APT APT Group Co je APT Historie Hrozba Charakteristika APT 1.Fáze 2.Fáze 3.Fáze 4.Fáze Životní cyklus APT Jak detekovat APT útok Obrana proti APT APT Tutoriál
DATE | NAME | CATEGORY | SUBCATEGORIES | INFO |
3.8.24 | APT28 | APT | APT | Today, APT28 is consistently attributed to GRU Unit 26165, 85th Main Special Service Centre (GTsSS) of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GU/GRU). This attribution is mainly based on an indictment unsealed by the US Department of Justice (DoJ) in 2018. |
3.8.24 | Fighting Ursa | APT | APT | A Russian threat actor we track as Fighting Ursa advertised a car for sale as a lure to distribute HeadLace backdoor malware. The campaign likely targeted diplomats and began as early as March 2024. Fighting Ursa (aka APT28, Fancy Bear and Sofacy) has been associated with Russian military intelligence and classified as an advanced persistent threat (APT). |
3.8.24 | APT41 | APT | APT | APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike |
2.8.24 | APT | Turla: A Master’s Art of Evasion | ||
19.7.24 | APT41 | APT | APT | APT41 Has Arisen From the DUST |
17.7.24 | DeputyDog | APT | APT | Italian government agencies and companies in the target of a Chinese APT |
17.7.24 | FIN7 Reboot | APT | APT | FIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks |
9.7.24 | APT40 | APT | APT | People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action |
8.7.24 | CloudSorcerer | APT | APT | CloudSorcerer – A new APT targeting Russian government entities |
| 14.6.24 | Arid Viper | APT | APT | Arid Viper poisons Android apps with AridSpy |
| 14.6.24 | Arid Viper | APT | APT | Arid Viper | APT’s Nest of SpyC23 Malware Continues to Target Android Devices |
17.5.24 | Kimsuky | APT | APT | Kimsuky APT attack discovered using Facebook & MS management console |
11.5.24 | FIN7 | APT | APT | FIN7 Uses Trusted Brands and Sponsored Google Ads to Distribute MSIX Payloads |
7.5.24 | APT | Uncharmed: Untangling Iran's APT42 Operations | ||
| 23.4.24 | APT28 | APT | APT | Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials |
| 23.4.24 | ToddyCat | APT | APT | We continue covering the activities of the APT group ToddyCat.This time, we have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts they are interested in, and what tools they use to extract it. |
28.2.24 | APT | SVR cyber actors adapt tactics for initial cloud access | ||
| 17.2.24 | Water Hydra | APT | APT | Water Hydra’s Zero-Day Attack Chain Targets Financial Traders |
29.1.24 | Midnight Blizzard | APT | APT | Midnight Blizzard: Guidance for responders on nation-state attack |