Date | Name | Category | Web |
| 26.12.20 | North Korea-linked Lazarus APT targets the COVID-19 research | APT | Securityaffairs |
| 23.12.20 | | APT | Threatpost |
| 23.12.20 | Lazarus covets COVID-19-related intelligence | APT | Securelist |
| 18.12.20 | Facebook unmasks Vietnam’s APT32 hacking group | APT | Bleepingcomputer |
| 18.12.20 | FireEye reveals that it was hacked by a nation state APT group | APT | Bleepingcomputer |
| 13.12.20 | Russian hackers hide Zebrocy malware in virtual disk images | APT | Bleepingcomputer |
| 13.12.20 | FireEye reveals that it was hacked by a nation state APT group | APT | Bleepingcomputer |
| 13.12.20 | Norway: Russian APT28 state hackers likely behind Parliament attack | APT | Bleepingcomputer |
| 12.12.20 | Facebook Shutters Accounts Used in APT32 Cyberattacks | APT | Threatpost |
| 12.12.20 | Facebook links cyberespionage group APT32 to Vietnamese IT firm | APT | Securityaffairs |
| 12.12.20 | Operations of Hacker Groups in Vietnam, Bangladesh Disrupted by Facebook | APT | Securityweek |
| 12.12.20 | Facebook Tracks APT32 OceanLotus Hackers to IT Company in Vietnam | APT | Thehackernews |
| 11.12.20 | | APT | Threatpost |
| 11.12.20 | Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware | APT | Securityaffairs |
| 11.12.20 | New Backdoors Used by Hamas-Linked Hackers Abuse Facebook, Dropbox | APT | Securityweek |
| 10.12.20 | FBI and Homeland Security warn of APT attacks on US think tanks | APT | Bleepingcomputer |
| 10.12.20 | Cyberespionage APT group hides behind cryptomining campaigns | APT | Bleepingcomputer |
| 10.12.20 | | APT | Threatpost |
| 10.12.20 | | APT | Threatpost |
| 10.12.20 | Webcast Today: APT Year in Review and Predictions for 2021 | APT | Securityweek |
| 10.12.20 | Russian APT28 Hackers Using COVID-19 as Bait to Deliver Zebrocy Malware | APT | Thehackernews |
6.12.20 | Cyber mercenaries group DeathStalker uses a new backdoor | APT | Securityaffairs |
| 5.12.20 | Hack-for-Hire Group 'DeathStalker' Uses New Backdoor in Recent Attacks | APT | Securityweek |
| 4.12.20 | | APT | Threatpost |
| 3.12.20 | What did DeathStalker hide between two ferns? | APT | Securelist |
| 3.12.20 | APT annual review: What the world’s threat actors got up to in 2020 | APT | Securelist |
| 3.12.20 | | APT | Threatpost |
| 3.12.20 | Russia-linked APT Turla used a new malware toolset named Crutch | APT | Securityaffairs |
| 3.12.20 | APT groups targets US Think Tanks, CISA, FBI warn | APT | Securityaffairs |
| 3.12.20 | Newly Discovered Turla Backdoor Used in Government Attacks | APT | Securityweek |
| 2.12.20 | Experts Uncover 'Crutch' Russian Malware Used in APT Attacks for 5 Years | APT | Thehackernews |
| 1.12.20 | Vietnam-linked Bismuth APT leverages coin miners to stay under the radar | APT | Securityaffairs |
20.11.20 | Alleged source code of Cobalt Strike toolkit shared online | APT | Bleepingcomputer |
20.11.20 | | APT | Threatpost |
19.11.20 | China-linked APT10 leverages ZeroLogon exploits in recent attacks | APT | Securityaffairs |
18.11.20 | Chinese APT FunnyDream targets a South East Asian government | APT | Securityaffairs |
18.11.20 | Sophisticated Chinese APT Group Targets Southeast Asian Governments | APT | Securityweek |
17.11.20 | Chinese APT Hackers Target Southeast Asian Government Institutions | APT | Thehackernews |
17.11.20 | Lazarus Group Targets South Korea via Supply Chain Attack | APT | Securityweek |
16.11.20 | Lazarus malware delivered to South Korean users via supply chain attacks | APT | Securityaffairs |
