5c0b9b0208b01605328402e30a97 | mtrends-2020 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/FireEye/mtrends-2020.pdf |
| 1132 | 2020-03-03 | 79e7ff150be9c0d28ed50f410f2a3d682e172898 | The North Korean Kimsuky APT keeps threatening South Korea evolving its TTPs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.03_Kimsuky_APT/The%20North%20Korean%20Kimsuky%20APT%20keeps%20threatening%20South%20Korea%20evolving%20its%20TTPs.pdf |
| 1133 | 2020-03-03 | ec7d70f1abbdff4227a39b98306a490085cb5bf6 | New Perl Botnet (Tuyul) Found with Possible Indonesian Attribution | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.03_Tuyul_Botnet_Indonesian/New%20Perl%20Botnet%20%28Tuyul%29%20Found%20with%20Possible%20Indonesian%20Attribution.pdf |
| 1134 | 2020-03-05 | 43c98642ad0f9f099ab7d61a0b1433fa4e852dc1 | apt_report_2019.CN_Version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Tencent/apt_report_2019.CN_Version.pdf |
| 1135 | 2020-03-05 | 96d1ff403eb0306a6afce709bc54b16480635775 | Guildma_ The Devil drives electric _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.05_Guildma/Guildma_%20The%20Devil%20drives%20electric%20_%20WeLiveSecurity.pdf |
| 1136 | 2020-03-05 | ae511e37067348208579e7fcf8da0389626b2044 | Dissecting Geost_ Exposing the Anatomy of the Android Trojan Targeting Russian Banks - TrendLabs Security Intelligence Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.05_Dissecting_Geost/Dissecting%20Geost_%20Exposing%20the%20Anatomy%20of%20the%20Android%20Trojan%20Targeting%20Russian%20Banks%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf |
| 1137 | 2020-03-10 | 00108e5f5e785cd5df1012deee919fe1a9cf0db1 | njRat IOCs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.10.WHO_HACKING_THE_HACKERS/njRat%20IOCs.pdf |
| 1138 | 2020-03-10 | 865d88a8d0c6bf1dff0accd241bc1f06a7f22616 | Who's Hacking the Hackers_ No Honor Among Thieves | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.10.WHO_HACKING_THE_HACKERS/Who%27s%20Hacking%20the%20Hackers_%20No%20Honor%20Among%20Thieves.pdf |
| 1139 | 2020-03-10 | e685607aac68a580c1feed8dc1bb21fc567ee414 | 2020_03_Threat_Alert_Hacking_the_Hackers | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.10.WHO_HACKING_THE_HACKERS/2020_03_Threat_Alert_Hacking_the_Hackers.pdf |
| 1140 | 2020-03-11 | 9fafe6bd3615077295cfb7cc07059df42e187c14 | Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.11.Operation_Overtrap/Operation%20Overtrap%20Targets%20Japanese%20Online%20Banking%20Users%20Via%20Bottle%20Exploit%20Kit%20and%20Brand-New%20Cinobi%20Banking%20Trojan.pdf |
| 1141 | 2020-03-11 | daa952eb7f9cd9f938255053657d4e8a9271d6c5 | Tech Brief_Operation Overtrap Targets Japanese Online Banking Users | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.11.Operation_Overtrap/Tech%20Brief_Operation%20Overtrap%20Targets%20Japanese%20Online%20Banking%20Users.pdf |
| 1142 | 2020-03-12 | 40347605cbd5510bb0371309456dc1805780c368 | Vicious Panda_ The COVID Campaign - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.12_Vicious_Panda/Vicious%20Panda_%20The%20COVID%20Campaign%20-%20Check%20Point%20Research.pdf |
| 1143 | 2020-03-12 | 44034bcbd317f83aba6172387eae7fb102e0926b | Two-tailed_scorpion_CN_version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.12_Two-tailed_scorpion/Two-tailed_scorpion_CN_version.pdf |
| 1144 | 2020-03-12 | 68b971b44c01fa3821825e239cf6b227673106ea | Tracking Turla_ New backdoor delivered via Armenian watering holes _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.12_Tracking_Turla/Tracking%20Turla_%20New%20backdoor%20delivered%20via%20Armenian%20watering%20holes%20_%20WeLiveSecurity.pdf |
| 1145 | 2020-03-13 | 1f00e902bb6c10ff50389d6cc9075d156cf0986d | cybersecurity-threatscape-2019-q4-eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/PTSecurity/cybersecurity-threatscape-2019-q4-eng.pdf |
| 1146 | 2020-03-15 | ca7fb7c0312305d20e41bff716082169ff5f5a01 | APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT _ Malwarebytes Labs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.15_APT36_Crimson_RAT/APT36%20jumps%20on%20the%20coronavirus%20bandwagon%2C%20delivers%20Crimson%20RAT%20_%20Malwarebytes%20Labs.pdf |
| 1147 | 2020-03-19 | 6c96e61b7ed93841857c6737b7a84650b39403ad | wp-pawn-storm-in-2019 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.19_Probing_Pawn_Storm/wp-pawn-storm-in-2019.pdf |
| 1148 | 2020-03-24 | d71ad8ea9e4809433ec87615aafbc7e20e77b9a4 | WildPressure targets industrial-related entities in the Middle East _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.24_WildPressure/WildPressure%20targets%20industrial-related%20entities%20in%20the%20Middle%20East%20_%20Securelist.pdf |
| 1149 | 2020-03-24 | f516eade0319946e52c88ee6f44b01aa8e832fd2 | Operation Poisoned News_ Hong Kong Users Targeted With Mobile Malware via Local News Links - TrendLabs Security Intelligence Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.24_Operation_Poisoned_News/Operation%20Poisoned%20News_%20Hong%20Kong%20Users%20Targeted%20With%20Mobile%20Malware%20via%20Local%20News%20Links%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf |
| 1150 | 2020-03-25 | 60cdab19b8f87a9d3b1aa0dde91f9cf945cbfb76 | This Is Not a Test_ APT41 Initiates Global Intrusion Campaign Using Multiple Exploits _ FireEye Inc | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.25_APT41-initiates-global-intrusion-campaign/This%20Is%C2%A0Not%20a%20Test_%20APT41%20Initiates%20Global%20Intrusion%20Campaign%20Using%20Multiple%20Exploits%20_%20FireEye%20Inc.pdf |
| 1151 | 2020-03-26 | cf105922040421377abdd120f6ba2b9772fdd40d | iOS exploit chain deploys “LightSpy” feature-rich malware _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.26_LightSpy_TwoSail_Junk_APT/iOS%20exploit%20chain%20deploys%20%E2%80%9CLightSpy%E2%80%9D%20feature-rich%20malware%20_%20Securelist.pdf |
| 1152 | 2020-03-30 | b262e09517bd3bf9abb0c19c20ef8fddb2b0012d | Operation Spy Cloud_eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.03.30_Spy_Cloud_Operation/Operation%20Spy%20Cloud_eng.pdf |
| 1153 | 2020-04-07 | 36aa13f198fbad89f10281c4f5fe9ce7e41ec495 | report-bb-decade-of-the-rats | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.07_Decade_of_the_RATs/report-bb-decade-of-the-rats.pdf |
| 1154 | 2020-04-07 | 969ec8174de828cf9016983138f6b929d2e2b9bd | 200407-MWB-COVID-White-Paper_Final | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.07_APTs_COVID-19/200407-MWB-COVID-White-Paper_Final.pdf |
| 1155 | 2020-04-07 | f6199ae7db7a2adfc28fa8b751fec7a88639fca2 | New Ursnif campaign_ a shift from PowerShell to Mshta | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.07_New_Ursnif_Campaign/New%20Ursnif%20campaign_%20a%20shift%20from%20PowerShell%20to%20Mshta.pdf |
| 1156 | 2020-04-08 | 742c783578c5461b8f2caa921dcc5a39c7f976d5 | ASEC_REPORT_vol.98_ENG | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/AhnLab/ASEC_REPORT_vol.98_ENG.pdf |
| 1157 | 2020-04-15 | 2841ceea5cc8310669b24e4bba16f7bd9a1eb804 | Nation-state Mobile Malware Targets Syrians with COVID-19 Lures | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.15_COVID-19_Lures_Syrians/Nation-state%20Mobile%20Malware%20Targets%20Syrians%20with%20COVID-19%20Lures.pdf |
| 1158 | 2020-04-15 | 6a5077e6dac44c1ba63d36b7562496996f56032a | [TLP-White]20200415 Chimera_V4.1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.15_Chimera_APT/%5BTLP-White%5D20200415%20Chimera_V4.1.pdf |
| 1159 | 2020-04-16 | 3aeba28cf0cbea7e4f635139516e5a3ab0b3966e | White Ops _ Inside the Largest Connected TV Botnet Attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.16_ICEBUCKET_TV_Bot_Attack/White%20Ops%20_%20Inside%20the%20Largest%20Connected%20TV%20Botnet%20Attack.pdf |
| 1160 | 2020-04-16 | a7ef251336a636626f97a4ebbedc6894c67481b4 | Exposing Modular Adware_ How DealPly, IsErIk, and ManageX Persist in Systems - TrendLabs Security Intelligence Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.16_Exposing_Modular_Adware/Exposing%20Modular%20Adware_%20How%20DealPly%2C%20IsErIk%2C%20and%20ManageX%20Persist%20in%20Systems%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf |
| 1161 | 2020-04-17 | ed8af7aaa54ed27c726f0ca8f2c9377b4dfd534e | Gamaredon APT Group Use Covid-19 Lure in Campaigns - TrendLabs Security Intelligence Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.17_Gamaredon_APT_Covid-19/Gamaredon%20APT%20Group%20Use%20Covid-19%20Lure%20in%20Campaigns%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf |
| 1162 | 2020-04-20 | 1936abcedd5c269851436ed6e042df7db8b618e1 | WINNTI GROUP_ Insights From the Past | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.20_Winnti_from_the_past/WINNTI%20GROUP_%20Insights%20From%20the%20Past.pdf |
| 1163 | 2020-04-21 | 1df98e647d64ef01bdc29e2530e611effe5e895b | Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.21.evil-eye-threat-actor/Evil%20Eye%20Threat%20Actor%20Resurfaces%20with%20iOS%20Exploit%20and%20Updated%20Implant.pdf |
| 1164 | 2020-04-24 | 61251cc065cb364dbba4585d1d97b0d81062cfc1 | PoshC2_APT_jp | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.24_PoshC2_APT/PoshC2_APT_jp.pdf |
| 1165 | 2020-04-27 | 8f7f8c91758763e2adc955d2d1170b324e314a74 | ESET_Threat_Report_Q12020 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/ESET/ESET_Threat_Report_Q12020.pdf |
| 1166 | 2020-04-28 | 690050958d76252df27f19728b3608a3f9011a15 | yoroi.company-Outlaw is Back a New Crypto-Botnet Targets European Organizations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.28_Outlaw_is_Back/yoroi.company-Outlaw%20is%20Back%20a%20New%20Crypto-Botnet%20Targets%20European%20Organizations.pdf |
| 1167 | 2020-04-28 | d72c4c798984d38fd23124d3c5adff2a0ac65262 | Grandoreiro_ How engorged can an EXE get_ _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.28.Grandoreiro/Grandoreiro_%20How%20engorged%20can%20an%20EXE%20get_%20_%20WeLiveSecurity.pdf |
| 1168 | 2020-04-29 | 992959657614e0598cdac414b7796dc37b6eab0d | cta-2020-0429 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.04.29.Chinese_Influence_Operations_Taiwanese_Elections_Hong_Kong_Protests/cta-2020-0429.pdf |
| 1169 | 2020-05-05 | 8f5591c1ec9f6b2911112c53dc551374a00b66c3 | Nazar_ Spirits of the Past - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.05.Nazar_APT/Nazar_%20Spirits%20of%20the%20Past%20-%20Check%20Point%20Research.pdf |
| 1170 | 2020-05-06 | 38e2947b2131a0e1cf3ac0868dad5f6c0c3a034e | Prevailion Blog_ Phantom in the Command Shell | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.06_Phantom_EVILNUM/Prevailion%20Blog_%20Phantom%20in%20the%20Command%20Shell.pdf |
| 1171 | 2020-05-06 | 801eb85445d0e1a4ecec311846bdfe2435400d2c | LeeryTurtleThreatReport_05_20 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.06_Leery_Turtle/LeeryTurtleThreatReport_05_20.pdf |
| 1172 | 2020-05-07 | 140f905caba9014a29fed5a5dcf1be7b6102969b | Naikon APT_ Cyber Espionage Reloaded - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.07_Naikon_APT_Reloaded/Naikon%20APT_%20Cyber%20Espionage%20Reloaded%20-%20Check%20Point%20Research.pdf |
| 1173 | 2020-05-07 | d9e41bb3cd7ad22a358930b9eb53495e4409803a | Blue Mockingbird activity mines Monero cryptocurrency | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.07_Blue_Mockingbird/Blue%20Mockingbird%20activity%20mines%20Monero%20cryptocurrency.pdf |
| 1174 | 2020-05-11 | b2eab25e33718c6f5114a4260c41b22d96938842 | zscaler.com-Attack on Indian Government Financial Institutions | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.11.JsOutProx_RAT_Targeted_Attacks/zscaler.com-Attack%20on%20Indian%20Government%20Financial%20Institutions.pdf |
| 1175 | 2020-05-11 | d0acc76ee3510cbde8145e5c7d83e42f8b863123 | Updated BackConfig Malware Targeting Government and Military Organizations in South Asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.11_BackConfig_South_Asia/Updated%20BackConfig%20Malware%20Targeting%20Government%20and%20Military%20Organizations%20in%20South%20Asia.pdf |
| 1176 | 2020-05-12 | ed6a7415fce176c79774be3de06ba77aca1084ff | Tropic Trooper’s Back_ USBferry Attack Targets Air-gapped Environments - TrendLabs Security Intelligence Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.12.Tropic_Trooper_Back/Tropic%20Trooper%E2%80%99s%20Back_%20USBferry%20Attack%20Targets%20Air-gapped%20Environments%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf |
| 1177 | 2020-05-13 | efee6cb22f537f81daeba1c34ca6a42030567d2e | Ramsay_ A cyber‑espionage toolkit tailored for air‑gapped networks _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.13.Ramsay/Ramsay_%20A%20cyber%E2%80%91espionage%20toolkit%20tailored%20for%20air%E2%80%91gapped%20networks%20_%20WeLiveSecurity.pdf |
| 1178 | 2020-05-14 | 005000464a9f344017647ae24c95407f58b0187d | RATicate_ an attacker’s waves of information-stealing malware – Sophos News | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.RATicate/RATicate_%20an%20attacker%E2%80%99s%20waves%20of%20information-stealing%20malware%20%E2%80%93%20Sophos%20News.pdf |
| 1179 | 2020-05-14 | 0c2e280bc8a52ed683fa6e5c85d6bbea835ac067 | COMpfun authors spoof visa application with HTTP status-based Trojan _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.COMpfun/COMpfun%20authors%20spoof%20visa%20application%20with%20HTTP%20status-based%20Trojan%20_%20Securelist.pdf |
| 1180 | 2020-05-14 | 16c81da78979a1a9feb92d07aadc89061cfea4d3 | Mikroceen_ Spying backdoor leveraged in high‑profile networks in Central Asia _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.Mikroceen/Mikroceen_%20Spying%20backdoor%20leveraged%20in%20high%E2%80%91profile%20networks%20in%20Central%20Asia%20_%20WeLiveSecurity.pdf |
| 1181 | 2020-05-14 | 6d5fedda30e086a09d6be72c89e2721e84f7a07c | Vendetta-new-threat-actor-from-Europe | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.Vendetta_APT/Vendetta-new-threat-actor-from-Europe.pdf |
| 1182 | 2020-05-14 | 6e668df891d5f95a31c04a5d6ea344b856ebceb9 | dl-20200511-lolsnif-appendix-a-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.LOLSnif/dl-20200511-lolsnif-appendix-a-en.pdf |
| 1183 | 2020-05-14 | 75e4bbb86baca9834df9a238120a9dcff82c2c46 | APT Group Planted Backdoors Targeting High Profile Networks in Central Asia - Avast Threat Labs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.Central_Asia_APT/APT%20Group%20Planted%20Backdoors%20Targeting%20High%20Profile%20Networks%20in%20Central%20Asia%20-%20Avast%20Threat%20Labs.pdf |
| 1184 | 2020-05-14 | e76e58648d529f7171fe87500cfe5b8ce2813e0b | Cybersecurity_ Tool leaks are very interesting occurrences in cyber security. _ Deutsche Telekom | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.LOLSnif/Cybersecurity_%20Tool%20leaks%20are%20very%20interesting%20occurrences%20in%20cyber%20security.%20_%20Deutsche%20Telekom.pdf |
| 1185 | 2020-05-14 | ec57814179f082e30a8f4aa2a76ae9a5b393eb92 | dl-20200511-lolsnif-appendix-b-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.14.LOLSnif/dl-20200511-lolsnif-appendix-b-en.pdf |
| 1186 | 2020-05-18 | c3540b25293ee33d44c189ce1946a445c6b5964a | APT-C-23.cn | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.18_APT-C-23/APT-C-23.cn.pdf |
