Cyber Campaigns Operation 2024 - 2026 | 2025 | 2024 | 2023 | 2022 | 2021 | 2020 | 2019 | 2018 | 2017 | 2016 | 2015 | 2014 | 2013 | 2012 | 2011 | 2010 | 2009 | 2008
|
DATE |
NAME |
INFO |
CATEGORY |
SUBCATE |
| 2024 | Operation Digital Eye | Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels | OPERATION | OPERATION |
| 2024 | Operation Soft Cell | Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers | OPERATION | OPERATION |
| 2024 | Operation Tainted Love | Operation Tainted Love | Chinese APTs Target Telcos in New Attacks | OPERATION | OPERATION |
| 2024 | Operation Undercut | "Operation Undercut"Shows Multifaceted Nature of SDA’s Influence Operations | OPERATION | OPERATION |
| 2024 | Operation Magnus | On the 28th of October 2024 the Dutch National Police, working in close cooperation with the FBI and other partners of the international law enforcement task force Operation Magnus, .. | OPERATION | OPERATION |
| 2024 | OperationCodeonToast | AhnLab and NCSC Release Joint Report on Microsoft Zero-Day Browser Vulnerability (CVE-2024-38178) | OPERATION | OPERATION |
| 2024 | Velvet Ant | China-Nexus Threat Group ‘Velvet Ant’ Abuses F5 Load Balancers for Persistence | OPERATION | OPERATION |
| 2024 | Unfading Sea Haze | Unfading Sea Haze: New Espionage Campaign in the South China Sea | OPERATION | OPERATION |
| 2024 | Celestial Force | Operation Celestial Force employs mobile and desktop malware to target Indian entities | OPERATION | OPERATION |
| 2024 | DNS PROBING OPERATION | WHAT A SHOW! AN AMPLIFIED INTERNET SCALE DNS PROBING OPERATION | OPERATION | OPERATION |
| 2024 | Operation Crimson Palace | Operation Crimson Palace: Sophos threat hunting unveils multiple clusters of Chinese state-sponsored activity targeting Southeast Asian government | OPERATION | OPERATION |
| 2024 | Decoy Dog 2 | Hellhounds: operation Lahat | OPERATION | OPERATION |
| 2024 | Decoy Dog 1 | Hellhounds: operation Lahat | OPERATION | OPERATION |
| 2024 | BlueDelta | GRU's BlueDelta Targets Key Networks in Europe with Multi-Phase Espionage Campaigns | OPERATION | OPERATION |
| 2024 | Doppelganger | This page is designed to gather a timeline of the Doppelganger operation with a few elements collected from different reports. | OPERATION | OPERATION |
| 2024 | Diplomatic Specter | Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia | OPERATION | OPERATION |
| 2024 | GHOSTENGINE | Elastic Security Labs has identified REF4578, an intrusion set incorporating several malicious modules and leveraging vulnerable drivers to disable known security solutions (EDRs) for crypto mining. | OPERATION | OPERATION |
| 2024 | Operation Windigo | The vivisection of a large Linux server-side credential stealing malware campaign | OPERATION | OPERATION |
| 2024 | RoundPress | ESET researchers uncover a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities | OPERATION | OPERATION |
| 2024 | MUDDLING MEERKAT | A CUNNING OPERATOR: MUDDLING MEERKAT AND CHINA’S GREAT FIREWALL | OPERATION | OPERATION |
| 2024 | Operation MidnightEclipse | A critical command injection vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. | OPERATION | OPERATION |
| 2024 | Cuckoobees | Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation | OPERATION | OPERATION |
| 2024 | Operation PhantomBlu | A malware campaign employs new TTPs and behaviors to evade detection and deploy NetSupport RAT. | OPERATION | OPERATION |
| 2024 | DEEP#GOSU | Securonix Threat Research Security Advisory: Analysis of New DEEP#GOSU Attack Campaign Likely Associated with North Korean Kimsuky Targeting Victims with Stealthy Malware | OPERATION | OPERATION |
| 2024 | Operation Texonto | Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war | OPERATION | OPERATION |
| 2024 | Scammers Paradise | “Scammers Paradise” —Exploring Telegram’s Dark Markets, Breeding Ground for Modern Phishing Operations | OPERATION | OPERATION |
