APT  APT Group  Co je APT  Historie  Hrozba  Charakteristika APT  1.Fáze  2.Fáze  3.Fáze  4.Fáze  Životní cyklus APT  Jak detekovat APT útok  Obrana proti APT  APT Tutoriál

DATE

NAME

CATEGORY

SUBCATEGORIES

INFO

18.12.24Earth KoshcheiAPTAPTEarth Koshchei Coopts Red Team Tools in Complex RDP Attacks

28.10.24

Lazarus APTAPTAPTThe Crypto Game of Lazarus APT: Investors vs. Zero-days

27.10.24

SideWinder APTGROUPBeyond the Surface: the evolution and expansion of the SideWinder APT group

3.8.24

APT28APTAPTToday, APT28 is consistently attributed to GRU Unit 26165, 85th Main Special Service Centre (GTsSS) of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GU/GRU). This attribution is mainly based on an indictment unsealed by the US Department of Justice (DoJ) in 2018.

3.8.24

Fighting UrsaAPTAPTA Russian threat actor we track as Fighting Ursa advertised a car for sale as a lure to distribute HeadLace backdoor malware. The campaign likely targeted diplomats and began as early as March 2024. Fighting Ursa (aka APT28, Fancy Bear and Sofacy) has been associated with Russian military intelligence and classified as an advanced persistent threat (APT).

3.8.24

APT41APTAPTAPT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike

2.8.24

Turla

APT

APT

Turla: A Master’s Art of Evasion

19.7.24

APT41APTAPTAPT41 Has Arisen From the DUST

17.7.24

DeputyDogAPTAPTItalian government agencies and companies in the target of a Chinese APT

17.7.24

FIN7 RebootAPTAPTFIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks

9.7.24

APT40APTAPTPeople’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

8.7.24

CloudSorcererAPTAPTCloudSorcerer – A new APT targeting Russian government entities
14.6.24Arid ViperAPTAPTArid Viper poisons Android apps with AridSpy
14.6.24Arid ViperAPTAPTArid Viper | APT’s Nest of SpyC23 Malware Continues to Target Android Devices

17.5.24

Kimsuky APTAPTKimsuky APT attack discovered using Facebook & MS management console

11.5.24

FIN7APTAPTFIN7 Uses Trusted Brands and Sponsored Google Ads to Distribute MSIX Payloads

7.5.24

APT42

APT

APT

Uncharmed: Untangling Iran's APT42 Operations

23.4.24APT28 APTAPTAnalyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials
23.4.24ToddyCatAPTAPTWe continue covering the activities of the APT group ToddyCat.This time, we have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts they are interested in, and what tools they use to extract it.

28.2.24

APT29

APT

APT

SVR cyber actors adapt tactics for initial cloud access

17.2.24Water HydraAPTAPTWater Hydra’s Zero-Day Attack Chain Targets Financial Traders

29.1.24

Midnight BlizzardAPTAPTMidnight Blizzard: Guidance for responders on nation-state attack