| 1187 | 2020-05-19 | 1784a9f7457b052811e96d6467f1b6f32fa29a7a | Sophisticated Espionage Group Turns Attention to Telecom Providers in South Asia _ Symantec Blogs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.19.Greenbug_South_Asia/Sophisticated%20Espionage%20Group%20Turns%20Attention%20to%20Telecom%20Providers%20in%20South%20Asia%20_%20Symantec%20Blogs.pdf |
| 1188 | 2020-05-21 | 0953a87a680ee134d2a8eaedec907f5c27028f32 | No “Game over” for the Winnti Group _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.21.No_Game_Over_Winnti/No%20%E2%80%9CGame%20over%E2%80%9D%20for%20the%20Winnti%20Group%20_%20WeLiveSecurity.pdf |
| 1189 | 2020-05-21 | b2960938fa9e99613d211c440e2ee48c55c5648f | Intezer - The Evolution of APT15's Codebase 2020 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.21.APT15_Codebase_2020/Intezer%20-%20The%20Evolution%20of%20APT15%27s%20Codebase%202020.pdf |
| 1190 | 2020-05-21 | e1693e54076e904e62f120e99f71dfb2d221caa5 | Bitdefender-Whitepaper-Chafer-creat4491-en-EN-interactive | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.21.Iranian_Chafer_APT/Bitdefender-Whitepaper-Chafer-creat4491-en-EN-interactive.pdf |
| 1191 | 2020-05-25 | a34f8a68f18d5f0fab426f07d5c837e63e7b8ffc | mpressioncss_ta_report_2019_4 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2019.H2_macnica_TeamT5/mpressioncss_ta_report_2019_4.pdf |
| 1192 | 2020-05-26 | 7bcdfae2ef025893a57007a928a4c633f6beea1d | ESET_Turla_ComRAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.26_From_Agent.BTZ_to_ComRAT/ESET_Turla_ComRAT.pdf |
| 1193 | 2020-05-28 | e76e32e631c965b225e1e3eae6ba3d480a01d3a7 | The zero-day exploits of Operation WizardOpium _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.28_Operation_WizardOpium/The%20zero-day%20exploits%20of%20Operation%20WizardOpium%20_%20Securelist.pdf |
| 1194 | 2020-05-29 | 16809dc5ccb7ad44158fdfaba10439aa3fdef9f6 | Russian Cyber Attack Campaigns and Actors - Threat Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.05.29_russian-cyber-attack-campaigns-and-actors/Russian%20Cyber%20Attack%20Campaigns%20and%20Actors%20-%20Threat%20Research.pdf |
| 1195 | 2020-06-01 | 03c57228e99df9e0536038c7fe3bf74f77fd4377 | Cryptocurrency-Miners-XMRig-Based-CoinMiner-by-Blue-Mockingbird-Group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.01.Blue_Mockingbird_Group/Cryptocurrency-Miners-XMRig-Based-CoinMiner-by-Blue-Mockingbird-Group.pdf |
| 1196 | 2020-06-03 | 5687700fffca8bb7c37d2ac6ea7b375916a4907b | Cycldek_ Bridging the (air) gap _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.03.Cycldek/Cycldek_%20Bridging%20the%20%28air%29%20gap%20_%20Securelist.pdf |
| 1197 | 2020-06-03 | a95b65c51aa3655e486a5b843d4ffdddbe375eb5 | New LNK attack tied to Higaisa APT discovered - Malwarebytes Labs _ Malwarebytes Labs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.03.Higaisa_APT/New%20LNK%20attack%20tied%20to%20Higaisa%20APT%20discovered%20-%20Malwarebytes%20Labs%20_%20Malwarebytes%20Labs.pdf |
| 1198 | 2020-06-08 | 1c6623db3c2b89f3d02c27dbfe556fa16d2787a2 | GuLoader_ No, CloudEyE. - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.08.GuLoader_CloudEyE/GuLoader_%20No%2C%20CloudEyE.%20-%20Check%20Point%20Research.pdf |
| 1199 | 2020-06-08 | 77eba65a1f4e631d789ce46a273cbbf91e03ea04 | TA410_ The Group Behind LookBack Attacks Against U.S. Utilities Sector Returns with New Malware _ Proofpoint US | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.08.TA410/TA410_%20The%20Group%20Behind%20LookBack%20Attacks%20Against%20U.S.%20Utilities%20Sector%20Returns%20with%20New%20Malware%20_%20Proofpoint%20US.pdf |
| 1200 | 2020-06-11 | 07f675fbe36baae92e4ba5f2e87aeb80a9022b3a | Gamaredon group grows its game _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.11.Gamaredon_group/Gamaredon%20group%20grows%20its%20game%20_%20WeLiveSecurity.pdf |
| 1201 | 2020-06-11 | d7eb46c7b708a6638eaec45c8707a7f171daef5a | New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa - TrendLabs Security Intelligence Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.11.Earth_Empusa/New%20Android%20Spyware%20ActionSpy%20Revealed%20via%20Phishing%20Attacks%20from%20Earth%20Empusa%20-%20TrendLabs%20Security%20Intelligence%20Blog.pdf |
| 1202 | 2020-06-15 | e4c9189b12b624d00aebddce020dc21235824382 | India_ Human Rights Defenders Targeted by a Coordinated Spyware Operation _ Amnesty International | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.15.india-human-rights-defenders-targeted/India_%20Human%20Rights%20Defenders%20Targeted%20by%20a%20Coordinated%20Spyware%20Operation%20_%20Amnesty%20International.pdf |
| 1203 | 2020-06-16 | 8eb01ca0fecc1b0f5ce51c40907e4299f6819d58 | Cobalt tactics and tools update | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.16.Cobalt_Update/Cobalt%20tactics%20and%20tools%20update.pdf |
| 1204 | 2020-06-17 | 166f227840f32bab3de2bcf6ebae6a7f8821e2a8 | Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature - Malwarebytes Labs _ Malwarebytes Labs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.17.malleable-c2-feature_APT/Multi-stage%20APT%20attack%20drops%20Cobalt%20Strike%20using%20Malleable%20C2%20feature%20-%20Malwarebytes%20Labs%20_%20Malwarebytes%20Labs.pdf |
| 1205 | 2020-06-17 | 4374926cb1aae28c30d3737c3c12d001f6b3531a | ESET_Operation_Interception | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.17.Operation_Interception/ESET_Operation_Interception.pdf |
| 1206 | 2020-06-17 | bf1e6d61f88eae47312b6fe8208fa32a7f12caea | AcidBox_ Rare Malware Repurposing Turla Group Exploit Targeted Russian Organizations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.17.AcidBox/AcidBox_%20Rare%20Malware%20Repurposing%20Turla%20Group%20Exploit%20Targeted%20Russian%20Organizations.pdf |
| 1207 | 2020-06-18 | b74baf46be77a5cf227622de8617e50b80573388 | mpressioncss_ta_report_2019_4_en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2019.H2_macnica_TeamT5/mpressioncss_ta_report_2019_4_en.pdf |
| 1208 | 2020-06-18 | ecbed95d0006c27f040e1e371a8bc71084ae425d | ESET_InvisiMole | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.18.InvisiMole_hidden_arsenal/ESET_InvisiMole.pdf |
| 1209 | 2020-06-19 | 0ae2875e3f06b901197455731e0ebe814e144e32 | Targeted Attack Leverages India-China Border Dispute | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.19.India-China_Border_Dispute_APT/Targeted%20Attack%20Leverages%20India-China%20Border%20Dispute.pdf |
| 1210 | 2020-06-23 | b31245aa28777ce928ce0325c7a77db3a42edc1a | WastedLocker_ A New Ransomware Variant Developed By The Evil Corp Group – NCC Group Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.23.WastedLocker_Evil_Corp_Group/WastedLocker_%20A%20New%20Ransomware%20Variant%20Developed%20By%20The%20Evil%20Corp%20Group%20%E2%80%93%20NCC%20Group%20Research.pdf |
| 1211 | 2020-06-24 | 3f653faebd179cd80f6cf9900894d675d733f1eb | BRONZE VINEWOOD Targets Supply Chains _ Secureworks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.24.BRONZE_VINEWOOD/BRONZE%20VINEWOOD%20Targets%20Supply%20Chains%20_%20Secureworks.pdf |
| 1212 | 2020-06-25 | 6d040ce46d5e965b3307831e8e60e579f717b533 | Leviathan APT campaign in 2020 Malaysian political crisis _ Elastic Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.25.Malaysian-focused-APT_campaign/Leviathan%20APT%20campaign%20in%202020%20Malaysian%20political%20crisis%20_%20Elastic%20Blog.pdf |
| 1213 | 2020-06-26 | 5e6cfc1c4120b7e4816fb45ed6d4df1716020c90 | WastedLocker_ Symantec Identifies Wave of Attacks Against U.S. Organizations _ Symantec Blogs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.26_WastedLocker_Attack/WastedLocker_%20Symantec%20Identifies%20Wave%20of%20Attacks%20Against%20U.S.%20Organizations%20_%20Symantec%20Blogs.pdf |
| 1214 | 2020-06-28 | 0951da302792eca3f8f5bc739e2416f085a4545d | 2020.06.29_APT_threat_report_2020_1H_CN_version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/QianXin/2020.06.29_APT_threat_report_2020_1H_CN_version.pdf |
| 1215 | 2020-06-29 | fd80d881cea6a3b5f1c67d95e923993c5f54c56e | Talos Blog __ Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ PROMETHIUM extends global reach with StrongPity3 APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.29.PROMETHIUM_StrongPity3_APT/Talos%20Blog%20__%20Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20PROMETHIUM%20extends%20global%20reach%20with%20StrongPity3%20APT.pdf |
| 1216 | 2020-06-30 | 29cc78207bc8dd6dddcd9d7a0cb70ba9fd44ac64 | Bitdefender-Whitepaper-StrongPity-APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.06.30_StrongPity_APT/Bitdefender-Whitepaper-StrongPity-APT.pdf |
| 1217 | 2020-07-01 | 072401ca621f892b99161ba98326a82ece2a24da | lookout-uyghur-malware-tr-us | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.01.Mobile_APT_Uyghurs/lookout-uyghur-malware-tr-us.pdf |
| 1218 | 2020-07-02 | 61e28d6bfe21e4e27c946ef0478ad222e6903063 | ASEC_REPORT_vol.99_ENG | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/AhnLab/ASEC_REPORT_vol.99_ENG.pdf |
| 1219 | 2020-07-03 | 290ed6fd6340d563fe2220d47bb80c349952683d | cybersecurity-threatscape-2020-q1-eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/PTSecurity/cybersecurity-threatscape-2020-q1-eng.pdf |
| 1220 | 2020-07-06 | fd213cf3ad977d04889c1f4bf9d36023270f12fe | North Korean hackers are skimming US and European shoppers – Sansec | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.06_North_Korean_Magecart/North%20Korean%20hackers%20are%20skimming%20US%20and%20European%20shoppers%20%E2%80%93%20Sansec.pdf |
| 1221 | 2020-07-08 | 4af9052cde27fa68791ba498e8ca4b2d8632933b | TA410 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.08.TA410/TA410.pdf |
| 1222 | 2020-07-08 | 84838de308f10054250e737881e8882ed3115a9e | Copy cat of APT Sidewinder _. In tweeter this weekend,@Timele9527… _ by Sebdraven _ Medium | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.08.Copy_Cat_of_Sidewinder/Copy%20cat%20of%20APT%20Sidewinder%20_.%20In%20tweeter%20this%20weekend%2C%40Timele9527%E2%80%A6%20_%20by%20Sebdraven%20_%20Medium.pdf |
| 1223 | 2020-07-08 | 9f8dda7367cccce4857167350a81827265457f12 | Operation ‘Honey Trap’_ APT36 Targets Defense Organizations in India | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.08_Operation_Honey_Trap/Operation%20%E2%80%98Honey%20Trap%E2%80%99_%20APT36%20Targets%20Defense%20Organizations%20in%20India.pdf |
| 1224 | 2020-07-09 | 60542b63d4ebd6481f237c64553920cb3ee53897 | acid-agari-cosmic-lynx | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.09_Cosmic_Lynx/acid-agari-cosmic-lynx.pdf |
| 1225 | 2020-07-09 | b2431a336059c7dca596d6f2195b08f084129dc6 | More evil_ A deep look at Evilnum and its toolset _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.09_Evilnum_Toolset/More%20evil_%20A%20deep%20look%20at%20Evilnum%20and%20its%20toolset%20_%20WeLiveSecurity.pdf |
| 1226 | 2020-07-09 | f65700a01bce110e78a4426f2691de3ce3d1dad5 | IoCs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.09_Evilnum_Toolset/IoCs.pdf |
| 1227 | 2020-07-12 | 2450a3838805875b48de2c1092cc6438b8ab3497 | SideWinder_APT_2020_H1_CN_version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.12_SideWinder_2020_H1/SideWinder_APT_2020_H1_CN_version.pdf |
| 1228 | 2020-07-14 | 19cf361089a302524207249a3c86c2a390ce19a4 | Turla _ Venomous Bear updates its arsenal_ _NewPass_ appears on the APT threat scene - Telsy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.14_Turla_VENOMOUS_BEAR/Turla%20_%20Venomous%20Bear%20updates%20its%20arsenal_%20_NewPass_%20appears%20on%20the%20APT%20threat%20scene%20-%20Telsy.pdf |
| 1229 | 2020-07-14 | 555840514267ef3183af84b886b7e25da4bd41aa | Welcome Chat as a secure messaging app_ Nothing could be further from the truth _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.14_Molerats_Middle_East_APT/Welcome%20Chat%20as%20a%20secure%20messaging%20app_%20Nothing%20could%20be%20further%20from%20the%20truth%20_%20WeLiveSecurity.pdf |
| 1230 | 2020-07-15 | b733176571839bd9bce34d91e7c5cdbf62c7529e | 2020-07-the-fake-cisco | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.15_the_Fake_CISCO/2020-07-the-fake-cisco.pdf |
| 1231 | 2020-07-16 | c37c39a715b7dabb3b71b2bcb720b4b1d6b55381 | Advisory-APT29-targets-COVID-19-vaccine-development | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.16.apt29-targets-covid-19-vaccine-development/Advisory-APT29-targets-COVID-19-vaccine-development.pdf |
| 1232 | 2020-07-17 | 135a6f7d72166abc72a0fc691651c47eb0ed1b5e | CERTFR-2020-CTI-008 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.17.DRIDEX/CERTFR-2020-CTI-008.pdf |
| 1233 | 2020-07-20 | 7ff8651fcdf8d0213257d3bf05b729b9c11d34b1 | Study_of_the_APT_attacks_on_state_institutions_in_Kazakhstan_and_Kyrgyzstan_en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.20.APT_attacks_Kazakhstan_Kyrgyzstan/Study_of_the_APT_attacks_on_state_institutions_in_Kazakhstan_and_Kyrgyzstan_en.pdf |
| 1234 | 2020-07-22 | 11dec46f1e037a4be8fdb1c7308385776697b456 | OilRig Targets Middle Eastern Telecommunications Organization and Adds Novel C2 Channel with Steganography to Its Inventory | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.22.OilRig_Middle_Eastern_Telecommunication/OilRig%20Targets%20Middle%20Eastern%20Telecommunications%20Organization%20and%20Adds%20Novel%20C2%20Channel%20with%20Steganography%20to%20Its%20Inventory.pdf |
| 1235 | 2020-07-22 | 1b63cf401d94eb2778d2fbdb6355cd4f7ab8eda6 | MATA_ Multi-platform targeted malware framework _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.22_MATA_APT/MATA_%20Multi-platform%20targeted%20malware%20framework%20_%20Securelist.pdf |
| 1236 | 2020-07-28 | 59031d3fff5445b8aa9f1384206288dba535f3c6 | cta-2020-0728 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.28.RedDelta_APT/cta-2020-0728.pdf |
| 1237 | 2020-07-28 | 7af26b2a4e7823c399ebcc9adc62e927110a538a | Group-IB_PATRIOT_EN | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.28.black-jack/Group-IB_PATRIOT_EN.pdf |
| 1238 | 2020-07-29 | 52d8a01e7f751445ce92fe22444fa00c0d26b8d6 | ESET_Threat_Report_Q22020 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/ESET/ESET_Threat_Report_Q22020.pdf |
| 1239 | 2020-07-29 | 9270d79d9568ff5effdec6b1bcdfae2b35122ee3 | mcafee.com-Operation 노스 스타 North Star A Job Offer Thats Too Good to be True | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.07.29.Operation_North_Star/mcafee.com-Operation%20%EB%85%B8%EC%8A%A4%20%EC%8A%A4%ED%83%80%20North%20Star%20A%20Job%20Offer%20Thats%20Too%20Good%20to%20be%20True.pdf |
| 1240 | 2020-07-31 | 4e5462be50d05ec0016c0ac96ac1b1cb1820bce4 | APT_trends_report_Q2_2020_Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Kaspersky/APT_trends_report_Q2_2020_Securelist.pdf |
| 1241 | 2020-08-03 | 4fa97bcbbda216a683c7b1b4105870086422bc8a | MAR-10292089-1.v2 – Chinese Remote Access Trojan_ TAIDOOR _ CISA | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.03.TAIDOOR/MAR-10292089-1.v2%20%E2%80%93%20Chinese%20Remote%20Access%20Trojan_%20TAIDOOR%20_%20CISA.pdf |
| 1242 | 2020-08-10 | 0a1374273e78f5de1ee2df446cdfad6326cc09ff | Gorgon APT targeting MSME sector in India | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.10.Gorgon_APT/Gorgon%20APT%20targeting%20MSME%20sector%20in%20India.pdf |
