APT APT Group Co je APT Historie Hrozba Charakteristika APT 1.Fáze 2.Fáze 3.Fáze 4.Fáze Životní cyklus APT Jak detekovat APT útok Obrana proti APT APT Tutoriál
DATE |
NAME |
CATEGORY |
SUBCATEGORIES |
INFO |
| 19.4.25 | Earth Estries | APT | PROFILE | Earth Estries is a Chinese Advanced Persistent Threat (APT) group that has gained prominence for its sophisticated cyber espionage activities targeting critical infrastructure and government entities globally. |
|
27.3.25 |
APT36 TURNING AID INTO ATTACK | APT | BLOG | TURNING AID INTO ATTACK: EXPLOITATION OF PAKISTAN’S YOUTH LAPTOP SCHEME TO TARGET INDIA |
| 12.3.25 | Blind Eagle: | APT | APT | Blind Eagle: …And Justice for All |
| 11.3.25 | SideWinder | APT | APT | SideWinder targets the maritime and nuclear sectors with an updated toolset |
| 28.2.25 | Angry Likho | APT | APT | Angry Likho: Old beasts in a new forest |
| 22.2.25 | Earth Preta | APT | APT | Earth Preta Mixes Legitimate and Malicious Components to Sidestep Detection |
| 5.2.25 | Silent Lynx | APT | APT | Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations |
| 18.12.24 | Earth Koshchei | APT | APT | Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks |
| 17.12.24 | BITTER APT | APT | APT | BITTER APT Targets Chinese Government Agency |
| 17.12.24 | Mask APT | APT | APT | Careto is back: what’s new after 10 years of silence? |
| 11.12.24 | Rakshasa | APT | APT | Likely China-based Attackers Target High-profile Organizations in Southeast Asia |
| 04.12.24 | Snowblind | APT | APT | Snowblind: The Invisible Hand of Secret Blizzard |
| 03.12.24 | Kimsuky | APT | APT | Analysis of Kimsuky Threat Actor's Email Phishing Campaign |
|
27.11.24 |
APT |
Attacks by the attack group APT-C-60 using legitimate services |
||
|
22.11.24 |
APT |
Unveiling the Past and Present of APT-K-47 Weapon: Asyncshell |
||
|
28.10.24 | Lazarus APT | APT | APT | The Crypto Game of Lazarus APT: Investors vs. Zero-days |
|
27.10.24 | SideWinder | APT | GROUP | Beyond the Surface: the evolution and expansion of the SideWinder APT group |
3.8.24 | APT28 | APT | APT | Today, APT28 is consistently attributed to GRU Unit 26165, 85th Main Special Service Centre (GTsSS) of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GU/GRU). This attribution is mainly based on an indictment unsealed by the US Department of Justice (DoJ) in 2018. |
3.8.24 | Fighting Ursa | APT | APT | A Russian threat actor we track as Fighting Ursa advertised a car for sale as a lure to distribute HeadLace backdoor malware. The campaign likely targeted diplomats and began as early as March 2024. Fighting Ursa (aka APT28, Fancy Bear and Sofacy) has been associated with Russian military intelligence and classified as an advanced persistent threat (APT). |
3.8.24 | APT41 | APT | APT | APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike |
2.8.24 | APT | Turla: A Master’s Art of Evasion | ||
19.7.24 | APT41 | APT | APT | APT41 Has Arisen From the DUST |
17.7.24 | DeputyDog | APT | APT | Italian government agencies and companies in the target of a Chinese APT |
17.7.24 | FIN7 Reboot | APT | APT | FIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks |
9.7.24 | APT40 | APT | APT | People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action |
8.7.24 | CloudSorcerer | APT | APT | CloudSorcerer – A new APT targeting Russian government entities |
| 14.6.24 | Arid Viper | APT | APT | Arid Viper poisons Android apps with AridSpy |
| 14.6.24 | Arid Viper | APT | APT | Arid Viper | APT’s Nest of SpyC23 Malware Continues to Target Android Devices |
17.5.24 | Kimsuky | APT | APT | Kimsuky APT attack discovered using Facebook & MS management console |
11.5.24 | FIN7 | APT | APT | FIN7 Uses Trusted Brands and Sponsored Google Ads to Distribute MSIX Payloads |
7.5.24 | APT | Uncharmed: Untangling Iran's APT42 Operations | ||
| 23.4.24 | APT28 | APT | APT | Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials |
| 23.4.24 | ToddyCat | APT | APT | We continue covering the activities of the APT group ToddyCat.This time, we have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts they are interested in, and what tools they use to extract it. |
28.2.24 | APT | SVR cyber actors adapt tactics for initial cloud access | ||
| 17.2.24 | Water Hydra | APT | APT | Water Hydra’s Zero-Day Attack Chain Targets Financial Traders |
29.1.24 |
Midnight Blizzard | APT | APT | Midnight Blizzard: Guidance for responders on nation-state attack |