14.11.20 | Three APT groups have targeted at least seven COVID-19 vaccine makers | APT | Securityaffairs |
13.11.20 | Costaricto APT: Cyber mercenaries use previously undocumented malware | APT | Securityaffairs |
13.11.20 | Uncovered: APT 'Hackers For Hire' Target Financial, Entertainment Firms | APT | Thehackernews |
6.11.20 | Chinese APT Uses DLL Side-Loading in Attacks on Myanmar | APT | Securityweek |
5.11.20 | New KilllSomeOne APT group leverages DLL side-loading | APT | Securityaffairs |
5.11.20 | | APT | Threatpost |
4.11.20 | APT Groups Finding Success with Mix of Old and New Tools | APT | Threatpost |
3.11.20 | APT trends report Q3 2020 | APT | Securelist |
3.11.20 | North Korea-Linked APT Group Kimsuky spotted using new malware | APT | Securityaffairs |
29.10.20 | Russia-linked Turla APT hacked European government organization | APT | Securityaffairs |
29.10.20 | Iran-linked Phosphorous APT hacked emails of security conference attendees | APT | Securityaffairs |
29.10.20 | | APT | Threatpost |
24.10.20 | Iran-Linked Seedworm APT target orgs in the Middle East | APT | Securityaffairs |
20.10.20 | | APT | Threatpost |
20.10.20 | | APT | Threatpost |
19.10.20 | Iran-linked Silent Librarian APT targets universities again | APT | Securityaffairs |
| 15.10.20 | IAmTheKing and the SlothfulMedia malware family | APT | Securelist |
| 12.10.20 | APT groups chain VPN and Windows Zerologon bugs to attack US government networks | APT | Securityaffairs |
| 11.10.20 | Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns | APT | Securityaffairs |
| 11.10.20 | Microsoft Warns of Russian Cybercriminals Exploiting Zerologon Vulnerability | APT | Securityweek |
| 10.10.20 | Microsoft: Iranian hackers actively exploiting Windows Zerologon flaw | APT | Bleepingcomputer |
| 10.10.20 | MosaicRegressor: Second-ever UEFI rootkit found in the wild | APT | Bleepingcomputer |
| 9.10.20 | | APT | Threatpost |
| 6.10.20 | Iran-linked APT is exploiting the Zerologon flaw in attacks | APT | Securityaffairs |
| 6.10.20 | MosaicRegressor: Lurking in the Shadows of UEFI | APT | Securelist |
| 2.10.20 | XDSpy APT remained undetected since at least 2011 | APT | Securityaffairs |
| 1.10.20 | Twitter removed around 130 Iranian accounts for interference in US Presidential debate | APT Social | Securityaffairs |
| 1.10.20 | Twitter Removes Iran-Linked Accounts Aimed at Disrupting U.S. Presidential Debate | APT Social | Securityweek |
| 1.10.20 | North Korea APT group targeted tens of UN Security Council officials | APT | Securityaffairs |
| 30.9.20 | Chinese APT Group Targets Media, Finance, and Electronics Sectors | APT | Thehackernews |
| 29.9.20 | China-Linked 'BlackTech' Hackers Start Targeting U.S. | APT | Securityweek |
| 28.9.20 | Microsoft took down 18 Azure AD apps used by Chinese Gadolinium APT | APT | Securityaffairs |
| 23.9.20 | Russia-linked APT28 targets govt bodies with fake NATO training docs | APT | Securityaffairs |
| 18.9.20 | U.S. Imposes Sanctions on 'APT39' Iranian Hackers | APT | Securityweek |
| 18.9.20 | More Details Emerge on Operations, Members of Chinese Group APT41 | APT | Securityweek |
| 18.9.20 | | APT | Threatpost |
| 17.9.20 | APT41 actors charged for attacks on more than 100 victims globally | APT | Securityaffairs |
| 17.9.20 | U.S. Charges Alleged Hackers of Chinese APT41 Group for Attacks on 100 Firms | APT | Securityweek |
| 17.9.20 | FBI adds 5 Chinese APT41 hackers to its Cyber's Most Wanted List | APT | Thehackernews |
| 12.9.20 | | APT | Threatpost |