| 1243 | 2020-08-12 | 4dd82280ab1b8286e7a15a6712d8aa51cea5717e | Internet Explorer and Windows zero-day exploits used in Operation PowerFall _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.12.Operation_PowerFall/Internet%20Explorer%20and%20Windows%20zero-day%20exploits%20used%20in%20Operation%20PowerFall%20_%20Securelist.pdf |
| 1244 | 2020-08-13 | 5a2a35f3dd63f115ffccd50ac18f25aa545b2476 | CactusPete APT group’s updated Bisonal backdoor _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.13.CactusPete_APT/CactusPete%20APT%20group%E2%80%99s%20updated%20Bisonal%20backdoor%20_%20Securelist.pdf |
| 1245 | 2020-08-13 | dbd58d46b251bb8850045e8a0c9588fb480f5ad7 | Dream-Job-Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.13.Operation_Dream_Job/Dream-Job-Campaign.pdf |
| 1246 | 2020-08-18 | ae100f502bae1c22ccbaafc930363da92fee7af6 | f-secureLABS-tlp-white-lazarus-threat-intel-report2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.18.LAZARUS_GROUP/f-secureLABS-tlp-white-lazarus-threat-intel-report2.pdf |
| 1247 | 2020-08-20 | 2be29c83661be962010cd1b651bc30358270d37f | Bitdefender-PR-Whitepaper-APTHackers-creat4740-en-EN-GenericUse | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.20_APT_Hackers_for_Hire/Bitdefender-PR-Whitepaper-APTHackers-creat4740-en-EN-GenericUse.pdf |
| 1248 | 2020-08-20 | d26eee9aaf68c944c7b606a24e527a22d8f044e9 | CERTFR-2020-CTI-009 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.20_DEVELOPMENT_TA505/CERTFR-2020-CTI-009.pdf |
| 1249 | 2020-08-24 | 15d4cbcd158a1d481d50df98c0bab7c7320b9204 | Lifting the veil on DeathStalker, a mercenary triumvirate _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.24_DeathStalker/Lifting%20the%20veil%20on%20DeathStalker%2C%20a%20mercenary%20triumvirate%20_%20Securelist.pdf |
| 1250 | 2020-08-27 | 9773d73d8f5fa7731c250b8c5a120c7d2f122737 | The-Kittens-are-Back-in-Town-3 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.27.Kittens_Are_Back/The-Kittens-are-Back-in-Town-3.pdf |
| 1251 | 2020-08-28 | 1e67a31a1b58037730ec5c2658f08cf7e341f22a | Transparent Tribe_ Evolution analysis, part 2 _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.08.28_Transparent_Tribe/Transparent%20Tribe_%20Evolution%20analysis%2C%20part%202%20_%20Securelist.pdf |
| 1252 | 2020-09-01 | c58ac19d02322eb584b9a933873258b4bb46c63d | Chinese APT TA413 Resumes Targeting of Tibet Following COVID-19 Themed Economic Espionage Campaign Delivering Sepulcher Malware Targeting Europe _ Proofpoint US | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.01.Chinese_APT_TA413/Chinese%20APT%20TA413%20Resumes%20Targeting%20of%20Tibet%20Following%20COVID-19%20Themed%20Economic%20Espionage%20Campaign%20Delivering%20Sepulcher%20Malware%20Targeting%20Europe%20_%20Proofpoint%20US.pdf |
| 1253 | 2020-09-03 | 481ea2b17f84432633e8539b6d0bdda62084a18b | cybersecurity-threatscape-2020-q2-eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/PTSecurity/cybersecurity-threatscape-2020-q2-eng.pdf |
| 1254 | 2020-09-03 | 7f81e670c66b8e8bbbe5cb52544526cb18ee432c | Evilnum IOCs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.03.Evilnum_Pyvil/Evilnum%20IOCs.pdf |
| 1255 | 2020-09-03 | a61dd692af601982998502a3f199395a118ed59b | No Rest for the Wicked_ Evilnum Unleashes PyVil RAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.03.Evilnum_Pyvil/No%20Rest%20for%20the%20Wicked_%20Evilnum%20Unleashes%20PyVil%20RAT.pdf |
| 1256 | 2020-09-07 | 8cd6e584044556e5548bdefff08e2cf2c9bb5ecf | swift_bae_report_Follow-The Money | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2020.09.07_Follow_the_Money/swift_bae_report_Follow-The%20Money.pdf |
| 1257 | 2020-09-08 | 31e082a1ca4f7e12ac0cc0a32185d5c7c55752e6 | TeamTNT activity targets Weave Scope deployments - Microsoft Tech Community - 1645968 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.08.TeamTNT_Weave-Scope/TeamTNT%20activity%20targets%20Weave%20Scope%20deployments%20-%20Microsoft%20Tech%20Community%20-%201645968.pdf |
| 1258 | 2020-09-11 | 6370087a176d2e536888fde5dfd0478d2675ead6 | 2020.09.11_Talos_-_The_art_and_science_of_detecting_Cobalt_Strike | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.11_Talos_-_The_art_and_science_of_detecting_Cobalt_Strike/2020.09.11_Talos_-_The_art_and_science_of_detecting_Cobalt_Strike.pdf |
| 1259 | 2020-09-16 | e31ec8645ecd065f317e9b6ac0f0e83849c1ecc9 | Partners in crime_ North Koreans and elite Russian-speaking cybercriminals - Intel 471 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.16.Partners_in_crime/Partners%20in%20crime_%20North%20Koreans%20and%20elite%20Russian-speaking%20cybercriminals%20-%20Intel%20471.pdf |
| 1260 | 2020-09-17 | 93d561129091d822ec1d402a359e7dedb472766d | 69da886eecc7087e9dac2d3ea4c66ba8 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.17.Operation_Tibbar/69da886eecc7087e9dac2d3ea4c66ba8.pdf |
| 1261 | 2020-09-21 | 656646baa87275b8a967c07f218e65abad2dc05c | Talos_Cobalt_Strike | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.21.coverage-strikes-back-cobalt-strike-paper/Talos_Cobalt_Strike.pdf |
| 1262 | 2020-09-22 | e08daeb493b2dd368eaf56261dc50d1a320c1a54 | APT28 Delivers Zebrocy Malware Campaign Using NATO Theme as Lure | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.22.APT28_Zebrocy_Malware_Campaign/APT28%20Delivers%20Zebrocy%20Malware%20Campaign%20Using%20NATO%20Theme%20as%20Lure.pdf |
| 1263 | 2020-09-23 | a1bdc13886c38c08ab612c67fa129cf822a0c586 | Seqrite-WhitePaper-Operation-SideCopy | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.23.Operation_SideCopy/Seqrite-WhitePaper-Operation-SideCopy.pdf |
| 1264 | 2020-09-24 | b68432d09718bec3dcd78a55d09dc826f249f425 | Microsoft Security—detecting empires in the cloud - Microsoft Security | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.24.Empires_in_the_Cloud/Microsoft%20Security%E2%80%94detecting%20empires%20in%20the%20cloud%20-%20Microsoft%20Security.pdf |
| 1265 | 2020-09-25 | 37b32bf2d55a94ac7991302ba9b19f19cd4ea4dc | German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed _ Amnesty International | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.25.Finspy_in_Egypt/German-made%20FinSpy%20spyware%20found%20in%20Egypt%2C%20and%20Mac%20and%20Linux%20versions%20revealed%20_%20Amnesty%20International.pdf |
| 1266 | 2020-09-25 | a77cbdde77e4f422afa752f5300c4c61227a9713 | apt-c-43-steals-venezuelan-military-secrets-to-provide-intelligence-support-for-the-reactionaries-hpreact-campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.25.APT-C-43_HpReact_campaign/apt-c-43-steals-venezuelan-military-secrets-to-provide-intelligence-support-for-the-reactionaries-hpreact-campaign.pdf |
| 1267 | 2020-09-29 | 57e8d714b5d438ce9e92de0b265e73d7e9f44956 | Palmerworm_ Espionage Gang Targets the Media, Finance, and Other Sectors _ Symantec Blogs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.29.Palmerworm/Palmerworm_%20Espionage%20Gang%20Targets%20the%20Media%2C%20Finance%2C%20and%20Other%20Sectors%20_%20Symantec%20Blogs.pdf |
| 1268 | 2020-09-29 | 964d1402954f35daa80c32477d96673bd3e8d9e3 | 2020.09.29_ShadowPad - new activity from the Winnti group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.29_ShadowPad_-_new_activity_from_the_Winnti_group/2020.09.29_ShadowPad%20-%20new%20activity%20from%20the%20Winnti%20group.pdf |
| 1269 | 2020-09-30 | c19c3cf6fc7f11ece1d8db1f0eaf19dd9017d91a | APT‑C‑23 group evolves its Android spyware _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.09.30.APT%E2%80%91C%E2%80%9123_Android/APT%E2%80%91C%E2%80%9123%20group%20evolves%20its%20Android%20spyware%20_%20WeLiveSecurity.pdf |
| 1270 | 2020-10-05 | 293d6da465b3568edeba3f01e6b51ab5c504bce8 | 2020.10.05_-_MosaicRegressor_Lurking_in_the_Shadows_of_UEFI_Securelist_2020 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.05.MosaicRegressor_Lurking_in_the_Shadows_of_UEFI/2020.10.05_-_MosaicRegressor_Lurking_in_the_Shadows_of_UEFI_Securelist_2020.pdf |
| 1271 | 2020-10-06 | e00bdad5093bbd5ef5d5b949edfbb5e7d2a0d668 | Release the Kraken_ Fileless APT attack abuses Windows Error Reporting service | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.06.Kraken_Fileless_APT/Release%20the%20Kraken_%20Fileless%20APT%20attack%20abuses%20Windows%20Error%20Reporting%20service.pdf |
| 1272 | 2020-10-07 | 9782e6360e97367764f28ad9eeb6a2b7bb830e3e | report-spark-bahamut | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.07.Massive_Hack-For-Hire_Group/report-spark-bahamut.pdf |
| 1273 | 2020-10-12 | dd71e034b730cc673712b1c34759f6d8a08e85d7 | ASEC_REPORT_vol.100_ENG | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/AhnLab/ASEC_REPORT_vol.100_ENG.pdf |
| 1274 | 2020-10-13 | f439ee14595e3a11b2bbf3180d48149a4148309f | Blood_Rubia_APT_CN_version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.13.Operation_Rubia_cordifolia/Blood_Rubia_APT_CN_version.pdf |
| 1275 | 2020-10-14 | 8406efff010535b5b3970c90f1c66c48cd42a334 | Silent Librarian APT right on schedule for 20_21 academic year - Malwarebytes Labs _ Malwarebytes Labs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.14.Silent_Librarian_APT/Silent%20Librarian%20APT%20right%20on%20schedule%20for%2020_21%20academic%20year%20-%20Malwarebytes%20Labs%20_%20Malwarebytes%20Labs.pdf |
| 1276 | 2020-10-15 | 7b40403abebcff1c0adfca8446cf0470c96d6caf | 2020.10.15_Operation_Quicksand_MuddyWater’s_Offensive_Attack_Against_Israeli | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.15_Operation_Quicksand_MuddyWater%E2%80%99s_Offensive_Attack_Against_Israeli/2020.10.15_Operation_Quicksand_MuddyWater%E2%80%99s_Offensive_Attack_Against_Israeli.pdf |
| 1277 | 2020-10-19 | 4a1e9f829eb2f169cfa22e8ee29bf346b07002a4 | ETL2020_Incidents_A4 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/ENISA/ETL2020_Incidents_A4.pdf |
| 1278 | 2020-10-19 | caf252729256e6060cdd1a1b79c1601bbb9e57f5 | 2020.10.19_-_Operation_Earth_Kitsune_-_Tracking_SLUBs_current_operations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.19_-_Operation_Earth_Kitsune_-_Tracking_SLUBs_current_operations/2020.10.19_-_Operation_Earth_Kitsune_-_Tracking_SLUBs_current_operations.pdf |
| 1279 | 2020-10-22 | a64d2206e1e103ad29c72db4046f85bd46769eb7 | Bitter_CHM_APT_CN | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.22.Bitter_CHM_APT/Bitter_CHM_APT_CN.pdf |
| 1280 | 2020-10-23 | b373caf73601a0d9b85ac7ddf32b5bafd7fac08b | APT-C-44_CN_Version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.23.APT-C-44_NAFox/APT-C-44_CN_Version.pdf |
| 1281 | 2020-10-26 | 77cb524019f00c62291b56c239af3b64cde985e3 | Study_of_the_ShadowPad_APT_backdoor_and_its_relation_to_PlugX_en (1) | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.26.ShadowPad_APT_backdoor_PlugX/Study_of_the_ShadowPad_APT_backdoor_and_its_relation_to_PlugX_en%20%281%29.pdf |
| 1282 | 2020-10-27 | 63c7af76b7bf400f15d027af6c64e7713b031fc3 | ESET_Threat_Report_Q32020 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/ESET/ESET_Threat_Report_Q32020.pdf |
| 1283 | 2020-10-27 | e9982868ab5e1049d2681d5f26b52b6d3cfc90aa | TLP-WHITE_AA20-301A_North_Korean_APT_Focus_Kimsuky | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.10.27_AA20-301A.North_Korean_APT/TLP-WHITE_AA20-301A_North_Korean_APT_Focus_Kimsuky.pdf |
| 1284 | 2020-11-01 | ff7e1ff5b450cfab95e1d2efeed6173e6f752658 | cyberstanc.com-A look into APT36s Transparent Tribe tradecraft | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.01.Transparent_Tribe_APT/cyberstanc.com-A%20look%20into%20APT36s%20Transparent%20Tribe%20tradecraft.pdf |
| 1285 | 2020-11-02 | 060d5bead69abda2843568e023e2da9b79f30728 | fireeye.com-Live off the Land How About Bringing Your Own Island An Overview of UNC1945 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.02.UNC1945/fireeye.com-Live%20off%20the%20Land%20How%20About%20Bringing%20Your%20Own%20Island%20An%20Overview%20of%20UNC1945.pdf |
| 1286 | 2020-11-04 | 5740fa2785845008e0ca6e3116cd9e545ec8712f | 2020.11.04_-_WorldEconomicForum_-_Partnership_against_Cybercrime | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2020.11.04_-_WorldEconomicForum_-_Partnership_against_Cybercrime/2020.11.04_-_WorldEconomicForum_-_Partnership_against_Cybercrime.pdf |
| 1287 | 2020-11-04 | 9adac60dfdae3acfe01e9d105fc0e50e7e80ea62 | APT_trends_report_Q3_2020_Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Kaspersky/APT_trends_report_Q3_2020_Securelist.pdf |
| 1288 | 2020-11-04 | ad4a25b8d51c674cc7cc87ce0a38d119214203aa | A new APT uses DLL side-loads to “KilllSomeOne” – Sophos News | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.04.KilllSomeOne_DLL_APT/A%20new%20APT%20uses%20DLL%20side-loads%20to%20%E2%80%9CKilllSomeOne%E2%80%9D%20%E2%80%93%20Sophos%20News.pdf |
| 1289 | 2020-11-06 | f20e6d7993156865b1b6d4d17c8a61f4cbfdf197 | OceanLotus_ Extending Cyber Espionage Operations Through Fake Websites _ Volexity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.06.OceanLotus_Fake_Websites/OceanLotus_%20Extending%20Cyber%20Espionage%20Operations%20Through%20Fake%20Websites%20_%20Volexity.pdf |
| 1290 | 2020-11-10 | 34ca92f2cf9d17f44a084b1dfd89861416010109 | cta-2020-1110 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.10.APT32_Cambodian/cta-2020-1110.pdf |
| 1291 | 2020-11-11 | 69abc992873b860e8f7677b252223232e89c759d | 2020-2021-cyber-espionage-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Verizon/2020-2021-cyber-espionage-report.pdf |
| 1292 | 2020-11-12 | 0059d38480ba7bf97b0eca30fe489c3a41d8862e | Hungry for data, ModPipe backdoor hits POS software used in hospitality sector _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.12.ModPipe_POS_Hospitality-Sector/Hungry%20for%20data%2C%20ModPipe%20backdoor%20hits%20POS%20software%20used%20in%20hospitality%20sector%20_%20WeLiveSecurity.pdf |
| 1293 | 2020-11-12 | 5352306527c9f9cbd00390846f430f159d9e6797 | Jupyter Infostealer WEB | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.12.Jupyter_InfoStealer/Jupyter%20Infostealer%20WEB.pdf |
| 1294 | 2020-11-12 | d6c8819c55c41b32b1d1d75fff4346407609acf2 | The CostaRicto Campaign_ Cyber-Espionage Outsourced | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.12.CostaRicto_Campaign/The%20CostaRicto%20Campaign_%20Cyber-Espionage%20Outsourced.pdf |
| 1295 | 2020-11-12 | e9f32f7b199787f8b8bb42c90054f2db6a1fee0f | Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ CRAT wants to plunder your endpoints | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.12.CRAT_Lazarus/Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20CRAT%20wants%20to%20plunder%20your%20endpoints.pdf |
| 1296 | 2020-11-16 | 04f2e7dae2a99039549957795de625810f0e2698 | Bitdefender-Whitepaper-Chinese-APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.16.Chinese_APT_South_Eastern_Asian/Bitdefender-Whitepaper-Chinese-APT.pdf |
| 1297 | 2020-11-16 | 5c1c65e34650e0d891d23fbf362a7f160db8fe67 | TA505_ A Brief History Of Their Time – Fox-IT International blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.16.TA505_History/TA505_%20A%20Brief%20History%20Of%20Their%20Time%20%E2%80%93%20Fox-IT%20International%20blog.pdf |
| 1298 | 2020-11-17 | 297670f9a872410bddc852a030f4a7ec518e167f | 11-2020-Chaes-e-commerce-malware-research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.17.CHAES/11-2020-Chaes-e-commerce-malware-research.pdf |
