APT  APT Group  Co je APT  Historie  Hrozba  Charakteristika APT  1.Fáze  2.Fáze  3.Fáze  4.Fáze  Životní cyklus APT  Jak detekovat APT útok  Obrana proti APT  APT Tutoriál

DATE

NAME

INFO

CATEGORY

SUBCATEGORIES
3.11.25 CN APT CN APT targets Serbian Government APT APT
1.11.25 APT-C-60 APT-C-60 intensified operations against Japanese organizations during Q3 2025, deploying three updated SpyGlace backdoor versions with refined tracking mechanisms, modified encryption, and sophisticated abuse of GitHub, StatCounter, and Git for stealthy malware distribution. APT APT
1.11.25 BRONZE BUTLER BRONZE BUTLER exploits Japanese asset management software vulnerability APT APT
29.10.25 BlueNoroff Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs APT APT
29.10.25 Mem3nt0 mori Mem3nt0 mori – The Hacking Team is back! APT APT
28.10.25 SideWinder SideWinder's Shifting Sands: Click Once for Espionage APT APT
25.10.25 Gotta fly Gotta fly: Lazarus targets the UAV sector APT APT
25.10.25 MuddyWater Unmasking MuddyWater’s New Malware Toolkit Driving International Espionage APT APT

11.10.25

 HAFNIUM Hafnium is a Chinese state-sponsored advanced persistent threat (APT) group, also referred to as Silk Typhoon, and is known for sophisticated cyber espionage targeting critical APT APT
3.10.25 Phantom Taurus Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite APT APT
20.9.25 Subtle Snail Subtle Snail (UNC1549) is an Iran-nexus espionage group linked to Unyielding Wasp (Tortoiseshell), which is part of the Eclipsed Wasp (Charming Kitten) network. APT APT
19.9.25 Gamaredon X Turla Notorious APT group Turla collaborates with Gamaredon, both FSB-associated groups, to compromise high‑profile targets in Ukraine APT APT
18.9.25 RevengeHotels RevengeHotels: a new wave of attacks leveraging LLMs and VenomRAT APT APT
18.9.25 TA415 Going Underground: China-aligned TA415 Conducts U.S.-China Economic Relations Targeting Using VS Code Remote Tunnels APT APT
15.9.25 Cyberspike Villager Cyberspike Villager – Cobalt Strike’s AI-native Successor APT AI
9.9.25 Salt Typhoon and UNC4841 Salt Typhoon and UNC4841: Silent Push Discovers New Domains; Urges Defenders to Check Telemetry and Log Data APT APT
5.9.25 APT28 Analyzing NotDoor: Inside APT28’s Expanding Arsenal APT APT
4.9.25 Lazarus RATs Three Lazarus RATs coming for your cheese APT APT
2.9.25 Silver Fox Chasing the Silver Fox: Cat & Mouse in Kernel Shadows APT APT
30.8.25 APT36 APT36: Targets Indian BOSS Linux Systems with Weaponized AutoStart Files APT APT
29.8.25 APT29 Amazon disrupts watering hole campaign by Russia’s APT29 APT APT
17.8.25 EncryptHub When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal APT APT
20.6.25 APT29 What’s in an ASP? Creative Phishing Attack on Prominent Academics and Critics of Russia APT APT
14.6.25 APT PROFILE – MISSION2025 MISSION2025 is a Chinese state-sponsored advanced persistent threat (APT) group linked to APT41. Active since at least 2012, the group has conducted cyberespionage and APT APT
10.6.25 Rare Werewolf Sleep with one eye open: how Librarian Ghouls steal data by night APT APT
5.6.25 BladedFeline ESET researchers analyzed a cyberespionage campaign conducted by BladedFeline, an Iran-aligned APT group with likely ties to OilRig APT APT
29.5.25 APT41 Innovative Tactics Mark Your Calendar: APT41 Innovative Tactics APT APT
14.5.24 Swan Vector Unveiling Swan Vector APT Targeting Taiwan and Japan with varied DLL Implants APT Group
19.4.25 Earth Estries Earth Estries is a Chinese Advanced Persistent Threat (APT) group that has gained prominence for its sophisticated cyber espionage activities targeting critical infrastructure and government entities globally. APT PROFILE