| 2024 | RE#TURGENCE | Securonix Threat Research Security Advisory: New RE#TURGENCE Attack Campaign: Turkish Hackers Target MSSQL Servers to Deliver Domain-Wide MIMIC Ransomware | OPERATION | OPERATION |
| 2024 | (RMM) tools | Spam campaign targeting Brazil abuses Remote Monitoring and Management tools | CAMPAIGN | PHISHING |
| 2024 | FreeDrain | FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network | CAMPAIGN | PHISHING |
| 2024 | Pahalgam Attack themed | Advisory: Pahalgam Attack themed decoys used by APT36 to target the Indian Government | CAMPAIGN | APT |
| 2024 | Hive0117 | New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware | CAMPAIGN | PHISHING |
| 2024 | DeceptionAds | “DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising | CAMPAIGN | MALWARETISING |
| 2024 | HubPhish | Effective Phishing Campaign Targeting European Companies and Organizations | CAMPAIGN | Phishing |
| 2024 | Drops Zbot | Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware | CAMPAIGN | RANSOMWARE |
| 2024 | Earth Kasha Spear | Guess Who’s Back - The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024 | CAMPAIGN | PHISHING |
| 2024 | Secret Blizzard | Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage | CAMPAIGN | ESPIONAGE |
| 2024 | Dream Job | Iranian “Dream Job” Campaign 11.24 | CAMPAIGN | CAMPAIGN |
| 2024 | VEILDrive | Unmasking VEILDrive: Threat Actors Exploit Microsoft Services for C2 | CAMPAIGN | EXPLOIT |
| 2024 | CopyRh(ight)adamantys | CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits | CAMPAIGN | EXPLOIT |
| 2024 | Typosquat | Typosquat Campaign Targeting npm Developers | CAMPAIGN | MALWARE |
| 2024 | Rampant Phishing | You’re Invited: Rampant Phishing Abuses Eventbrite | CAMPAIGN | PHISHING |
| 2024 | Gun Campaign | TeamTNT’s Docker Gatling Gun Campaign | CAMPAIGN | CAMPAIGN |
| 2024 | ClickFix | ClickFix tactic: The Phantom Meet | CAMPAIGN | SOCIAL |
| 2024 | SilentSelfie | SilentSelfie: Uncovering a major watering hole campaign against Kurdish websites | CAMPAIGN | CAMPAIGN |
| 2024 | SloppyLemming | Unraveling SloppyLemming’s Operations Across South Asia | CAMPAIGN | Crypto |
| 2024 | Salt Typhoon | China's 'Salt Typhoon' Cooks Up Cyberattacks on US ISPs | CAMPAIGN | ISP |
| 2024 | Earth Baxia | Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC | CAMPAIGN | PHISHING |
| 2024 | Vanilla Tempest | Highway Blobbery: Data Theft using Azure Storage Explorer | CAMPAIGN | Ransomware |
| 2024 | Storm clouds | Storm clouds on the horizon: Resurgence of TeamTNT? | CAMPAIGN | CAMPAIGN |
| 2024 | Proxyjacking | From Automation to Exploitation: The Growing Misuse of Selenium Grid for Cryptomining and Proxyjacking | CAMPAIGN | CRYPTOCURRENCY |
| 2024 | Crimson Palace | Crimson Palace returns: New Tools, Tactics, and Targets | CAMPAIGN | APT |
| 2024 | Earth Preta | Earth Preta Evolves its Attacks with New Malware and Strategies | CAMPAIGN | APT |
| 2024 | Voldemort | The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers “Voldemort” | CAMPAIGN | CAMPAIGN |
| 2024 | SLOW#TEMPEST | From Cobalt Strike to Mimikatz: A Deep Dive into the SLOW#TEMPEST Campaign Targeting Chinese Users | CAMPAIGN | APT |
| 2024 | Tusk | Tusk: unraveling a complex infostealer campaign | CAMPAIGN | Malware |
| 2024 | River of Phish | SPEAR-PHISHING CASES FROM EASTERN EUROPE 2022-2024A TECHNICAL BRIEF | CAMPAIGN | Phishing |
| 2024 | Earth Baku | A Dive into Earth Baku’s Latest Campaign | CAMPAIGN | CAMPAIGN |
| 2024 | Panamorfi | A New Discord DDoS Campaign | CAMPAIGN | DDOS |
| 2024 | ERIAKOS | "ERIAKOS" Scam Campaign: Detected by Recorded Future’s Payment Fraud Intelligence Team | CAMPAIGN | Scam |
| 2024 | DEV#POPPER campaign | The Securonix Threat Research team has been monitoring the threat actors behind the ongoing investigation into the DEV#POPPER campaign, we have identified additional malware variants linked to the same North Korean threat actors using similar, stealthy malicious code execution tactics, though now with much more robust capabilities. | CAMPAIGN | CAMPAIGN |