| 1299 | 2020-11-17 | 757fa642dccef50a0d9c00f12de89e57d136b796 | Japan-Linked Organizations Targeted in Long-Running and Sophisticated Attack Campaign _ Symantec Blogs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.17.Cicada_Japan/Japan-Linked%20Organizations%20Targeted%20in%20Long-Running%20and%20Sophisticated%20Attack%20Campaign%20_%20Symantec%20Blogs.pdf |
| 1300 | 2020-11-17 | be07f4c6382c69d62fb14a5886575b3bec1de53d | chaes-malware-iocs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.17.CHAES/chaes-malware-iocs.pdf |
| 1301 | 2020-11-18 | 1b8684ab53b5ee732bfb95dab91fbbae3da45700 | sophos-2021-threat-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Sophos/sophos-2021-threat-report.pdf |
| 1302 | 2020-11-18 | 30d80fc2ff785b0dffdd99d24cec6b35e6555674 | 2020.11.18_Zooming_into_Darknet_Threats_Targeting_Japanese_Organizations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2020.11.18_Zooming_into_Darknet_Threats_Targeting_Japanese_Organizations/2020.11.18_Zooming_into_Darknet_Threats_Targeting_Japanese_Organizations.pdf |
| 1303 | 2020-11-19 | 657a7e2583a1f3590740eb6935202c5ebe94ecdb | 2020.11.19_-_Cybereason_vs_MedusaLocker_Ransomware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.19.MedusaLocker_Ransomware/2020.11.19_-_Cybereason_vs_MedusaLocker_Ransomware.pdf |
| 1304 | 2020-11-23 | 0e1716828670b5518cfa19c9a31b7c61002a1042 | Group-IB_Hi-Tech_Crime_Trends_2020-2021_en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Group-IB/Group-IB_Hi-Tech_Crime_Trends_2020-2021_en.pdf |
| 1305 | 2020-11-23 | 680326f4ffb2f446f27f40fb66eaaae9fd0254fd | [S2W LAB] Analysis of Clop Ransomware suspiciously related to the Recent Incident (English) | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.23.Clop_Campaign/%5BS2W%20LAB%5D%20Analysis%20of%20Clop%20Ransomware%20suspiciously%20related%20to%20the%20Recent%20Incident%20%28English%29.pdf |
| 1306 | 2020-11-26 | 507f014ec7d5d00cdfe894e9f4a8e5d6363aa73f | Bandook_ Signed & Delivered - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.26.Bandook/Bandook_%20Signed%20%26%20Delivered%20-%20Check%20Point%20Research.pdf |
| 1307 | 2020-11-27 | ad2ea5b4d217a569389d450ff52aa167961484cb | Investigation with a twist_ an accidental APT attack and averted data destruction | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.27.Twist_APT27/Investigation%20with%20a%20twist_%20an%20accidental%20APT%20attack%20and%20averted%20data%20destruction.pdf |
| 1308 | 2020-11-30 | 15fe81e24bfbb3b20b2deddd8beeb6c137956a79 | Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them - Microsoft Security | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.30.BISMUTH_CoinMiner/Threat%20actor%20leverages%20coin%20miner%20techniques%20to%20stay%20under%20the%20radar%20%E2%80%93%20here%E2%80%99s%20how%20to%20spot%20them%20-%20Microsoft%20Security.pdf |
| 1309 | 2020-11-30 | 5e45c51ac37f98d5a77773448007d5c2d47b28f6 | yoroi.company-Shadows From the Past Threaten Italian Enterprises | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.11.30.UNC1945/yoroi.company-Shadows%20From%20the%20Past%20Threaten%20Italian%20Enterprises.pdf |
| 1310 | 2020-12-01 | 49b601dfe0bb2b946424d96bdd31c63cb0ea2c03 | Red_Kangaroo | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.01.Operation_RED_KANGAROO/Red_Kangaroo.pdf |
| 1311 | 2020-12-01 | ee81cf429cf7d9d2f535e00a6f041e70be4364ba | AA20-336A-APT_Actors_Targeting_US_ThinkTanks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.01.APT_US_Think_Tanks/AA20-336A-APT_Actors_Targeting_US_ThinkTanks.pdf |
| 1312 | 2020-12-02 | 201269ab296c57608c21f5dc2db15738b73409da | Turla Crutch_ Keeping the “back door” open _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.02.Turla_Crutch/Turla%20Crutch_%20Keeping%20the%20%E2%80%9Cback%20door%E2%80%9D%20open%20_%20WeLiveSecurity.pdf |
| 1313 | 2020-12-03 | 721bc070ec4a33f0c6aa17606e76d04ccfb80b21 | ATR_82599-1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.03.Adversary_Tracking_Report/ATR_82599-1.pdf |
| 1314 | 2020-12-07 | 13c7d3da1d1cec27f6bf4730227557837d0191da | The footprints of Raccoon_ a story about operators of JS-sniffer FakeSecurity distributing Raccoon stealer | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.07.FakeSecurity/The%20footprints%20of%20Raccoon_%20a%20story%20about%20operators%20of%20JS-sniffer%20FakeSecurity%20distributing%20Raccoon%20stealer.pdf |
| 1315 | 2020-12-09 | 5fbc6d29a61db83e0aaa5262e68751d0fc91aae7 | SideWinder Uses South Asian Issues for Spear Phishing, Mobile Attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.09.SideWinder/SideWinder%20Uses%20South%20Asian%20Issues%20for%20Spear%20Phishing%2C%20Mobile%20Attacks.pdf |
| 1316 | 2020-12-09 | 731f807cbab23d94b4fb3b2fab99a2ff6ff0394a | Russian APT Uses COVID-19 Lures to Deliver Zebrocy - Intezer | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.09.Sofacy_APT/Russian%20APT%20Uses%20COVID-19%20Lures%20to%20Deliver%20Zebrocy%20-%20Intezer.pdf |
| 1317 | 2020-12-13 | 46758aa98959fdc1ae34dd3ef0ab1303879cc692 | fireeye.com-Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.13.SolarWinds_Supply_Chain_SUNBURST_Backdoor/fireeye.com-Highly%20Evasive%20Attacker%20Leverages%20SolarWinds%20Supply%20Chain%20to%20Compromise%20Multiple%20Global%20Victims%20With%20.pdf |
| 1318 | 2020-12-15 | 0a6463f3c8f788c5b69d1a93c941fd3d9e3b5a44 | Microsoft_Digital_Defense_Report_2020_September | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Microsoft/Microsoft_Digital_Defense_Report_2020_September.pdf |
| 1319 | 2020-12-15 | 33f5db26e70ff659285215cfe24da89b0ee44f78 | ThreatReport-Lazarus | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.15.Lazarus_Campaign/ThreatReport-Lazarus.pdf |
| 1320 | 2020-12-15 | d1e6ea484caee3d4a6caba94f056bfb1ec350303 | APT-C-47_ClickOnce_Operation.CN_version | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.15.APT-C-47_ClickOnce/APT-C-47_ClickOnce_Operation.CN_version.pdf |
| 1321 | 2020-12-16 | 75609cca39e6bd39390f11e23753c951fd5f0f7e | Mapping out AridViper Infrastructure Using Augury’s Malware Module – Team Cymru | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.16.AridViper_Augury/Mapping%20out%20AridViper%20Infrastructure%20Using%20Augury%E2%80%99s%20Malware%20Module%20%E2%80%93%20Team%20Cymru.pdf |
| 1322 | 2020-12-17 | 22d4bacae3cb4eda41d3b3ddf44843e8c5902db8 | Operation SignSight_ Supply‑chain attack against a certification authority in Southeast Asia _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.17.Operation_SignSight/Operation%20SignSight_%20Supply%E2%80%91chain%20attack%20against%20a%20certification%20authority%20in%20Southeast%20Asia%20_%20WeLiveSecurity.pdf |
| 1323 | 2020-12-17 | a4f055f4aa7f38e5a81e9d28e6a1d929d2f6842a | Pay2Kitten | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.17.Pay2Kitten/Pay2Kitten.pdf |
| 1324 | 2020-12-19 | f1a02cdc30e256d40d50aa8939f9aa79313324b7 | blog.vincss.net-RE018-1 Analyzing new malware of China Panda hacker group used to attack supply chain against Vietnam | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.19.Panda_Vietnam/blog.vincss.net-RE018-1%20Analyzing%20new%20malware%20of%20China%20Panda%20hacker%20group%20used%20to%20attack%20supply%20chain%20against%20Vietnam.pdf |
| 1325 | 2020-12-22 | 50fa2057d9ebe2ccb52a3d0bda82abf3ec5e8e2b | blog.truesec.com-Collaboration between FIN7 and the RYUK group a Truesec Investigation | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.22.FIN7_RYUK/blog.truesec.com-Collaboration%20between%20FIN7%20and%20the%20RYUK%20group%20a%20Truesec%20Investigation.pdf |
| 1326 | 2020-12-22 | 613c7e31ab44b8c0329a518b3d89d5860d68c1cc | Cybersecurity_threatscape-2020-Q3.ENG | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/PTSecurity/Cybersecurity_threatscape-2020-Q3.ENG.pdf |
| 1327 | 2020-12-23 | 5543aa9877bbed56afcfcb5423aeff3ac8f22a78 | securelist.com-Lazarus covets COVID-19-related intelligence | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.23.Lazarus_COVID-19/securelist.com-Lazarus%20covets%20COVID-19-related%20intelligence.pdf |
| 1328 | 2020-12-29 | c16375fdd9f0f4b81b76df0c4f0d09967d040ab7 | Revenge RAT targeting users in South America | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2020.12.29.Revenge_RAT/Revenge%20RAT%20targeting%20users%20in%20South%20America.pdf |
| 1329 | 2021-01-04 | 14665d7d4810b9592c7da1d219d6d44f35aac6dd | nao-sec.org-Royal Road ReDive | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.04.Royal_Road_ReDive/nao-sec.org-Royal%20Road%20ReDive.pdf |
| 1330 | 2021-01-04 | 433f0b9bf25b149d226eee3c3405805cbcae3ad0 | research.checkpoint.com-Stopping Serial Killer Catching the Next Strike | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.04.Dridex_Next_Strike/research.checkpoint.com-Stopping%20Serial%20Killer%20Catching%20the%20Next%20Strike.pdf |
| 1331 | 2021-01-04 | 449c50fa76fa2545a649262dfe8fff05b2fcedf3 | APT27+turns+to+ransomware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.04.APT27_Ransomware/APT27%2Bturns%2Bto%2Bransomware.pdf |
| 1332 | 2021-01-04 | 9abf08d5f161141853b1ecf23b0b35d6839adb64 | [Morphisec]_The_Evolution_of_the_FIN7_JssLoader | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.04.Carbanak_evolution_of_FIN7_JssLoader/%5BMorphisec%5D_The_Evolution_of_the_FIN7_JssLoader.pdf |
| 1333 | 2021-01-05 | 425780581a76b844dce4c8817d1878171f138507 | quointelligence.eu-ReconHellcat Uses NIST Theme as Lure To Deliver New BlackSoul Malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.05.ReconHellcat_APT_BlackSoul_Malware/quointelligence.eu-ReconHellcat%20Uses%20NIST%20Theme%20as%20Lure%20To%20Deliver%20New%20BlackSoul%20Malware.pdf |
| 1334 | 2021-01-05 | 7ea2f0f7fad95346ee6624677767693dceca75ce | trendmicro.com-Earth Wendigo Injects JavaScript Backdoor for Mailbox Exfiltration | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.05.Earth_Wendigo_Mailbox_Exfiltration/trendmicro.com-Earth%20Wendigo%20Injects%20JavaScript%20Backdoor%20for%20Mailbox%20Exfiltration.pdf |
| 1335 | 2021-01-06 | 9dafe61a944ded91b92124368c6095997beaa6c3 | blog.talosintelligence.com-A Deep Dive into Lokibot Infection Chain | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.06.Lokibot_Infection_Chain/blog.talosintelligence.com-A%20Deep%20Dive%20into%20Lokibot%20Infection%20Chain.pdf |
| 1336 | 2021-01-06 | bdd99082714507efe1e61cb50369f0bcdf2f729f | blog.malwarebytes.com-Retrohunting APT37 North Korean APT used VBA self decode technique to inject RokRat | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.06.APT37_North_Korean_APT_RokRat/blog.malwarebytes.com-Retrohunting%20APT37%20North%20Korean%20APT%20used%20VBA%20self%20decode%20technique%20to%20inject%20RokRat.pdf |
| 1337 | 2021-01-07 | 791e4be4ccaf81a83beea4fc815af9e572222ef2 | BrunHilda_DaaS | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.07.Brunhilda_DaaS_Malware/BrunHilda_DaaS.pdf |
| 1338 | 2021-01-08 | 2e84ade1e1bea56ea53967234f083557877053c8 | Charming Kitten’s Christmas Gift - Certfa Lab | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.08.Charming_Kitten_Christmas_Gift/Charming%20Kitten%E2%80%99s%20Christmas%20Gift%20-%20Certfa%20Lab.pdf |
| 1339 | 2021-01-11 | 0749d18014ca22469e3ded51cbdca9f836e6f52b | SUNSPOT Malware A Technical Analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.11.SUNSPOT/SUNSPOT%20Malware%20A%20Technical%20Analysis.pdf |
| 1340 | 2021-01-11 | 07ed9ccef8f3b0e30efe4c9110a73c5d537b6003 | ASEC_REPORT_vol.101_ENG | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/AhnLab/ASEC_REPORT_vol.101_ENG.pdf |
| 1341 | 2021-01-11 | 08046eda34296ae9856dbe879fa7529af2448279 | crowdstrike.com-SUNSPOT An Implant in the Build Process | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2021.01.11.SUNSPOT/crowdstrike.com-SUNSPOT%20An%20Implant%20in%20the%20Build%20Process.pdf |
| 1342 | 2021-01-11 | 61a27be290976447f72c35a58fb1b76481b08adb | unit42.paloaltonetworks.com-xHunt Campaign New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2021.01.11.xHunt_Campaign/unit42.paloaltonetworks.com-xHunt%20Campaign%20New%20BumbleBee%20Webshell%20and%20SSH%20Tunnels%20Used%20for%20Lateral%20Movement.pdf |
| 1343 | 2021-01-11 | 9077800dc0e2dbbb57d9c9a90a3619c68d718b13 | securelist.com-Sunburst backdoor code overlaps with Kazuar | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.11.Sunburst_Kazuar/securelist.com-Sunburst%20backdoor%20%20code%20overlaps%20with%20Kazuar.pdf |
| 1344 | 2021-01-11 | d236226592ada17c3181d9c1eb42f6f6ca52f9bc | xHunt Campaign_ New BumbleBee Webshell and SSH Tunnels Used for Lateral Movement | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.11.xHunt_Campaign/xHunt%20Campaign_%20New%20BumbleBee%20Webshell%20and%20SSH%20Tunnels%20Used%20for%20Lateral%20Movement.pdf |
| 1345 | 2021-01-12 | d5cf4e80ac62b5e17eaf837484b6e99c5a7e1c34 | research.nccgroup.com-Abusing cloud services to fly under the radar | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.12.Abusing_cloud_services_Chimera/research.nccgroup.com-Abusing%20cloud%20services%20to%20fly%20under%20the%20radar.pdf |
| 1346 | 2021-01-12 | e53b5732b76f4478577c591d9baec717e35adc3b | welivesecurity.com-Operation Spalax Targeted malware attacks in Colombia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.12.Operation_Spalax/welivesecurity.com-Operation%20Spalax%20Targeted%20malware%20attacks%20in%20Colombia.pdf |
| 1347 | 2021-01-12 | ec83db1b099ad2e211b9633f66ebed82f8bb93e5 | yoroi.company-Opening STEELCORGI A Sophisticated APT Swiss Army Knife | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.12.STEELCORGI/yoroi.company-Opening%20STEELCORGI%20A%20Sophisticated%20APT%20Swiss%20Army%20Knife.pdf |
| 1348 | 2021-01-14 | df2b0c38d578d431b4b112be019a28af408c96dd | ptsecurity.com-Higaisa or Winnti APT41 backdoors old and new | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.14.Higaisa_or_Winnti_APT41/ptsecurity.com-Higaisa%20or%20Winnti%20APT41%20backdoors%20old%20and%20new.pdf |
| 1349 | 2021-01-20 | 0aca0b66d032d240ffcc074bc43e57cefb835967 | Commonly Known Tools Used by Lazarus - JPCERT_CC Eyes _ JPCERT Coordination Center official Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.20.Commonly_Known_Tools_Lazarus/Commonly%20Known%20Tools%20Used%20by%20Lazarus%20-%20JPCERT_CC%20Eyes%20_%20JPCERT%20Coordination%20Center%20official%20Blog.pdf |
| 1350 | 2021-01-20 | 9dfed529039907f4bb300d0281839de2de0a0058 | A Deep Dive Into Patchwork APT Group _ Cyble | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.20.Deep_Dive_Patchwork/A%20Deep%20Dive%20Into%20Patchwork%20APT%20Group%20_%20Cyble.pdf |
| 1351 | 2021-01-25 | 701322599004ff14f9ec088b3b910f9e28c0eef7 | A detailed analysis of ELMER Backdoor used by APT16 – CYBER GEEKS | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.25.APT16_Elmer_backdoor/A%20detailed%20analysis%20of%20ELMER%20Backdoor%20used%20by%20APT16%20%E2%80%93%20CYBER%20GEEKS.pdf |
| 1352 | 2021-01-28 | f379aa885d52567de38ad7ffe6be90aca2140f56 | Lebanese-Cedar-APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.28.Lebanese_Cedar_APT/Lebanese-Cedar-APT.pdf |