27.3.25

 APT36 TURNING AID INTO ATTACK TURNING AID INTO ATTACK: EXPLOITATION OF PAKISTAN’S YOUTH LAPTOP SCHEME TO TARGET INDIA APT BLOG
12.3.25 Blind Eagle: Blind Eagle: …And Justice for All APT APT
11.3.25 SideWinder SideWinder targets the maritime and nuclear sectors with an updated toolset APT APT
28.2.25 Angry Likho Angry Likho: Old beasts in a new forest APT APT
22.2.25 Earth Preta Earth Preta Mixes Legitimate and Malicious Components to Sidestep Detection APT APT
5.2.25 Silent Lynx Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations APT APT
18.12.24 Earth Koshchei Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks APT APT
17.12.24 BITTER APT BITTER APT Targets Chinese Government Agency APT APT
17.12.24 Mask APT Careto is back: what’s new after 10 years of silence? APT APT
11.12.24 Rakshasa  Likely China-based Attackers Target High-profile Organizations in Southeast Asia APT APT
04.12.24 Snowblind Snowblind: The Invisible Hand of Secret Blizzard APT APT
03.12.24 Kimsuky  Analysis of Kimsuky Threat Actor's Email Phishing Campaign APT APT

27.11.24

APT-C-60

Attacks by the attack group APT-C-60 using legitimate services

APT

APT

22.11.24

APT-K-47

Unveiling the Past and Present of APT-K-47 Weapon: Asyncshell

APT

APT

28.10.24

 Lazarus APT The Crypto Game of Lazarus APT: Investors vs. Zero-days APT APT

27.10.24

 SideWinder Beyond the Surface: the evolution and expansion of the SideWinder APT group APT GROUP

3.8.24

APT28Today, APT28 is consistently attributed to GRU Unit 26165, 85th Main Special Service Centre (GTsSS) of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GU/GRU). This attribution is mainly based on an indictment unsealed by the US Department of Justice (DoJ) in 2018. APT APT

3.8.24

Fighting UrsaA Russian threat actor we track as Fighting Ursa advertised a car for sale as a lure to distribute HeadLace backdoor malware. The campaign likely targeted diplomats and began as early as March 2024. Fighting Ursa (aka APT28, Fancy Bear and Sofacy) has been associated with Russian military intelligence and classified as an advanced persistent threat (APT). APT APT

3.8.24

APT41APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike APT APT

2.8.24

Turla

Turla: A Master’s Art of Evasion

APT

APT

19.7.24

APT41APT41 Has Arisen From the DUST APT APT

17.7.24

DeputyDogItalian government agencies and companies in the target of a Chinese APT APT APT

17.7.24

FIN7 RebootFIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks APT APT

9.7.24

APT40People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action APT APT

8.7.24

CloudSorcererCloudSorcerer – A new APT targeting Russian government entities APT APT
14.6.24Arid ViperArid Viper poisons Android apps with AridSpy APT APT
14.6.24Arid ViperArid Viper | APT’s Nest of SpyC23 Malware Continues to Target Android Devices APT APT

17.5.24

Kimsuky Kimsuky APT attack discovered using Facebook & MS management console APT APT

11.5.24

FIN7FIN7 Uses Trusted Brands and Sponsored Google Ads to Distribute MSIX Payloads APT APT

7.5.24

APT42

Uncharmed: Untangling Iran's APT42 Operations

APT

APT

23.4.24 APT28 Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials APT APT
23.4.24 ToddyCat We continue covering the activities of the APT group ToddyCat.This time, we have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts they are interested in, and what tools they use to extract it. APT APT

28.2.24

APT29

SVR cyber actors adapt tactics for initial cloud access

APT

APT

17.2.24Water HydraWater Hydra’s Zero-Day Attack Chain Targets Financial Traders APT APT

29.1.24

 Midnight Blizzard Midnight Blizzard: Guidance for responders on nation-state attack APT APT