| 11.9.20 | Chinese, Iranian, and Russian APT groups target 2020 US election | APT | Securityaffairs |
| 10.9.20 | An overview of targeted attacks and APTs on Linux | APT | Securelist |
| 8.9.20 | Evilnum Cyberspies Update Arsenal in Recent Attacks | APT | Securityweek |
| 4.9.20 | Evilnum APT used Python-based RAT PyVil in recent attacks | APT | Securityaffairs |
| 3.9.20 | | APT | Threatpost |
| 2.9.20 | | APT | Threatpost |
| 1.9.20 | Iran-linked APT group Pioneer Kitten sells access to hacked networks | APT | Securityaffairs |
| 31.8.20 | Lazarus hackers target cryptocurrency orgs with fake job offers | APT | Bleepingcomputer |
29.8.20 | Iran-linked Charming Kitten APT contacts targets via WhatsApp, LinkedIn | APT | Securityaffairs |
| 26.8.20 | | APT | Threatpost |
| 26.8.20 | Transparent Tribe: Evolution analysis, part 2 | APT | Securelist |
| 26.8.20 | Lazarus APT targets cryptocurrency organizations with using LinkedIn lures | APT | Securityaffairs |
| 26.8.20 | APT Hackers Exploit Autodesk 3D Max Software for Industrial Espionage | APT | Thehackernews |
| 24.8.20 | Lifting the veil on DeathStalker, a mercenary triumvirate | APT | Securelist |
| 24.8.20 | Transparent Tribe APT hit 1000+ victims in 27 countries in the last 12 months | APT | Securityaffairs |
| 20.8.20 | Transparent Tribe: Evolution analysis,part 1 | APT | Securelist |
| 18.8.20 | Multiple Uninstallers Released for China-Linked 'GoldenSpy' Malware | APT | Securityweek |
| 15.8.20 | North Korea’s Lazarus compromised dozens of organizations in Israel | APT | Securityaffairs |
| 14.8.20 | Chinese APT CactusPete targets military and financial orgs in Eastern Europe | APT | Securityaffairs |
| 14.8.20 | | APT | Threatpost |
| 14.8.20 | FBI and NSA joint report details APT28’s Linux malware Drovorub | APT | Securityaffairs |
| 14.8.20 | China-Linked 'CactusPete' Hackers Successful Despite Lack of Sophistication | APT | Securityweek |
| 13.8.20 | CactusPete APT group’s updated Bisonal backdoor | APT | Securelist |
29 .7.20 | APT trends report Q2 2020 | APT | Securelist |
29 .7.20 | | APT | Threatpost |
29 .7.20 | North Korea-Linked Lazarus APT is behind the VHD ransomware | APT | Securityaffairs |
| 28.7.20 | Lazarus on the hunt for big game | APT | Securelist |
23 .7.20 | Lazarus hackers deploy ransomware, steal data using MATA malware | APT | Bleepingcomputer |
23 .7.20 | New MATA Multi-platform malware framework linked to NK Lazarus APT | APT | Securityaffairs |
23 .7.20 | Multi-Platform Malware Framework Linked to North Korean Hackers | APT | Securityweek |
23 .7.20 | North Korean Hackers Spotted Using New Multi-Platform Malware Framework | APT | Thehackernews |
23 .7.20 | | APT | Threatpost |
23 .7.20 | | APT | Threatpost |
22 .7.20 | MATA: Multi-platform targeted malware framework | APT | Securelist |
17 .7.20 | Iran-linked APT35 accidentally exposed 40 GB associated with their operations | APT | Securityaffairs |
17 .7.20 | Iran-Linked Hackers Accidentally Exposed 40 GB of Their Files | APT | Securityweek |
16 .7.20 | UK NCSC blames Russia-linked APT29 for attacks on COVID-19 vaccine research | APT BigBrothers | Securityaffairs |
16 .7.20 | CIA covert operations likely behind attacks against APT34 and FSB | APT BigBrothers | Securityaffairs |
12 .7.20 | Researchers link APT15 hackers to Chinese military company | APT | Bleepingcomputer |
| 7.7.20 | | APT | Threatpost |
| 6.7.20 | North Korean Lazarus APT stole credit card data from US and EU stores | APT | Securityaffairs |
| 6.20 | Microcin is here | APT | Securelist |