| 1353 | 2021-01-31 | 1dfd4cd9d9a5cd3d9749a98852ba36d6eb0b865d | JSAC2021_202_niwa-yanagishita_en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.01.31.A41APT/JSAC2021_202_niwa-yanagishita_en.pdf |
| 1354 | 2021-02-01 | 1776a3f9f29651f6de2f458c0a14afb79c3bfb81 | VinCSS Blog_ [RE020] ElephantRAT (Kunming version)_ our latest discovered RAT of Panda and the similarities with recently Smanager RAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.01.ElephantRAT/VinCSS%20Blog_%20%5BRE020%5D%20ElephantRAT%20%28Kunming%20version%29_%20our%20latest%20discovered%20RAT%20of%20Panda%20and%20the%20similarities%20with%20recently%20Smanager%20RAT.pdf |
| 1355 | 2021-02-01 | 2306d03d7e80ab6e90c753e55ed363904371a6ff | blog.vincss.net-RE020 ElephantRAT Kunming version our latest discovered RAT of Panda and the similarities with recent | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2021.02.01.ElephantRAT/blog.vincss.net-RE020%20ElephantRAT%20Kunming%20version%20our%20latest%20discovered%20RAT%20of%20Panda%20and%20the%20similarities%20with%20recent.pdf |
| 1356 | 2021-02-01 | aaf0f41c26fc8122eed39c863ef7a586f4024808 | operation-nightscout-supply-chain-attack-online-gaming-asia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.01.Operation_NightScout/operation-nightscout-supply-chain-attack-online-gaming-asia.pdf |
| 1357 | 2021-02-02 | b3337c0f3226c009089da347f58b0611411dfbed | ESET_Kobalos | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.02.Kobalos/ESET_Kobalos.pdf |
| 1358 | 2021-02-03 | b075b3490db2935c09d7b942e2c1ae079cf0a29f | Hildegard_ New TeamTNT Malware Targeting Kubernetes | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.03.Hildegard/Hildegard_%20New%20TeamTNT%20Malware%20Targeting%20Kubernetes.pdf |
| 1359 | 2021-02-08 | bcc2ff0e9e6bfbc5b2d54610dede3be8a49f1331 | research.checkpoint.com-Domestic Kitten An Inside Look at the Iranian Surveillance Operations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.08.Domestic_Kitten/research.checkpoint.com-Domestic%20Kitten%20%20An%20Inside%20Look%20at%20the%20Iranian%20Surveillance%20Operations.pdf |
| 1360 | 2021-02-09 | cd98ff1cf9217495ce3ccc27c189298278841548 | unit42.paloaltonetworks.com-BendyBear Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.09.BendyBear/unit42.paloaltonetworks.com-BendyBear%20Novel%20Chinese%20Shellcode%20Linked%20With%20Cyber%20Espionage%20Group%20BlackTech.pdf |
| 1361 | 2021-02-10 | 96d826302a7efc3ed7d0d5aec99c9cfc1646e4fe | blog.lookout.com-Lookout Discovers Novel Confucius APT Android Spyware Linked to India-Pakistan Conflict | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2021.02.10.Confucius_India-Pakistan/blog.lookout.com-Lookout%20Discovers%20Novel%20Confucius%20APT%20Android%20Spyware%20Linked%20to%20India-Pakistan%20Conflict.pdf |
| 1362 | 2021-02-10 | f44953a930898e647b8220eec076c1274ca34851 | Novel Confucius APT Android Spyware Linked to India-Pakistan Conflict | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.10.Confucius_India-Pakistan/Novel%20Confucius%20APT%20Android%20Spyware%20Linked%20to%20India-Pakistan%20Conflict.pdf |
| 1363 | 2021-02-17 | 4b91d90ea50514d038257a729599bddfa7a16bbb | Confucius APT Android Spyware Targets Pakistani and Other South Asian Regions — Cyble | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.17.Confucius_Pakistani_South_Asian/Confucius%20APT%20Android%20Spyware%20Targets%20Pakistani%20and%20Other%20South%20Asian%20Regions%20%E2%80%94%20Cyble.pdf |
| 1364 | 2021-02-17 | 7f777067bb7c374bc58a37819c510788819ab46c | cybleinc.com-Confucius APT Android Spyware Targets Pakistani and Other South Asian Regions | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2020/2021.02.17.Confucius_Pakistani_South_Asian/cybleinc.com-Confucius%20APT%20Android%20Spyware%20Targets%20Pakistani%20and%20Other%20South%20Asian%20Regions.pdf |
| 1365 | 2021-02-22 | 98742dcad26eb4051bba977be4fe8bd6c6b140b1 | research.checkpoint.com-The Story of Jian How APT31 Stole and Used an Unknown Equation Group 0-Day | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.22.APT31_Equation_Group/research.checkpoint.com-The%20Story%20of%20Jian%20%20How%20APT31%20Stole%20and%20Used%20an%20Unknown%20Equation%20Group%200-Day.pdf |
| 1366 | 2021-02-23 | 9bef91678930a7bf4f38419db200a2abb277f839 | The_CrowdStrike_2021_Global_Threat_Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/CrowdStrike/The_CrowdStrike_2021_Global_Threat_Report.pdf |
| 1367 | 2021-02-24 | 830252fd24ee5a302d2ac6d9dc1e6842e3efbed1 | LazyScripter | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.24.LazyScripter/LazyScripter.pdf |
| 1368 | 2021-02-24 | aad302df572c61e3f31f09ceac912cc6b4cf2e9f | amnesty.org-Click and Bait Vietnamese Human Rights Defenders Targeted with Spyware Attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.24.Click_and_Bait/amnesty.org-Click%20and%20Bait%20Vietnamese%20Human%20Rights%20Defenders%20Targeted%20with%20Spyware%20Attacks.pdf |
| 1369 | 2021-02-25 | 42da0553f984992fca55238adb710a7a8c081816 | greatidea_A41_v1.0 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.25.A41APT/greatidea_A41_v1.0.pdf |
| 1370 | 2021-02-25 | 6a688916cf8672f92df48613cd092add20cb383d | proofpoint.com-TA413 Leverages New FriarFox Browser Extension to Target the Gmail Accounts of Global Tibetan Organiz | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.25.TA413_FriarFox/proofpoint.com-TA413%20Leverages%20New%20FriarFox%20Browser%20Extension%20to%20Target%20the%20Gmail%20Accounts%20of%20Global%20Tibetan%20Organiz.pdf |
| 1371 | 2021-02-25 | e505382d8c12eda7c13df2094de433d304c69a20 | kaspersky-ics-cert-lazarus-targets-defense-industry-with-threatneedle-en-20210225 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.02.25.Lazarus_ThreatNeedle/kaspersky-ics-cert-lazarus-targets-defense-industry-with-threatneedle-en-20210225.pdf |
| 1372 | 2021-03-02 | 71b7670f7c8e59dbaea64acb39a796862c6b05c1 | Operation Exchange Marauder_ Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities _ Volexity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.02.Operation_Exchange_Marauder/Operation%20Exchange%20Marauder_%20Active%20Exploitation%20of%20Multiple%20Zero-Day%20Microsoft%20Exchange%20Vulnerabilities%20_%20Volexity.pdf |
| 1373 | 2021-03-02 | ecc7718e285eba15ee5c9d610dc10fed75227bf3 | HAFNIUM targeting Exchange Servers with 0-day exploits - Microsoft Security | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.02.HAFNIUM_APT/HAFNIUM%20targeting%20Exchange%20Servers%20with%200-day%20exploits%20-%20Microsoft%20Security.pdf |
| 1374 | 2021-03-10 | 412f70c02f7582ed56e48d5ab2fb62d5fc37c064 | Bitdefender-PR-Whitepaper-BADHATCH-creat5237-en-EN | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.10.FIN8_BADHATCH_Toolkit/Bitdefender-PR-Whitepaper-BADHATCH-creat5237-en-EN.pdf |
| 1375 | 2021-03-10 | b2470335bf38bddcffac494b053edf80751d74d9 | Linux Backdoor RedXOR Likely Operated by Chinese Nation-State | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.10.RedXOR/Linux%20Backdoor%20RedXOR%20Likely%20Operated%20by%20Chinese%20Nation-State.pdf |
| 1376 | 2021-03-18 | 9807dbe836d414e2b78de88142d0e49c409fd310 | SilverFish_TLPWHITE | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.18.SilverFish_Group/SilverFish_TLPWHITE.pdf |
| 1377 | 2021-03-23 | 1397cd7b11ebd6527ce6b71e5d37716717fdf4cd | Websites Hosting Cracks Spread Malware, Adware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.23.CopperStealer/Websites%20Hosting%20Cracks%20Spread%20Malware%2C%20Adware.pdf |
| 1378 | 2021-03-30 | 6da3d044daff6bb24ef18b3e013b1f17c3548dbf | BadBlood_ TA453 Targets US and Israeli Medical Research Personnel in Credential Phishing Campaigns _ Proofpoint US | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.30.BadBlood_TA453/BadBlood_%20TA453%20Targets%20US%20and%20Israeli%20Medical%20Research%20Personnel%20in%20Credential%20Phishing%20Campaigns%20_%20Proofpoint%20US.pdf |
| 1379 | 2021-03-30 | 7c8a47dad5440202660007a31618e4f85d0d86fe | APT10_ sophisticated multi-layered loader Ecipekac discovered in A41APT campaign _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.03.30.APT10/APT10_%20sophisticated%20multi-layered%20loader%20Ecipekac%20discovered%20in%20A41APT%20campaign%20_%20Securelist.pdf |
| 1380 | 2021-03-30 | d08c90184d768b25306806f66ca829a24c8a6c38 | 2021-Threat-Detection-Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/2021-Threat-Detection-Report.pdf |
| 1381 | 2021-04-06 | 6de388bbce11428b2491f5c5de501303b50770ce | Threat Group Uses Voice Changing Software in Espionage Attempt - Cado Security _ Cloud Native Digital Forensics | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.06.APT-C-23_Voice_Changing/Threat%20Group%20Uses%20Voice%20Changing%20Software%20in%20Espionage%20Attempt%20-%20Cado%20Security%20_%20Cloud%20Native%20Digital%20Forensics.pdf |
| 1382 | 2021-04-07 | 865a943119a51537413db6f558af76559237a1ee | Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ Sowing Discord_ Reaping the benefits of collaboration app abuse | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.07.Sowing_Discord/Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20Sowing%20Discord_%20Reaping%20the%20benefits%20of%20collaboration%20app%20abuse.pdf |
| 1383 | 2021-04-08 | 358418d6665af6173055b08fad48e56540c50190 | Iran’s APT34 Returns with an Updated Arsenal - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.08.APT34_Returns/Iran%E2%80%99s%20APT34%20Returns%20with%20an%20Updated%20Arsenal%20-%20Check%20Point%20Research.pdf |
| 1384 | 2021-04-08 | fa51e4fc31413cc11e93b0245b93dc0dd36b07ce | (Are you) afreight of the dark_ Watch out for Vyveva, new Lazarus backdoor _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.08.Vyveva_Lazarus/%28Are%20you%29%20afreight%20of%20the%20dark_%20Watch%20out%20for%20Vyveva%2C%20new%20Lazarus%20backdoor%20_%20WeLiveSecurity.pdf |
| 1385 | 2021-04-09 | 01d5f589f56547de69752f135d32c6723a4b3055 | Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.09.Iron_Tiger_SysUpdate/Iron%20Tiger%20APT%20Updates%20Toolkit%20With%20Evolved%20SysUpdate%20Malware.pdf |
| 1386 | 2021-04-12 | f1e5b814ff4ee85f0be263cdc4a7048fad658933 | rpt-mtrends-2021 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/FireEye/rpt-mtrends-2021.pdf |
| 1387 | 2021-04-12 | f1e5b814ff4ee85f0be263cdc4a7048fad658933 | mtrends-2021 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/FireEye/mtrends-2021.pdf |
| 1388 | 2021-04-13 | 5cac1187b758faac5a0874c199b4ff928590b8ed | eSentire _ Hackers Flood the Web with 100,000 Malicious Pages,… | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.13.Hackers_Flood/eSentire%20_%20Hackers%20Flood%20the%20Web%20with%20100%2C000%20Malicious%20Pages%2C%E2%80%A6.pdf |
| 1389 | 2021-04-13 | 61cbc94ba10fa02aa103a45c681a5cf52c74b402 | Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.13.CVE-2021-28310_APT/Zero-day%20vulnerability%20in%20Desktop%20Window%20Manager%20%28CVE-2021-28310%29%20used%20in%20the%20wild%20_%20Securelist.pdf |
| 1390 | 2021-04-13 | 9e6dbde54289974038d5b36e40163761b444361f | ASEC_REPORT_vol.102_ENG | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/AhnLab/ASEC_REPORT_vol.102_ENG.pdf |
| 1391 | 2021-04-19 | ee00fbe1a7e991856e9ef3da7601dc010aacdeba | 2021.04.19.A_Deep_Dive_into_Zebrocys_Dropper_Docs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.19.A_Deep_Dive_into_Zebrocys_Dropper_Docs/2021.04.19.A_Deep_Dive_into_Zebrocys_Dropper_Docs.pdf |
| 1392 | 2021-04-19 | f577c784cc04ad513072b1b02e4d3c9f9399c10a | 2021.04.19.Lazarus_APT_conceals_malicious_code_within_BMP_image_to_drop_its_RAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.19.Lazarus_APT_conceals_malicious_code_within_BMP_image_to_drop_its_RAT/2021.04.19.Lazarus_APT_conceals_malicious_code_within_BMP_image_to_drop_its_RAT.pdf |
| 1393 | 2021-04-20 | 2df18ace43029121d0bc039c517739e3a76e0d1b | Check Your Pulse_ Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day _ FireEye Inc | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.20.APT_Pulse_Secure_Zero-Day/Check%20Your%20Pulse_%20Suspected%20APT%20Actors%20Leverage%20Authentication%20Bypass%20Techniques%20and%20Pulse%20Secure%20Zero-Day%20_%20FireEye%20Inc.pdf |
| 1394 | 2021-04-23 | c0a6c1d076397e18a94880fea00e416b94d2d263 | Bitdefender-PR-Whitepaper-NAIKON-creat5397-en-EN | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.23.NAIKON/Bitdefender-PR-Whitepaper-NAIKON-creat5397-en-EN.pdf |
| 1395 | 2021-04-23 | c6737d903675ae6e4ae9531ee6dab7b1a0cd3126 | APT35 ‘Charming Kitten' discovered in a pre-infected environment _ Blog _ Darktrace | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.23.Charming_Kitten/APT35%20%E2%80%98Charming%20Kitten%27%20discovered%20in%20a%20pre-infected%20environment%20_%20Blog%20_%20Darktrace.pdf |
| 1396 | 2021-04-27 | e89c63fb8f2b2e868b4e3159ae6a70671399e48e | Lazarus Group Recruitment_ Threat Hunters vs Head Hunters | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.27.Lazarus_Group_Recruitment/Lazarus%20Group%20Recruitment_%20Threat%20Hunters%20vs%20Head%20Hunters.pdf |
| 1397 | 2021-04-28 | 4847ac85009d57c2f3b32022f5da496afbe97663 | Water Pamola Attacked Online Shops Via Malicious Orders | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.28.Water_Pamola/Water%20Pamola%20Attacked%20Online%20Shops%20Via%20Malicious%20Orders.pdf |
| 1398 | 2021-04-28 | 84aa89ff766bcd002bf1a6641157aed3388547f5 | unc1151-ghostwriter-update-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.04.28.Ghostwriter_UNC1151/unc1151-ghostwriter-update-report.pdf |
| 1399 | 2021-04-28 | dbedc67e6cb865b41f475841e723d3742e41e9b4 | APT_trends_report_Q1_2021_Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Kaspersky/APT_trends_report_Q1_2021_Securelist.pdf |
| 1400 | 2021-05-01 | cbf2c8b08c7445c3b7dfbbb4d2d07b5ce1b6d709 | MuddyWater Binder Project Part 1 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.01.MuddyWater_Binder_1/MuddyWater%20Binder%20Project%20Part%201.pdf |
| 1401 | 2021-05-01 | e68c113ca98d90157913ad4c7d6820d0935616d3 | CryptoCore-Lazarus-Clearsky | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.01.CryptoCore-Lazarus/CryptoCore-Lazarus-Clearsky.pdf |
| 1402 | 2021-05-06 | 4b06da80d998f2b02afb361cbecf02c1b9c62ce8 | Operation TunnelSnake _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.06.Operation_TunnelSnake/Operation%20TunnelSnake%20_%20Securelist.pdf |
| 1403 | 2021-05-06 | ee72d1a177d77e14ae5ce7ce612abd4f0d121cbe | Cybersecurity_threatscape-2020-Q4_eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/PTSecurity/Cybersecurity_threatscape-2020-Q4_eng.pdf |
| 1404 | 2021-05-07 | 54e368656f8c1ec2ea9279668731bc1563ac0c93 | Advisory Further TTPs associated with SVR cyber actors | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.07.SVR_TTPs/Advisory%20Further%20TTPs%20associated%20with%20SVR%20cyber%20actors.pdf |
| 1405 | 2021-05-07 | c09e4404fe00745c657cdbdaf5b1b65d3cf11403 | MuddyWater Binder Project Part 2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.07.MuddyWater_Binder_2/MuddyWater%20Binder%20Project%20Part%202.pdf |
