Cyber Campaigns - Úvod  Cyber Campaigns  Operation  CERT Alert  CERT Analysy New  CERT Publication New 

Analyst Tools - Diamond Model  Kill Chain  Three Tools Every Cyber Analyst Should Have

Cyber Arms Dealers - Eye Pyramid  Hacking Team  Lench IT Solutions  EndGame  NetraGard  NSO Group  Zerodium

CHINA - APT1  APT 3  APT 12  APT18  APT30  Aurora  Axiom   DeputyDog  Operation Ephemeral Hydra  Derusbi  Anchor  Beijing North Computer Center  Clandestine Fox  Codoso  Deep Panda  Elderwood Project  GhostNet  Gothic Panda  Hellsing APT  Hurricane Panda  Ice Fog  Yanbian Group  IXESHE  Lotus Blossom  Lucky Cat  Nation Research Council  Net Traveler  Mirage  Naikon  Night Dragon  Numbered Panda  Putter Panda  VOHO  RSA Hack  Safe – A Targeted Threat  Samurai Panda  Shady Rat  Shiqiang Gang  Sin Digoo  Su Bin  SunShop  Titan Rain and Moonlight Maze  Tropic Trooper

IRAN - Operation Ababil  Operation Cleaver  U.S. Navy Marine Corps Intranet (1, 2, 3Newscaster  Copy Kitten  Rocket Kitten  Saffron Rose (Flying Kitten) (and more)  Sands Casino  Shamoon  Threat Group-2889  Woolen Goldfish

Russia - 2008 Attack on Georgia  Anunak  Armageddon  Berserk Bear  Cloud Atlas  CozyDuke (aka CozyBear, CozyCar, OnionDuke or Office Monkeys)  Energetic Bear/DragonFly/Havex  Fort Disco  Inception   Kelihos Botnet  Red October  PawnStorm (AKA Sofacy/APT28/ More APT 28Scarab  Scarcruft  Sandworm  TeamSpy  Turla  Uroburos

N.Korea and S.Korea - Cyber Attacks in South Korea March 2013  Bureau 121  DarkSeoul  OnionDog  Guardians of Peace (Sony Pictures) (Alternate site) (alternate name: Silent ChollimaOperation Troy  DarkHotel <possible South Korea>

India - Operation Hangover

France -  Snowglobe

Spanish - The Mask Careto  El Machete

US - Payback  Blitzkrieg  Operation Ferguson  Operation KKK  Operation Uncaged (PawSec/Op4Paws)  Operation Death Eaters (Anonymous vs. Pedophiles)  OpSeaWorld  OpDonaldTrump

Middle Eastern - OpIsrael/OpUSA/OpPetrol  AridViper  OpGaza (1, 2)

Cyber and BotNets - Asporx  Butteryfly  CoreFlood  CryptoLocker  DarkHotel  Fin4  Ghost Click  High Roller  Threat Group-3279 (targeting video game industry)  Xu Gang

Military - Operation 54 (Citadel)  Operation ACHing Mules  Operation Buckshot Yankee (DOD – Agent.Btz)  Operation BugDrop  Operation Card Shop  Operation Clean Internet (China)  Operation Cyber Knight  Operation Cyberslam  Operation Onymous  Operation Rolling Tide  Operation Shrouded Horizon  Operation Torpedo  Operation Tovar (Gameover Zeus) Bot Roast  Gozi Takedown  LulzsSec Demantling  MegaUpload (KimDotCom Arrest)  Silk Road Takedown  Silk Road 2.0 Takedown  U.S. Charges Five Chinese Military Hackers

Malware - Agent BTZ (Russia)  Comfoo (PRC APTs)  DNS Changer (Ghost Click)  HTRAN  Hydraq  IEXPLORE RAT  LOIC  Lurid  MyDoom  Poison Ivy

Other - 414s  Corsair Jackal   DustySky  Equation Group  Flame  Stuxnet  Regin  Operation Emmental  Operation Socialist  Operation Pawn Storm   Volatile Cedar  Desert Falcon 

CyberSpy - Operation Wilted Tulip

 