| 6.20 | Cycldek: Bridging the (air) gap | APT Attack | Securelist |
| 29.5.20 | The zero-day exploits of Operation WizardOpium | APT Exploit | Securelist |
27.5.20 | Turla's Updated ComRAT Malware Uses Gmail for C&C Communication | APT | Securityweek |
27.5.20 | Turla APT Revamps One of Its Go-To Spy Tools | APT | Threatpost |
27.5.20 | New Turla ComRAT backdoor uses Gmail for Command and Control | APT | Securityaffairs |
| 23.5.20 | | APT | Threatpost |
| 21.5.20 | Iran-linked Chafer APT group targets governments in Kuwait and Saudi Arabia | APT | Securityaffairs |
| 21.5.20 | Iranian APT Group Targets Governments in Kuwait and Saudi Arabia | APT | Thehackernews |
| 17.5.20 | APT group targets high profile networks in Central Asia | APT | Securityaffairs |
| 16.5.20 | Chinese APT Tropic Trooper target air-gapped military Networks in Asia | APT | Securityaffairs |
| 16.5.20 | Mysterious Chinese APT Linked to Multiple Central Asian Campaigns | APT | Securityweek |
| 15.5.20 | Russian APT Turla’s COMpfun malware uses HTTP status codes to receive commands | APT | Securityaffairs |
| 14.5.20 | COMpfun authors spoof visa application with HTTP status-based Trojan | APT Virus | Securelist |
| 10.5.20 | North Korean hackers infect real 2FA app to compromise Macs | Apple APT | Bleepingcomputer |
| 10.5.20 | North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT | APT | Securityaffairs |
| 9.5.20 | Naikon’s Aria | APT | Securelist |
8.5.20 | Naikon APT Hid Five-Year Espionage Attack Under Radar | APT | Threatpost |
8.5.20 | Naikon APT is flying under the radar since 2015 | APT | Securityaffairs |
7.5.20 | Chinese Naikon APT Rediscovered After New Five-year Stealth Campaign | APT | Securityweek |
30.4.20 | APT trends report Q1 2020 | APT | Securelist |
| 29.4.20 | Hiding in plain sight: PhantomLance walks into a market | APT | Securelist |
| 24.4.20 | | APT | Threatpost |
| 24.4.20 | Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak | APT | Securityaffairs |
| 24.4.20 | Vietnam-linked APT32 group launches COVID-19-themed attacks against China | APT | Securityaffairs |
| 24.4.20 | Nazar: Old Iran-Linked APT Operation Monitored by NSA | APT | Securityweek |
| 24.4.20 | Vietnamese Hackers Mount COVID-19 Espionage Campaigns Against China | APT | Securityweek |
| 22.4.20 | China-linked Winnti APT targets South Korean Gaming firm | APT | Securityaffairs |
17.4.20 | Syria-linked APT group SEA targets Android users with COVID19 lures | APT | Securityaffairs |
15.4.20 | Attack on San Francisco Airport Linked to Russian Hackers | APT | Securityweek |
| 15.4.20 | Russia-linked Energetic Bear APT behind San Francisco airport attacks | APT | Securityaffairs |
| 9.4.20 | China-Linked Hackers Systematically Targeted Linux Servers for Years | APT | Securityweek |
| 9.4.20 | | APT | Net-security |
| 7.4.20 | DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies | APT BigBrothers | Securityaffairs |
| 7.4.20 | South Korea-Linked Hackers Targeted Chinese Government via VPN Zero-Day | APT BigBrothers | Securityweek |
| 1.4.20 | Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy | APT | Threatpost |
31.3.20 | Holy Water targets religious figures and charities in Asia | APT | Securityaffairs |
31.3.20 | Holy water: ongoing targeted water-holing attack in Asia | APT | Securelist |
| 28.3.20 | Russian Hackers Exploited Windows Flaws in Attacks on European Firms | APT Exploit | Securityweek |
| 27.3.20 | New financially motivated attacks in Western Europe traced to Russian-speaking threat actors | APT | Securityaffairs |