| 1406 | 2021-05-13 | ec6a5ea95cca0fdb10be0bfbd44c95b2e2ad12a4 | blog.talosintelligence.com-Transparent Tribe APT expands its Windows malware arsenal | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.13.Transparent_Tribe_APT/blog.talosintelligence.com-Transparent%20Tribe%20APT%20expands%20its%20Windows%20malware%20arsenal.pdf |
| 1407 | 2021-05-25 | 8f99e28d978b22cfe04a25286d94b10b5b89a9fc | evol-agrius | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.25.AGRIUSAuthor/evol-agrius.pdf |
| 1408 | 2021-05-27 | 714b97855b6bca61266ae5a43f01443c5ab49570 | New sophisticated email-based attack from NOBELIUM - Microsoft Security | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.27.NOBELIUM_New/New%20sophisticated%20email-based%20attack%20from%20NOBELIUM%20-%20Microsoft%20Security.pdf |
| 1409 | 2021-05-28 | 158c584a037e8a315ce4089356c213174c46baf4 | Breaking down NOBELIUM’s latest early-stage toolset - Microsoft Security | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.05.28.NOBELIUM_toolset/Breaking%20down%20NOBELIUM%E2%80%99s%20latest%20early-stage%20toolset%20-%20Microsoft%20Security.pdf |
| 1410 | 2021-06-01 | 3253a930ea63c726f582ec4b7476553e47bf28e2 | eset_threat_report_t12021 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/ESET/eset_threat_report_t12021.pdf |
| 1411 | 2021-06-03 | 06d0aec6c9a8aa4ef0a72f17d82006471f34d427 | SharpPanda_ Chinese APT Group Targets Southeast Asian Government With Previously Unknown Backdoor - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.06.03.SharpPanda_APT/SharpPanda_%20Chinese%20APT%20Group%20Targets%20Southeast%20Asian%20Government%20With%20Previously%20Unknown%20Backdoor%20-%20Check%20Point%20Research.pdf |
| 1412 | 2021-06-08 | ac0591591ca8eabd198c118d307d5626e635c0dc | PuzzleMaker attacks with Chrome zero-day exploit chain _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.06.08.PuzzleMaker_APT/PuzzleMaker%20attacks%20with%20Chrome%20zero-day%20exploit%20chain%20_%20Securelist.pdf |
| 1413 | 2021-06-10 | fa1a699f09e9631b4bb88974ac2535b4972e59a9 | Big airline heist_ APT41 likely behind massive supply chain attack | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.06.10.Big_airline_heist/Big%20airline%20heist_%20APT41%20likely%20behind%20massive%20supply%20chain%20attack.pdf |
| 1414 | 2021-06-16 | 3ef10b0ab15e09aa93d78ade0cdc1d316b4849c2 | Ferocious Kitten_ 6 years of covert surveillance in Iran _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.06.16.Ferocious_Kitten/Ferocious%20Kitten_%206%20years%20of%20covert%20surveillance%20in%20Iran%20_%20Securelist.pdf |
| 1415 | 2021-06-24 | d063937814ba93ea91211bfad9050a8e791634be | Operation Eagle Eye – Securifera | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.06.24.Operation_Eagle_Eye/Operation%20Eagle%20Eye%20%E2%80%93%20Securifera.pdf |
| 1416 | 2021-06-25 | 1c47b10138d1717b816ffba852e939cacda13cd2 | Cybersecurity_threats_2021-Q1-eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/PTSecurity/Cybersecurity_threats_2021-Q1-eng.pdf |
| 1417 | 2021-07-01 | 1e0588628d0a59185f79dcd422a3c0b9e0ec4a19 | IndigoZebra APT continues to attack Central Asia with evolving tools - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.01.IndigoZebra_APT/IndigoZebra%20APT%20continues%20to%20attack%20Central%20Asia%20with%20evolving%20tools%20-%20Check%20Point%20Research.pdf |
| 1418 | 2021-07-05 | 592860ae544200835fbe47e24e2f8120260064f6 | Tracking Cobalt Strike_ A Trend Micro Vision One Investigation | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.05.cobalt_strike_tracking/Tracking%20Cobalt%20Strike_%20A%20Trend%20Micro%20Vision%20One%20Investigation.pdf |
| 1419 | 2021-07-06 | 47b5872e770ab60fbb0567c160ebd2fd71de9d5a | Lazarus campaign TTPs and evolution _ AT&T Alien Labs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.06.Lazarus_TTPs_evolution/Lazarus%20campaign%20TTPs%20and%20evolution%20_%20AT%26T%20Alien%20Labs.pdf |
| 1420 | 2021-07-09 | 134f2e202dfedcb1bc0cf378237b52aebfdf6bce | BIOPASS RAT New Malware Sniffs Victims via Live Streaming | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.09.BIOPASS_RAT/BIOPASS%20RAT%20New%20Malware%20Sniffs%20Victims%20via%20Live%20Streaming.pdf |
| 1421 | 2021-07-12 | c8c216936ab67e42fe240e50ae1e0edb42c445c9 | #NoFilter_ Exposing the Tactics of Instagram Account Hackers | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.12.NoFilter/%23NoFilter_%20Exposing%20the%20Tactics%20of%20Instagram%20Account%20Hackers.pdf |
| 1422 | 2021-07-13 | d8f51b768c2767132210757a41aa0068c0edcaeb | ASEC_REPORT_vol.103_ENG | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/AhnLab/ASEC_REPORT_vol.103_ENG.pdf |
| 1423 | 2021-07-14 | 4929da9c7a9f48feec74f9e95942cc4bcae558e1 | How we protect users from 0-day attacks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.14.Candiru_0Day/How%20we%20protect%20users%20from%200-day%20attacks.pdf |
| 1424 | 2021-07-19 | 0f3bf0752bfd0844fdd3d4b2a306b8532155d44e | CSA_TTPs-of-Indicted-APT40-Actors-Associated-with-China-MSS-Hainan-State-Security-Department | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.19.APT40_TTP/CSA_TTPs-of-Indicted-APT40-Actors-Associated-with-China-MSS-Hainan-State-Security-Department.pdf |
| 1425 | 2021-07-20 | d89fd3072ca54b3027546576a3d11ec24b6af17e | wp-tracking-the-activities-of-teamTNT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.20.Tracking.TeamTNT/wp-tracking-the-activities-of-teamTNT.pdf |
| 1426 | 2021-07-26 | 1d8afcb0a27dd36ac103ce50236577d9b066b01c | FM 3-12 Cyberspace Operations and Electromagnetic Warfare 20 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/FM%203-12%20Cyberspace%20Operations%20and%20Electromagnetic%20Warfare%2020.pdf |
| 1427 | 2021-07-27 | 742607b5902b16a84a818c26fa5c7919d7642639 | THOR_ Previously Unseen PlugX Variant Deployed During Microsoft Exchange Server Attacks by PKPLUG Group | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.27.THOR_PKPLUG_Group/THOR_%20Previously%20Unseen%20PlugX%20Variant%20Deployed%20During%20Microsoft%20Exchange%20Server%20Attacks%20by%20PKPLUG%20Group.pdf |
| 1428 | 2021-07-28 | 6fa5641b366ea3cb82097902227cd9a6c2682607 | I Knew You Were Trouble_ TA456 Targets Defense Contractor with Alluring Social Media Persona _ Proofpoint US | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.07.28.TA456/I%20Knew%20You%20Were%20Trouble_%20TA456%20Targets%20Defense%20Contractor%20with%20Alluring%20Social%20Media%20Persona%20_%20Proofpoint%20US.pdf |
| 1429 | 2021-08-02 | 73ab28174d255e1168f7f37a1059e7724c030081 | TG1021 - Praying Mantis Threat Actor | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.02.TG1021_Praying_Mantis/TG1021%20-%20Praying%20Mantis%20Threat%20Actor.pdf |
| 1430 | 2021-08-03 | 11ceeb439a68322cf4e558528e7c1c1c07650b26 | DeadRinger_ Exposing Chinese Threat Actors Targeting Major Telcos | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.03.DeadRinger/DeadRinger_%20Exposing%20Chinese%20Threat%20Actors%20Targeting%20Major%20Telcos.pdf |
| 1431 | 2021-08-03 | 836d38706da0649008cfec7363adb8afdd865e65 | APT31 new dropper. Target destinations_ Mongolia, Russia, the U.S., and elsewhere | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.03.APT31_new_dropper/APT31%20new%20dropper.%20Target%20destinations_%20Mongolia%2C%20Russia%2C%20the%20U.S.%2C%20and%20elsewhere.pdf |
| 1432 | 2021-08-03 | baeb67b65db49abaa6006edff1ab3c2027f6646a | A step-by-step analysis of the new malware used by APT28_Sofacy called SkinnyBoy – CYBER GEEKS | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.03.SKINNYBOY/A%20step-by-step%20analysis%20of%20the%20new%20malware%20used%20by%20APT28_Sofacy%20called%20SkinnyBoy%20%E2%80%93%20CYBER%20GEEKS.pdf |
| 1433 | 2021-08-03 | f75539e7eea8d63a92a7c27b1bc5ba7f36cb73c7 | The Art of Cyberwarfare | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.03.Chinese_APTs_attackRussia/The%20Art%20of%20Cyberwarfare.pdf |
| 1434 | 2021-08-09 | a1c41f7fdb6f7c8fb6b716eadb1ed38acc825e56 | Cinobi Banking Trojan Targets Users of Cryptocurrency Exchanges with New Malvertising Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.09.Cinobi_Banking_Trojan/Cinobi%20Banking%20Trojan%20Targets%20Users%20of%20Cryptocurrency%20Exchanges%20with%20New%20Malvertising%20Campaign.pdf |
| 1435 | 2021-08-10 | 543a366fa1fa63ff8f723bacbdd87cc8fb645c15 | UNC215_ Spotlight on a Chinese Espionage Campaign in Israel _ FireEye Inc | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.10.UNC215_Chinese_Israel/UNC215_%20Spotlight%20on%20a%20Chinese%20Espionage%20Campaign%20in%20Israel%20_%20FireEye%20Inc.pdf |
| 1436 | 2021-08-12 | cd1679b297d1649491047771ba3a048192e577c7 | Uncovering Tetris – a Full Surveillance Kit Running in your Browser – imp0rtp3 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.12.Full-Surveillance-Kit-China/Uncovering%20Tetris%20%E2%80%93%20a%20Full%20Surveillance%20Kit%20Running%20in%20your%20Browser%20%E2%80%93%20imp0rtp3.pdf |
| 1437 | 2021-08-14 | 757ef48a54cef102a118185232edaf29063efa2d | Indra — Hackers Behind Recent Attacks on Iran - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.14.Indra_Iran/Indra%20%E2%80%94%20Hackers%20Behind%20Recent%20Attacks%20on%20Iran%20-%20Check%20Point%20Research.pdf |
| 1438 | 2021-08-17 | 0ac0607c1ca7b3c37963078ca00d7b42678b7bdb | volexity.com-North Korean APT InkySquid Infects Victims Using Browser Exploits | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.17.NK_APT_InkySquid/volexity.com-North%20Korean%20APT%20InkySquid%20Infects%20Victims%20Using%20Browser%20Exploits.pdf |
| 1439 | 2021-08-17 | 8aa09365daf1885aba46f3f46d07582ae06754d9 | Confucius Uses Pegasus Spyware-related Lures to Target Pakistani Military | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.17.Confucius_Pegasus/Confucius%20Uses%20Pegasus%20Spyware-related%20Lures%20to%20Target%20Pakistani%20Military.pdf |
| 1440 | 2021-08-17 | baedafd5738f76de4cf76381afc917cb0facd962 | 2021.08.17_new_iranian_campaign_by_Siamesekitten | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.17_new_iranian_campaign_by_Siamesekitten/2021.08.17_new_iranian_campaign_by_Siamesekitten.pdf |
| 1441 | 2021-08-19 | beca2ea7c71252aff71f45e5a6aedce2cadbc9f0 | Shadowpad | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.19.ShadowPad/Shadowpad.pdf |
| 1442 | 2021-08-24 | 82faf0f8be075ee1f3efaba5089fd9962328811f | volexity.com-North Korean BLUELIGHT Special InkySquid Deploys RokRAT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.24.NK_APT_InkySquid_RokRAT/volexity.com-North%20Korean%20BLUELIGHT%20Special%20InkySquid%20Deploys%20RokRAT.pdf |
| 1443 | 2021-08-24 | f5ba5f8240569e08da4796deb95b89ee1340d03d | wp-earth-baku-an-apt-group-targeting-indo-pacific-countries | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.24.Earth_Baku_Returns/wp-earth-baku-an-apt-group-targeting-indo-pacific-countries.pdf |
| 1444 | 2021-08-25 | 2f7a1368b3927bfbb7aea55aa173425cea798e5b | Bitdefender-PR-Whitepaper-FIN8-creat5619-en-EN | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.08.25.FIN8_Sardonic_Backdoor/Bitdefender-PR-Whitepaper-FIN8-creat5619-en-EN.pdf |
| 1445 | 2021-09-02 | 1eb5501d5d7378576a757794de2b1731cedfca98 | North Korean Cyberattacks A Dangerous and Evolving Threat 2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/North%20Korean%20Cyberattacks%20%20A%20Dangerous%20and%20Evolving%20Threat%202.pdf |
| 1446 | 2021-09-07 | 56752df9972f7695f87fffc0f0278cf16135a776 | Report2021ThreatHunting | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/CrowdStrike/Report2021ThreatHunting.pdf |
| 1447 | 2021-09-08 | 7d10596b5dd3375e6100b3370438a9fb9dc8e7a8 | Pro-PRC Influence Campaign Expands to Dozens of Social Media Platforms, Websites, and Forums in at Least Seven Languages, Attempted to Physically Mobilize Protesters in the U.S. _ FireEye Inc | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.09.08.Pro-PRC_Campaign/Pro-PRC%20Influence%20Campaign%20Expands%20to%20Dozens%20of%20Social%20Media%20Platforms%2C%20Websites%2C%20and%20Forums%20in%20at%20Least%20Seven%20Languages%2C%20Attempted%20to%20Physically%20Mobilize%20Protesters%20in%20the%20U.S.%20_%20FireEye%20Inc.pdf |
| 1448 | 2021-09-11 | d512fa27b8b1196c05cc32f4a9752c5913579e90 | APT_trends_report_Q2_2021_Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Kaspersky/APT_trends_report_Q2_2021_Securelist.pdf |
| 1449 | 2021-09-13 | 2e715005ca1bc480ffaf2a75a4bfc1651c3fb015 | APT-C-36 Updates Its Long-term Spam Campaign Against South American Entities With Commodity RATs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.09.13.APT-C-36_South_American/APT-C-36%20Updates%20Its%20Long-term%20Spam%20Campaign%20Against%20South%20American%20Entities%20With%20Commodity%20RATs.pdf |
| 1450 | 2021-09-14 | f6800cab68f7c1b95614a48cacd45ec079c32bd9 | Operation ‘Harvest’_ A Deep Dive into a Long-term Campaign _ McAfee Blogs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.09.14.Operation_Harvest/Operation%20%E2%80%98Harvest%E2%80%99_%20A%20Deep%20Dive%20into%20a%20Long-term%20Campaign%20_%20McAfee%20Blogs.pdf |
| 1451 | 2021-09-20 | c129b2753a0240db809636501db41d413003b583 | FY21_Microsoft_Digital_Defense_Report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Microsoft/FY21_Microsoft_Digital_Defense_Report.pdf |
| 1452 | 2021-09-23 | 0acf53ba83aaabb027f6e37905690e36bf7ef6e4 | FamousSparrow_ A suspicious hotel guest _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.09.23.FamousSparrow/FamousSparrow_%20A%C2%A0suspicious%20hotel%20guest%20_%20WeLiveSecurity.pdf |
| 1453 | 2021-09-23 | 1502a5da6914b420e3ffa6fe507419a692951970 | eset_threat_report_t22021 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/ESET/eset_threat_report_t22021.pdf |
| 1454 | 2021-09-27 | 36a2f04f55d02b967222faad2d629f6c1296007a | FoggyWeb_ Targeted NOBELIUM malware leads to persistent backdoor _ Microsoft Security Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.09.27.FoggyWeb/FoggyWeb_%20Targeted%20NOBELIUM%20malware%20leads%20to%20persistent%20backdoor%20_%20Microsoft%20Security%20Blog.pdf |
| 1455 | 2021-09-30 | 2d2c53b46c2c454a93aa1902a1940c973f8196de | GhostEmperor_technical-details_PDF_eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.09.30.GhostEmperor/GhostEmperor_technical-details_PDF_eng.pdf |
| 1456 | 2021-10-04 | b29056a7d71a0119d0296a203efe53692c584726 | Malware Gh0stTimes Used by BlackTech - JPCERT_CC Eyes _ JPCERT Coordination Center official Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.04.Gh0stTimes_BlackTech/Malware%20Gh0stTimes%20Used%20by%20BlackTech%20-%20JPCERT_CC%20Eyes%20_%20JPCERT%20Coordination%20Center%20official%20Blog.pdf |
| 1457 | 2021-10-05 | c838b993057ccdeb6cbfa25d879f891e995d1a2e | UEFI threats moving to the ESP_ Introducing ESPecter bootkit _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.05.ESPecter_bootkit/UEFI%20threats%20moving%20to%20the%20ESP_%20Introducing%20ESPecter%20bootkit%20_%20WeLiveSecurity.pdf |
| 1458 | 2021-10-06 | bab9bb00d8257cc19a6053d24e649884cebcec3a | Operation GhostShell_ Novel RAT Targets Global Aerospace and Telecoms Firms | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.06.Operation_GhostShell/Operation%20GhostShell_%20Novel%20RAT%20Targets%20Global%20Aerospace%20and%20Telecoms%20Firms.pdf |