| 2024 | OneDrive Pastejacking | OneDrive Pastejacking: The crafty phishing and downloader campaign | CAMPAIGN | PHISHING |
| 2024 | CVE-2024-21412 | Exploiting CVE-2024-21412: A Stealer Campaign Unleashed | CAMPAIGN | CVE |
| 2024 | Sustained | Sustained Campaign Using Chinese Espionage Tools Targets Telcos | CAMPAIGN | CAMPAIGN |
| 2024 | Spinning YARN | Spinning YARN - A New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis and Confluence | CAMPAIGN | Malware |
| 2024 | Earth Hundun's | Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024 | CAMPAIGN | CyberSpy |
| 2024 | APT28 | APT28 campaign targeting Polish government institutions | CAMPAIGN | APT |
| 2024 | DEV#POPPER | ANALYSIS OF DEV#POPPER: NEW ATTACK CAMPAIGN TARGETING SOFTWARE DEVELOPERS LIKELY ASSOCIATED WITH NORTH KOREAN THREAT ACTORS | CAMPAIGN | Campaign |
| 2024 | ArcaneDoor | ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices | CAMPAIGN | Spy |
| 2024 | FROZEN#SHADOW Attack | Analysis of Ongoing FROZEN#SHADOW Attack Campaign Leveraging SSLoad Malware and RMM Software for Domain Takeover | CAMPAIGN | Campaign |
| 2024 | BlackTech | Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear | CAMPAIGN | Cyberespionage |
| 2024 | DuneQuixote | DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware | CAMPAIGN | Campaign |
| 2024 | Connect:fun | In a new threat briefing, Forescout Research – Vedere Labs details an exploitation campaign targeting organizations running Fortinet’s FortiClient EMS which is vulnerable to CVE-2023-48788. We are designating this campaign Connect:fun because of the use of ScreenConnect and Powerfun as post-exploitation tools – our first-ever named campaign. | CAMPAIGN | Campaign |
| 2024 | SteganoAmor | SteganoAmor campaign: TA558 mass-attacking companies and public institutions all around the world | CAMPAIGN | Campaign |
| 2024 | DarkBeatC2 | DarkBeatC2: The Latest MuddyWater Attack Framework | CAMPAIGN | APT |
| 2024 | eXotic Visit | ESET researchers uncovered the eXotic Visit espionage campaign that targets users mainly in India and Pakistan with seemingly innocuous apps | CAMPAIGN | Android |
| 2024 | Raspberry Robin | Raspberry Robin Now Spreading Through Windows Script Files | CAMPAIGN | Virus |
| 2024 | ShadowRay | ShadowRay: First Known Attack Campaign Targeting AI Workloads Actively Exploited In The Wild | CAMPAIGN | AI |
| 2024 | RedAlpha | Recorded Future’s Insikt Group has identified two new cyberespionage campaigns targeting the Tibetan Community over the past two years. | CAMPAIGN | Campaign |
| 2024 | Copybara Fraud Operation | On top of this fraud operation architecture, TAs exploit Social Engineering techniques for distributing the Copybara banking trojan, which typically involves smishing and vishing techniques, leveraging native-speaker operators. In particular, several samples reveal TAs distributing Copybara through seemingly legitimate apps, utilizing logos of well-known banks and names that sound authentic, such as “Caixa Sign Nueva”, “BBVA Codigo”, “Sabadell Codigo”. | CAMPAIGN | Operation |
| 2024 | Spinning YARN | Spinning YARN - A New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis and Confluence | CAMPAIGN | Campaign |
| 2024 | SMUGX | CHINESE THREAT ACTORS TARGETING EUROPE IN SMUGX CAMPAIGN | CAMPAIGN | Campaign |
| 2024 | Earth Preta | Earth Preta Campaign Uses DOPLUGS to Target Asia | CAMPAIGN | Campaign |
| 2024 | Commando Cat | The Nine Lives of Commando Cat: Analysing a Novel Malware Campaign Targeting Docker | CAMPAIGN | Cryptocurrency |
| 2024 | Mind Sandstorm | New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs | CAMPAIGN | Campaign |
| 2024 | DB#JAMMER | Securonix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware | CAMPAIGN | Campaign |
| s |