| 27.3.20 | | Apple APT | Threatpost |
| 27.3.20 | iOS exploit chain deploys LightSpy feature-rich malware | Apple APT | Securelist |
| 26.3.20 | China-linked APT41 group exploits Citrix, Cisco, Zoho flaws | APT | Securityaffairs |
| 26.3.20 | | APT CyberSpy | Threatpost |
| 26.3.20 | China-linked APT41 group exploits Citrix, Cisco, Zoho flaws | APT | Securityaffairs |
| 25.3.20 | China's APT41 Exploited Citrix, Cisco, ManageEngine Flaws in Global Campaign | APT | Securityweek |
| 25.3.20 | WildPressure, a new APT group targets the Middle East’s industrial sector | APT | Securityaffairs |
| 25.3.20 | 'WildPressure' Campaign Targets Industrial Sector in Middle East | APT | Securityweek |
| 24.3.20 | WildPressure targets industrial-related entities in the Middle East | APT | Securelist |
20.3.20 | Russia-linked APT28 has been scanning vulnerable email servers in the last year | APT | Securityaffairs |
20.3.20 | Russia-Linked Cybercriminals Use Legitimate Tools in Attacks on German Firms | APT | Securityweek |
19.3.20 | Is APT27 Abusing COVID-19 To Attack People ?! | APT | Securityaffairs |
19.3.20 | Hunting APTs with YARA | APT | Securelist |
18.3.20 | APT36 Taps Coronavirus as ‘Golden Opportunity’ to Spread Crimson RAT | APT | Threatpost |
| 14.3.20 | Coronavirus-Themed APT Attack Spreads Malware | APT | Threatpost |
| 14.3.20 | China-linked APT Hackers Launch Coronavirus-Themed Attacks | APT | Securityweek |
| 13.3.20 | State-sponsored hackers are launching Coronavirus-themed attacks | APT | Securityaffairs |
| 13.3.20 | Russia-Linked Turla APT uses new malware in watering hole attacks | APT | Securityaffairs |
| 4.3.20 | The North Korean Kimsuky APT threatens South Korea evolving its TTPs | APT BigBrothers | Securityaffairs |
| 3.3.20 | Karkoff 2020: a new APT34 espionage operation involves Lebanon Government | APT | Threatpost |
27.2.20 | Roaming Mantis, part V | APT | Securelist |
27.2.20 | | APT | Threatpost |
20 .2.20 | DRBControl cyber-espionage group targets gambling, betting companies | APT CyberSpy | Securityaffairs |
| 19.2.20 | Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign | APT BigBrothers | Threatpost |
13.2.20 | MoleRATs APT group targets Palestinian territories | APT | Securityaffairs |
| 7.2.20 | Iran-linked APT group Charming Kitten targets journalists, political and human rights activists | APT | Securityaffairs |
6.2.20 | Gamaredon APT Improves Toolset to Target Ukraine Government, Military | APT | Threatpost |
| 2.2.20 | Winnti APT Group targeted Hong Kong Universities | APT | Securityaffairs |
31.1.20 | Iran-linked APT34 group is targeting US federal workers | APT | Securityaffairs |
| 21.1.20 | Mitsubishi Electric discloses data breach, media blame China-linked APT | APT | Securityaffairs |
15.1.20 | Why Russian APT Fancy Bear hacked the Ukrainian energy firm Burisma? | APT | Securityaffairs |
14.1.20 | China-linked APT40 group hides behind 13 front companies | APT | Securityaffairs |
11.1.20 | | APT | Threatpost |
10.1.20 | North Korea-linked Lazarus APT continues to target cryptocurrency exchanges | APT Cryptocurrency | Securityaffairs |
| 8.1.20 | China-based Bronze President APT targets South and East Asia | APT | Securityaffairs |
| 8.1.20 | Chinese Cyber-Espionage Group Targeted NGOs for Years | APT | Securityweek |
2.1.20 | Microsoft Seizes Web Domains Used by North Korean Hackers | APT | Securityweek |
1.1.20 | Microsoft Takes North Korean Hacking Group Thallium to Court | APT | Bleepingcomputer |
| | | |