| 1459 | 2021-10-12 | 01a8aab8c3dae6852f09ec151cf7afb6d1cfcc77 | MysterySnail attacks with Windows zero-day _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.12.MysterySnail/MysterySnail%20attacks%20with%20Windows%20zero-day%20_%20Securelist.pdf |
| 1460 | 2021-10-14 | 3e9e42157b00624ac9d5537837bc12139694be04 | Analyzing Email Services Abused for Business Email Compromise | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.14.BEC_groups/Analyzing%20Email%20Services%20Abused%20for%20Business%20Email%20Compromise.pdf |
| 1461 | 2021-10-15 | cff106c8ed7c8f625ed5c4deca151a7a385b5997 | Global_APT_Research_Report_for_the_first_half_of_2021-360 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/360/Global_APT_Research_Report_for_the_first_half_of_2021-360.pdf |
| 1462 | 2021-10-18 | a23d0adf9427966cbd9a55d0d7a34b1046d1cd1e | Harvester_ Nation-state-backed group uses new toolset to target victims in South Asia _ Symantec Blogs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.18.Harvester_South_Asia/Harvester_%20Nation-state-backed%20group%20uses%20new%20toolset%20to%20target%20victims%20in%20South%20Asia%20_%20Symantec%20Blogs.pdf |
| 1463 | 2021-10-19 | 2e682dca2ba1ed2bf2ac50d0d07f22c9b6bb0359 | Whatta TA_ TA505 Ramps Up Activity, Delivers New FlawedGrace Variant _ Proofpoint US | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.19.TA505_New_FlawedGrace/Whatta%20TA_%20TA505%20Ramps%20Up%20Activity%2C%20Delivers%20New%20FlawedGrace%20Variant%20_%20Proofpoint%20US.pdf |
| 1464 | 2021-10-19 | 98fe112857885dc84909b66d652305b9ff09952d | LightBasin_A-Roaming-Threat-to-Telecommunications-Companies_CrowdStrike | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.19.UNC1945_LightBasin/LightBasin_A-Roaming-Threat-to-Telecommunications-Companies_CrowdStrike.pdf |
| 1465 | 2021-10-19 | dfa5c713e19a1e537fb24955675433f4c22b3b05 | PurpleFox Adds New Backdoor That Uses WebSockets | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.19.PurpleFox/PurpleFox%20Adds%20New%20Backdoor%20That%20Uses%20WebSockets.pdf |
| 1466 | 2021-10-25 | 80d5d6464f2feb2ff8096841057b5d2bc4214cc5 | AfricanCyberthreatAssessment_ENGLISH | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/AfricanCyberthreatAssessment_ENGLISH.pdf |
| 1467 | 2021-10-26 | 4ef2ac990d902dd57573c84d2a9e32073419be36 | Malware WinDealer used by LuoYu Attack Group - JPCERT_CC Eyes _ JPCERT Coordination Center official Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.10.26.WinDealer_LuoYu_Group/Malware%20WinDealer%20used%20by%20LuoYu%20Attack%20Group%20-%20JPCERT_CC%20Eyes%20_%20JPCERT%20Coordination%20Center%20official%20Blog.pdf |
| 1468 | 2021-10-26 | a57364b181e963fb578604b96c8e8c076fd18c79 | CERTFR-2021-CTI-009 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/CERTFR-2021-CTI-009.pdf |
| 1469 | 2021-10-28 | 177ddb0153c6749da6258bf5cc2f9770214452d3 | Solarmarker_v2 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Solarmarker_v2.pdf |
| 1470 | 2021-11-04 | ee64c5385df7e65c33cbb7de8f802e279ab0a8c9 | Technical report Armagedon | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.04.Gamaredon_Armageddon_Group/Technical%20report%20Armagedon.pdf |
| 1471 | 2021-11-08 | d12903008af0fa50b26f425731eac32f8cd70bd2 | TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access – NCC Group Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.08.TA505_SolarWinds/TA505%20exploits%20SolarWinds%20Serv-U%20vulnerability%20%28CVE-2021-35211%29%20for%20initial%20access%20%E2%80%93%20NCC%20Group%20Research.pdf |
| 1472 | 2021-11-10 | ccc5f2d73b1912c88f9d513670b361b7da83d9ad | wp-void-balaur-tracking-a-cybermercenarys-activities (1) | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.10.Void_Balaur/wp-void-balaur-tracking-a-cybermercenarys-activities%20%281%29.pdf |
| 1473 | 2021-11-11 | ac3bc9d76279d5e7f01938bc9f93086aa946ddf0 | Analyzing a watering hole campaign using macOS exploits | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.11.watering_hole_macOS_exploits/Analyzing%20a%20watering%20hole%20campaign%20using%20macOS%20exploits.pdf |
| 1474 | 2021-11-15 | 423f5a4c910cbb9c0c31136fa8ffbbf9dcafd0e2 | FINDING BEACONS IN THE DARK 1650728751599 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/FINDING%20BEACONS%20IN%20THE%20DARK%201650728751599.pdf |
| 1475 | 2021-11-16 | 1f6daa02e5a9289aae807988f9f4dc3248fac1fb | Strategic web compromises in the Middle East with a pinch of Candiru _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.16.Pinch_of_Candiru/Strategic%20web%20compromises%20in%20the%20Middle%20East%20with%20a%20pinch%20of%20Candiru%20_%20WeLiveSecurity.pdf |
| 1476 | 2021-11-16 | b2e4b4c6640dcfb1be4198cff0caee607843c149 | UNC1151 Assessed with High Confidence to have Links to Belarus, Ghostwriter Campaign Aligned with Belarusian Government Interests _ Mandiant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.16.UNC1151/UNC1151%20Assessed%20with%20High%20Confidence%20to%20have%20Links%20to%20Belarus%2C%20Ghostwriter%20Campaign%20Aligned%20with%20Belarusian%20Government%20Interests%20_%20Mandiant.pdf |
| 1477 | 2021-11-16 | f7ab89e669d11e63e8f62a6fdb63127078fe0f23 | UNC1151_Assessed-with-High-Confidence-to-have-Links-to-Belarus_Mandiant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.16.UNC1115_Ghostwriter_Campaign/UNC1151_Assessed-with-High-Confidence-to-have-Links-to-Belarus_Mandiant.pdf |
| 1478 | 2021-11-18 | 9b0f4bbb3f0258b6bccef43be37e95125b747904 | TA406_triple-threat-N-Korea-aligned-TA406-steals-scams-spies_Proofpoint | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.18.TA406_North_Korea_aligned/TA406_triple-threat-N-Korea-aligned-TA406-steals-scams-spies_Proofpoint.pdf |
| 1479 | 2021-11-29 | 70c9ebf707682ca2311e3cedf264f4e7c66d7a15 | Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.11.29.Safib_Assistant/Campaign%20Abusing%20Legitimate%20Remote%20Administrator%20Tools%20Uses%20Fake%20Cryptocurrency%20Websites.pdf |
| 1480 | 2021-12-03 | 50ca1906cdc6559901f61b79f22ed57f47937e04 | conti-cyber-attack-on-the-hse-full-report | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.12.03.Conti_Attack_HSE/conti-cyber-attack-on-the-hse-full-report.pdf |
| 1481 | 2021-12-07 | 8d9d36d5a0f7e1b3367f0058888e59aae58ff855 | FIN13_ A Cybercriminal Threat Actor Focused on Mexico _ Mandiant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.12.07.FIN13/FIN13_%20A%20Cybercriminal%20Threat%20Actor%20Focused%20on%20Mexico%20_%20Mandiant.pdf |
| 1482 | 2021-12-11 | 91ae6d339296f9d85396d9aa2c1f279f2b05eb6b | eset_jumping_the_air_gap_wp | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.12.11.Jumping_the_air_gap/eset_jumping_the_air_gap_wp.pdf |
| 1483 | 2021-12-16 | 8e156a0a92cb4ed04111ced57054bf79b491cea1 | New DarkHotel APT attack chain identified _ Zscaler | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.12.16.New_DarkHotel_APT/New%20DarkHotel%20APT%20attack%20chain%20identified%20_%20Zscaler.pdf |
| 1484 | 2021-12-19 | 011d85f9602c8af14d9cf5bb0721633c1702f8bc | EN-BlackTech_2021 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2021/2021.12.19.BlackTech_APT/EN-BlackTech_2021.pdf |
| 1485 | 2022-01-03 | 9a4bfa953645a026d375321eef37b893847d80ad | Konni_targeting_Russian_diplomatic_sector | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.03.KONNI_Targets_Russian_Diplomatic/Konni_targeting_Russian_diplomatic_sector.pdf |
| 1486 | 2022-01-05 | f40128c46ba46871e88e231615d3f220c133324f | Sygnia- Elephant Beetle_Jan2022 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.05.Elephant_Beetle/Sygnia-%20Elephant%20Beetle_Jan2022.pdf |
| 1487 | 2022-01-07 | bc53a0db10794ce970ffd5d1c22e71f580e6eaed | Patchwork_Patchwork-APT-caught-in-its-own-web_MalwarebytesLabs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.07.Patchwork_APT_India/Patchwork_Patchwork-APT-caught-in-its-own-web_MalwarebytesLabs.pdf |
| 1488 | 2022-01-17 | 870bca331eac48550c2b19d5e931cf673abe8d9b | technical-brief-delving-deep-an-analysis-of-earth-lusca-operations | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.17.Earth_Lucsa/technical-brief-delving-deep-an-analysis-of-earth-lusca-operations.pdf |
| 1489 | 2022-01-20 | 5430c0dc9b0469443f1725e7e8a42febadb0b31b | MoonBounce_ the dark side of UEFI firmware _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.20.MoonBounce/MoonBounce_%20the%20dark%20side%20of%20UEFI%20firmware%20_%20Securelist.pdf |
| 1490 | 2022-01-25 | 08fff1030cceb4ca9a10bf788cf477017a5bae9c | Prime Minister’s Office Compromised_ Details of Recent Espionage Campaign | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.25.Prime_Minister_Compromised/Prime%20Minister%E2%80%99s%20Office%20Compromised_%20Details%20of%20Recent%20Espionage%20Campaign.pdf |
| 1491 | 2022-01-27 | 2bdc78b3bc56515322135f0dc78c058db89ef411 | North Korea's Lazarus APT leverages Windows Update client, GitHub in latest campaign _ Malwarebytes Labs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.27.Lazarus_APT/North%20Korea%27s%20Lazarus%20APT%20leverages%20Windows%20Update%20client%2C%20GitHub%20in%20latest%20campaign%20_%20Malwarebytes%20Labs.pdf |
| 1492 | 2022-01-27 | aec95bd02681262700b32b383e13345b29859bae | APT29_StellarParticle-Campaing_CrowdStrike | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.27.APT29_StellarParticle/APT29_StellarParticle-Campaing_CrowdStrike.pdf |
| 1493 | 2022-01-31 | 70b68051e0086125427abed0851380433dc93108 | Shuckworm_APT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.31.Shuckworm_APT/Shuckworm_APT.pdf |
| 1494 | 2022-01-31 | e58ce98ef061a0c2dd538e2fe1cc6dc9df402285 | Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.01.31.MuddyWater_Turkish/Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20Iranian%20APT%20MuddyWater%20targets%20Turkish%20users%20via%20malicious%20PDFs%2C%20executables.pdf |
| 1495 | 2022-02-01 | 34ba9f0c1b7b234a95ae5d96fc574e97551a9b85 | PowerLess Trojan_ Iranian APT Phosphorus Adds New PowerShell Backdoor for Espionage | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.02.01.Phosphorus_APT/PowerLess%20Trojan_%20Iranian%20APT%20Phosphorus%20Adds%20New%20PowerShell%20Backdoor%20for%20Espionage.pdf |
| 1496 | 2022-02-03 | 5c32c243e75a98bcbff60ec9678f6c4eb28881ce | Antlion_ Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan _ Symantec Blogs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.02.03.Antlion_APT/Antlion_%20Chinese%20APT%20Uses%20Custom%20Backdoor%20to%20Target%20Financial%20Institutions%20in%20Taiwan%20_%20Symantec%20Blogs.pdf |
| 1497 | 2022-02-08 | f72eb3b283f282c8ab825f3924c0341fb50d0f73 | eset_threat_report_t32021 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/ESET/eset_threat_report_t32021.pdf |
| 1498 | 2022-02-14 | 70c4e5d03aad858ada2452ff6faff202aa1401e1 | Report2022GTR | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/CrowdStrike/Report2022GTR.pdf |
| 1499 | 2022-02-15 | f0c6e1af701bfce2c62c66ae7e5845455f64ca81 | ShadowPad Malware Analysis _ Secureworks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.02.15_ShadowPad/ShadowPad%20Malware%20Analysis%20_%20Secureworks.pdf |
| 1500 | 2022-02-23 | 5c61980e67a35be135305a23a49801e89fa14780 | (Ex)Change of Pace_ UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware _ Mandiant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.02.23.UNC2596/%28Ex%29Change%20of%20Pace_%20UNC2596%20Observed%20Leveraging%20Vulnerabilities%20to%20Deploy%20Cuba%20Ransomware%20_%20Mandiant.pdf |
| 1501 | 2022-02-23 | b6a45bf5c338924a200e7c67eef4c3601dce0c9e | The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.02.23.Bvp47/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf |
| 1502 | 2022-03-01 | 248c00716584d84cbf66e6d19a4b27f28ee27c79 | Asylum Ambuscade_ State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement _ Proofpoint US | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.01.Asylum_Ambuscade/Asylum%20Ambuscade_%20State%20Actor%20Uses%20Compromised%20Private%20Ukrainian%20Military%20Emails%20to%20Target%20European%20Governments%20and%20Refugee%20Movement%20_%20Proofpoint%20US.pdf |
| 1503 | 2022-03-07 | cba4918a039ac19c5340c399f8828ee819275303 | The Good, the Bad, and the Web Bug_ TA416 Increases Operational Tempo Against European Governments as Conflict in Ukraine Escalates _ Proofpoint US | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.07.TA416/The%20Good%2C%20the%20Bad%2C%20and%20the%20Web%20Bug_%20TA416%20Increases%20Operational%20Tempo%20Against%20European%20Governments%20as%20Conflict%20in%20Ukraine%20Escalates%20_%20Proofpoint%20US.pdf |
| 1504 | 2022-03-08 | 3774add8772159cc87d60efe57e72ba435e7051b | New RURansom Wiper Targets Russia | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.08.RURansom_Wiper/New%20RURansom%20Wiper%20Targets%20Russia.pdf |
| 1505 | 2022-03-17 | 09c4f8ef3fced7f59e58ed7b506dcd2fb2a94fdc | Cyclops Blink Sets Sights on Asus Routers | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.17.Cyclops_Blink_Voodoo_Bear/Cyclops%20Blink%20Sets%20Sights%20on%20Asus%20Routers.pdf |
| 1506 | 2022-03-17 | e908e25d6553b35b8e87f04fe92f53d2dd6df732 | Appendix_Cyclops Blink Sets Sights on ASUS Routers | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.17.Cyclops_Blink_Voodoo_Bear/Appendix_Cyclops%20Blink%20Sets%20Sights%20on%20ASUS%20Routers.pdf |
| 1507 | 2022-03-23 | 551dbf96ed7bedc5778b2bd0f0e873c14a7e842b | Mustang Panda’s Hodur_ Old tricks, new Korplug variant _ WeLiveSecurity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.23.Mustang_Panda/Mustang%20Panda%E2%80%99s%20Hodur_%20Old%20tricks%2C%20new%20Korplug%20variant%20_%20WeLiveSecurity.pdf |
| 1508 | 2022-03-23 | c848df52070b8baac8ccb65d4a223c2370e75469 | telecom_research_en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.23.Kazakhstan_APT/telecom_research_en.pdf |
| 1509 | 2022-03-30 | ea6ce067a3a25f585984e9931b76131e254fc714 | New Milestones for Deep Panda_ Log4Shell and Digitally Signed Fire Chili Rootkits | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.03.30.Deep_Panda_New_Milestones/New%20Milestones%20for%20Deep%20Panda_%20Log4Shell%20and%20Digitally%20Signed%20Fire%20Chili%20Rootkits.pdf |
| 1510 | 2022-05-02 | 67f46c74653725c4e385c800f438eb8fd8805d05 | UNC3524_ Eye Spy on Your Email _ Mandiant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.05.02.UNC3524/UNC3524_%20Eye%20Spy%20on%20Your%20Email%20_%20Mandiant.pdf |
| 1511 | 2022-05-04 | 77b0b2d59915c9eb27318d061597a0706796cb02 | APT_trends_report_Q2_2022_Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Kaspersky/APT_trends_report_Q2_2022_Securelist.pdf |
| 1512 | 2022-05-05 | 9f57b345740588ac3769383ddc70ab3fe8abea8c | Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ Mustang Panda deploys a new wave of malware targeting Europe | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.05.05.Mustang_Panda_Europe/Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20Mustang%20Panda%20deploys%20a%20new%20wave%20of%20malware%20targeting%20Europe.pdf |
| 1513 | 2022-05-11 | 5f8c3de2c2e101c15d9c8fd9c86ca4cfcaeba07b | Cisco Talos Intelligence Group - Comprehensive Threat Intelligence_ Bitter APT adds Bangladesh to their targets | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.05.11.Bitter_APT_Bangladesh/Cisco%20Talos%20Intelligence%20Group%20-%20Comprehensive%20Threat%20Intelligence_%20Bitter%20APT%20adds%20Bangladesh%20to%20their%20targets.pdf |
| 1514 | 2022-05-12 | f36b4d4ba9a966e066d94ad15a9cc11e1c22ef1a | Threat Thursday_ Malware Rebooted - How Industroyer2 Takes Aim at Ukraine Infrastructure | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.05.12.Industroyer2_Ukraine/Threat%20Thursday_%20Malware%20Rebooted%20-%20How%20Industroyer2%20Takes%20Aim%20at%20Ukraine%20Infrastructure.pdf |
| 1515 | 2022-05-19 | a1b1ab94940c4ef9fc2694b8f65bed6de440e4f7 | Twisted Panda_ Chinese APT espionage operation against Russian’s state-owned defense institutes - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.05.19.Twisted_Panda/Twisted%20Panda_%20Chinese%20APT%20espionage%20operation%20against%20Russian%E2%80%99s%20state-owned%20defense%20institutes%20-%20Check%20Point%20Research.pdf |
| 1516 | 2022-05-26 | cae0df518ba65cdec37a220a4e608c6e68eebe9c | eset_threat_report_t12022 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/ESET/eset_threat_report_t12022.pdf |
| 1517 | 2022-06-02 | d05cfc990ee1f6ffe97aa7b07ea130da7a161476 | WinDealer dealing on the side _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.06.02.WinDealer/WinDealer%20dealing%20on%20the%20side%20_%20Securelist.pdf |
| 1518 | 2022-06-21 | d2665a6a8b82c1d4842965e79b469abe56101a2b | ToddyCat_ Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.06.21.ToddyCat_APT/ToddyCat_%20Unveiling%20an%20unknown%20APT%20actor%20attacking%20high-profile%20entities%20in%20Europe%20and%20Asia%20_%20Securelist.pdf |
| 1519 | 2022-06-27 | d947eca0780ae2be64623d792989115f95b9929b | Attacks on industrial control systems using ShadowPad _ Kaspersky ICS CERT | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.06.27.ShadowPad_ICS/Attacks%20on%20industrial%20control%20systems%20using%20ShadowPad%20_%20Kaspersky%20ICS%20CERT.pdf |
| 1520 | 2022-06-27 | fb8c120e618cddb8c89a2a5469d7b9983a45b703 | Overview of Russian GRU and SVR Cyberespionage Campaigns 1H 2022 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/Overview%20of%20Russian%20GRU%20and%20SVR%20Cyberespionage%20Campaigns%201H%202022.pdf |
| 1521 | 2022-07-25 | e2ace107f8d2140b86150d76edd08cd1e14cfe56 | CosmicStrand_ the discovery of a sophisticated UEFI firmware rootkit _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.07.25.CosmicStrand/CosmicStrand_%20the%20discovery%20of%20a%20sophisticated%20UEFI%20firmware%20rootkit%20_%20Securelist.pdf |
| 1522 | 2022-07-26 | 90c27a9a4c8b09ba026c6a112738dd7eb5fe3477 | Old cat, new tricks, bad habits | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.07.26.Charming_Kitten_APT/Old%20cat%2C%20new%20tricks%2C%20bad%20habits.pdf |
| 1523 | 2022-08-12 | d44d93c12fce2403517bf53705dfd78dbb61ae51 | LuckyMouse uses a backdoored Electron app to target MacOS - SEKOIA.IO Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.08.12.LuckyMouse/LuckyMouse%20uses%20a%20backdoored%20Electron%20app%20to%20target%20MacOS%20-%20SEKOIA.IO%20Blog.pdf |
| 1524 | 2022-08-12 | e93fbf3bc680023e383c1179424f054b94a7e86f | Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.08.12.Iron_Tiger_Mimi/Iron%20Tiger%20Compromises%20Chat%20Application%20Mimi%2C%20Targets%20Windows%2C%20Mac%2C%20and%20Linux%20Users.pdf |
| 1525 | 2022-09-08 | 0903ff6d3b598d56dc8806ebcbd48aa27a1f5df4 | BRONZE PRESIDENT Targets Government Officials _ Secureworks | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.09.08.BRONZE_PRESIDENT/BRONZE%20PRESIDENT%20Targets%20Government%20Officials%20_%20Secureworks.pdf |
| 1526 | 2022-09-28 | 59781a33093ab92e108580f0006aadd07ba58d21 | VB2022-Exploit-archaeology-a-forensic-history-of-in-the-wild-NSO-Group-exploits | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.09.28.EXPLOIT_ARCHAEOLOGY/VB2022-Exploit-archaeology-a-forensic-history-of-in-the-wild-NSO-Group-exploits.pdf |
| 1527 | 2022-10-04 | 9374ad6e92811e2ace3e0a9b78e3ebcd5b2c4295 | wp-the-rise-of-earth-aughisky | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.10.04.Rise_Earth_Aughisky/wp-the-rise-of-earth-aughisky.pdf |
| 1528 | 2022-10-04 | a986298519a3a053e642717bb5888ef8d18abe04 | IOCs-the-rise-of-earth-aughisky-tracking-the-campaigns-taidoor-started | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.10.04.Rise_Earth_Aughisky/IOCs-the-rise-of-earth-aughisky-tracking-the-campaigns-taidoor-started.pdf |
| 1529 | 2022-10-06 | 314c39ce253f68d062df9f0d9d641527da672101 | Mustang Panda Abuses Legitimate Apps to Target Myanmar Based Victims | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.10.06.Mustang_Panda_Myanmar/Mustang%20Panda%20Abuses%20Legitimate%20Apps%20to%20Target%20Myanmar%20Based%20Victims.pdf |
| 1530 | 2022-11-02 | d6178c8c86d3dac48ddf678e2abf3d3235d91bad | RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.11.02.RomCom_Ukraine_UK/RomCom%20Threat%20Actor%20Abuses%20KeePass%20and%20SolarWinds%20to%20Target%20Ukraine%20and%20Potentially%20the%20United%20Kingdom.pdf |
| 1531 | 2022-11-03 | 4890934ae6fa2e26959574d125ffeb519784672d | Indian Governmental Organizations Targeted by APT-36 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.11.03.APT-36/Indian%20Governmental%20Organizations%20Targeted%20by%20APT-36.pdf |
| 1532 | 2022-12-02 | 7f9b8506b73078f6b437f402197deadcb15e46e3 | Blowing Cobalt Strike Out of the Water With Memory Analysis | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.12.02.Cobalt_Strike_Out_of_the_Water/Blowing%20Cobalt%20Strike%20Out%20of%20the%20Water%20With%20Memory%20Analysis.pdf |
| 1533 | 2022-12-05 | 9c2e050959ee0d8e7e979b09b0d9674e2277cd15 | Message from Recorded Future | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.12.05.TAG-53_Russia/Message%20from%20Recorded%20Future.pdf |
| 1534 | 2022-12-06 | 20abcd71b5293e4c97768dd337b4260a88efcc7c | Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.12.06.Mustang_Panda/Mustang%20Panda%20Uses%20the%20Russian-Ukrainian%20War%20to%20Attack%20Europe%20and%20Asia%20Pacific%20Targets.pdf |
| 1535 | 2022-12-07 | 4d042f2898173264f3791050861eb0b4313213fe | Internet Explorer 0-day exploited by North Korean actor APT37 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2022/2022.12.07.APT37_0Day/Internet%20Explorer%200-day%20exploited%20by%20North%20Korean%20actor%20APT37.pdf |
| 1536 | 2023-01-09 | 3efdf94296306b558b39d4b2bfab93cb944a0013 | INTRINSEC - Emotet returns and deploys loaders | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.01.09.Emotet_return/INTRINSEC%20-%20Emotet%20returns%20and%20deploys%20loaders.pdf |
| 1537 | 2023-01-11 | 4d3fa4294df4b901a26c2f9bdbcae7c3be9f244a | Dark Pink APT unleashes malware for deeper and more sinister intrusions in the Asia-Pacific and Europe _ Group-IB Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.01.11.Dark_Pink_APT/Dark%20Pink%20APT%20unleashes%20malware%20for%20deeper%20and%20more%20sinister%20intrusions%20in%20the%20Asia-Pacific%20and%20Europe%20_%20Group-IB%20Blog.pdf |
| 1538 | 2023-01-26 | adc02a61be87eeccc1ea3e3c6a5db73e3946f258 | Welcome to Goot Camp_ Tracking the Evolution of GOOTLOADER Operations _ Mandiant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.01.26.GOOTLOADER_Operations/Welcome%20to%20Goot%20Camp_%20Tracking%20the%20Evolution%20of%20GOOTLOADER%20Operations%20_%20Mandiant.pdf |
| 1539 | 2023-05-24 | 58fc13f649bea13d627496f46994ec6cd4248b75 | Volt Typhoon targets US critical infrastructure with living-off-the-land techniques _ Microsoft Security Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.05.24.Volt_Typhoon/Volt%20Typhoon%20targets%20US%20critical%20infrastructure%20with%20living-off-the-land%20techniques%20_%20Microsoft%20Security%20Blog.pdf |
| 1540 | 2023-09-19 | c501ec19fa16b701ca5d314e13e09e5caec4d55f | New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.09.19.ShroudedSnooper_Middle_East/New%20ShroudedSnooper%20actor%20targets%20telecommunications%20firms%20in%20the%20Middle%20East%20with%20novel%20Implants.pdf |
| 1541 | 2023-10-13 | dcee2773b27c942311cd132eaa8b0c7151ff1042 | Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.10.13.Void_Rabisu/Void%20Rabisu%20Targets%20Female%20Political%20Leaders%20with%20New%20Slimmed-Down%20ROMCOM%20Variant.pdf |
| 1542 | 2023-10-26 | 48ce1e53bd1cc8713e65dca21f28bc454ad13826 | StripedFly_ Perennially flying under the radar _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.10.26.StripedFly/StripedFly_%20Perennially%20flying%20under%20the%20radar%20_%20Securelist.pdf |
| 1543 | 2023-10-31 | 279686f1f47cd4e182910601931d8cb66b41ae84 | From Albania to the Middle East_ The Scarred Manticore is Listening - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.10.31.Scarred_Manticore/From%20Albania%20to%20the%20Middle%20East_%20The%20Scarred%20Manticore%20is%20Listening%20-%20Check%20Point%20Research.pdf |
| 1544 | 2023-11-03 | 7873f4b161d89a40f97a4b4104f212f4d556459a | eset-apt-activity-report-q2-2023-q3-2023 | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/ESET/eset-apt-activity-report-q2-2023-q3-2023.pdf |
| 1545 | 2023-11-06 | 0b57681534b8f5cb21ca7bc51e5658350c44c2bb | Agonizing Serpens (Aka Agrius) Targeting the Israeli Higher Education and Tech Sectors | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.06.Agrius_Israeli/Agonizing%20Serpens%20%28Aka%20Agrius%29%20Targeting%20the%20Israeli%20Higher%20Education%20and%20Tech%20Sectors.pdf |
| 1546 | 2023-11-07 | e7439a8f14c663f73b68bd0cfd2fba45b02b3111 | Chinese APT Targeting Cambodian Government | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.07.Chinese_APT_Cambodian/Chinese%20APT%20Targeting%20Cambodian%20Government.pdf |
| 1547 | 2023-11-09 | ab3211cc642317a62c5330b640f24f08c3efb090 | Modern-Asian-APT-groups-TTPs_report_eng | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.09.Modern_Asian_APT_TTPs/Modern-Asian-APT-groups-TTPs_report_eng.pdf |
| 1548 | 2023-11-09 | f68c243dde7778085472543de3e7b5eac5141e6a | Modern Asia APT groups TTPs _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.09.Modern_Asian_APT_TTPs/Modern%20Asia%20APT%20groups%20TTPs%20_%20Securelist.pdf |
| 1549 | 2023-11-14 | 29c8ce1f0edb05ef632bc1b9d4f39f1d6d382a54 | APT29 attacks Embassies using CVE-2023-38831 - report en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.14.APT29_CVE-2023-38831/APT29%20attacks%20Embassies%20using%20CVE-2023-38831%20-%20report%20en.pdf |
| 1550 | 2023-11-23 | fa03024e3a1093b0ed371ab0694131ede49c5f32 | Israel-Hamas War Spotlight_ Shaking the Rust Off SysJoker - Check Point Research | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.23.israel-hamas-sysjoker/Israel-Hamas%20War%20Spotlight_%20Shaking%20the%20Rust%20Off%20SysJoker%20-%20Check%20Point%20Research.pdf |
| 1551 | 2023-11-27 | 359be6f14e3151f7efa230ed79d29fc01bdda962 | WildCard_ The APT Behind SysJoker Targets Critical Sectors in Israel | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.27.WildCard_SysJoker_Israel/WildCard_%20The%20APT%20Behind%20SysJoker%20Targets%20Critical%20Sectors%20in%20Israel.pdf |
| 1552 | 2023-11-30 | 746840e505e79254363b985feb4398670af1a6dd | New SugarGh0st RAT targets Uzbekistan government and South Korea | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.11.30.New_SugarGh0st_RAT/New%20SugarGh0st%20RAT%20targets%20Uzbekistan%20government%20and%20South%20Korea.pdf |
| 1553 | 2023-12-19 | 105d2dad10219b0e6106a0fb55c6a00e7faf401d | Seedworm_ Iranian Hackers Target Telecoms Orgs in North and East Africa _ Symantec Enterprise Blogs | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.12.19.Seedworm/Seedworm_%20Iranian%20Hackers%20Target%20Telecoms%20Orgs%20in%20North%20and%20East%20Africa%20_%20Symantec%20Enterprise%20Blogs.pdf |
| 1554 | 2023-12-21 | 95f848ff414c5e2288448815427b9f0019449ab9 | Intellexa and Cytrox_ From fixer-upper to Intel Agency-grade spyware | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.12.21.Intellexa_Cytrox/Intellexa%20and%20Cytrox_%20From%20fixer-upper%20to%20Intel%20Agency-grade%20spyware.pdf |
| 1555 | 2023-12-27 | f9ebf0bee52c3bcf2193f1ab477359918b00da03 | Operation Triangulation_ The last (hardware) mystery _ Securelist | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2023/2023.12.27.Operation_Triangulation/Operation%20Triangulation_%20The%20last%20%28hardware%29%20mystery%20_%20Securelist.pdf |
| 1556 | 2024-01-10 | e71c1c4cd3ade02e4291bb9547aa9efbd4ce1a92 | Active Exploitation of Two Zero-Day Vulnerabilities in Ivanti Connect Secure VPN _ Volexity | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2024/2024.01.10.Active_Exploitation_UTA0178/Active%20Exploitation%20of%20Two%20Zero-Day%20Vulnerabilities%20in%20Ivanti%20Connect%20Secure%20VPN%20_%20Volexity.pdf |
| 1557 | 2024-01-24 | 56d84bd5ecc8f133912aee057748de586059729e | The Endless Struggle Against APT10_ Insights from LODEINFO v0.6.6 - v0.7.3 Analysis - Researcher Blog - ITOCHU Cyber & Intelligence Inc_ | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2024/2024.01.24.APT10_LODEINFO/The%20Endless%20Struggle%20Against%20APT10_%20Insights%20from%20LODEINFO%20v0.6.6%20-%20v0.7.3%20Analysis%20-%20Researcher%20Blog%20-%20ITOCHU%20Cyber%20%26%20Intelligence%20Inc_.pdf |
| 1558 | 2024-01-25 | 20a6ee8d1830d059c2f8fa994e8be25860dac337 | JSAC2024_1_6_dongwook-kim_seulgi-lee_en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2024/2024.01.25.Lazarus_Group/JSAC2024_1_6_dongwook-kim_seulgi-lee_en.pdf |
| 1559 | 2024-02-13 | edb8c33bf3b3cf5cf4ae6236d90fc3b6ea5210c1 | CVE-2024-21412_ Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2024/2024.02.13.Water_Hydra/CVE-2024-21412_%20Water%20Hydra%20Targets%20Traders%20with%20Microsoft%20Defender%20SmartScreen%20Zero-Day.pdf |
| 1560 | 2024-02-14 | cceea736c1701121075cdfe16c219533a338954c | Staying ahead of threat actors in the age of AI _ Microsoft Security Blog | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2024/2024.02.14_APT_AI/Staying%20ahead%20of%20threat%20actors%20in%20the%20age%20of%20AI%20_%20Microsoft%20Security%20Blog.pdf |
| 1561 | 2024-02-15 | 3664b70f458df908c57d6e907c84bb75509c67fa | watchtower-2023-eoy-report-en | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/Report/SentinelOne/watchtower-2023-eoy-report-en.pdf |
| 1562 | 2024-02-23 | 109638002e0eabb128fc553f32cd7300ddf32148 | ConnectWise ScreenConnect attacks deliver malware – Sophos News | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2024/2024.02.23.ConnectWise_Malware/ConnectWise%20ScreenConnect%20attacks%20deliver%20malware%20%E2%80%93%20Sophos%20News.pdf |
| 1563 | 2024-02-27 | a31f70243b706d5a56bf988ae2fbdb703ddaddc9 | When Cats Fly_ Suspected Iranian Threat Actor UNC1549 Targets Israeli and Middle East Aerospace and Defense Sectors _ Mandiant | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2024/2024.02.27.UNC1549/When%20Cats%20Fly_%20Suspected%20Iranian%20Threat%20Actor%20UNC1549%20Targets%20Israeli%20and%20Middle%20East%20Aerospace%20and%20Defense%20Sectors%20_%20Mandiant.pdf |
| 1564 | 2024-03-07 | 70d471e53434b7806e3986a2ee97f6d6790b4673 | Evasive Panda leverages Monlam Festival to target Tibetans | https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/raw/master/2024/2024.03.07_Evasive_Panda/Evasive%20Panda%20leverages%20Monlam%20Festival%20to%20target%20Tibetans.pdf |