Operation

Operation Ababil  Operation AntiSec  Operation Blackout  Operation Defense  Operation Payback  #OpIsrael  Operation PZCHAO  OpNoDAPL  OpKillingBay 2016 Update  OpIcarus Project Mayhem  OperationLGBT  OpIcarus Re-Engaged  OpOperadoras  OpWhiteRose vs Donald Trump  OpTrump Attacks & Other DDoS Attacks on Donald Trump  OpIsrael Update - April 2016  OpGaston  OpIsrael Update - February 2016  OpAfrica Update - March 2016  OpAbdiMohamed  OpRight2Rest  OpIcarus  OpKillingBay Update - February 2016  OpAfrica  OpISIS  OpKillingBay  OpParis  OpKillingBay Update  OpParis Update  OpTrump  OpSaveGaza  OpIsrael 2015 


CERT Alert US CERT

Date

Název

2018AA18-284A : Publicly Available Tools Seen in Cyber Incidents Worldwide
2018TA18-276B : Advanced Persistent Threat Activity Exploiting Managed Service Providers

2018

TA18-276A : Using Rigorous Credential Control to Mitigate Trusted Network Exploitation
2018TA18-275A : HIDDEN COBRA – FASTCash Campaign

2018

TA18-201A : Emotet Malware

2018

TA18-149A : HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm

2018

TA18-145A : Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

2018

TA18-141A : Side-Channel Vulnerability Variants 3a and 4

2018

TA18-106A : Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices

2018

TA18-086A : Brute Force Attacks Conducted by Cyber Actors

2018

TA18-074A : Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors

2018

TA18-004A : Meltdown and Spectre Side-Channel Vulnerability Guidance

2017

TA17-318B : HIDDEN COBRA – North Korean Trojan: Volgmer

2017

TA17-318A : HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL

2017

TA17-293A : Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors

2017

TA17-181A : Petya Ransomware

2017

TA17-164A : HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure

2017

TA17-163A : CrashOverride Malware

2017

TA17-156A : Reducing the Risk of SNMP Abuse

2017

TA17-132A : Indicators Associated With WannaCry Ransomwar

2017

TA17-117A : Intrusions Affecting Multiple Victims Across Multiple Sectors

2017

TA17-075A : HTTPS Interception Weakens TLS Security

2016

TA16-336A : Avalanche (crimeware-as-a-service infrastructure)

2016

TA16-288A : Heightened DDoS Threat Posed by Mirai and Other Botnets

2016

TA16-250A : The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations

2016

TA16-187A : Symantec and Norton Security Products Contain Critical Vulnerabilities

2016

TA16-144A : WPAD Name Collision Vulnerability

2016

TA16-132A : Exploitation of SAP Business Applications

2016

TA16-105A : Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced

2016

TA16-091A : Ransomware and Recent Variants

2015

TA15-337A : Dorkbot

2015

TA15-314A : Compromised Web Servers and Web Shells - Threat Awareness and Guidance

2015

TA15-286A : Dridex P2P Malware

2015

TA15-240A : Controlling Outbound DNS Access

2015

TA15-213A : Recent Email Phishing Campaigns – Mitigation and Response Recommendations

2015

TA15-195A : Adobe Flash and Microsoft Windows Vulnerabilities

2015

TA15-120A : Securing End-to-End Communications

2015

TA15-119A : Top 30 Targeted High Risk Vulnerabilities

2015

TA15-119A : Top 30 Targeted High Risk Vulnerabilities

2015

TA15-105A : Simda Botnet

2015

TA15-103A : DNS Zone Transfer AXFR Requests May Leak Domain Information

2015

TA15-098A : AAEH

2015

TA15-051A : Lenovo Superfish Adware Vulnerable to HTTPS Spoofing

2014

TA14-353A : Targeted Destructive Malware

2014

TA14-329A : Regin Malware

2014

TA14-323A : Microsoft Windows Kerberos KDC Remote Privilege Escalation Vulnerability

2014

TA14-318B : Microsoft Windows OLE Automation Array Remote Code Execution Vulnerability

2014

TA14-318A : Microsoft Secure Channel (Schannel) Vulnerability (CVE-2014-6321)

2014

TA14-317A : Apple iOS 'Masque Attack' Technique

2014

TA14-310A : Microsoft Ending Support for Windows Server 2003 Operating System

2014

TA14-300A : Phishing Campaign Linked with “Dyre” Banking Malware

2014

TA14-295A : Crypto Ransomware

2014

TA14-290A : SSL 3.0 Protocol Vulnerability and POODLE Attack

2014

TA14-268A : GNU Bourne-Again Shell (Bash) ‘Shellshock’ Vulnerability
(CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277 and CVE 2014-6278)

2014

TA14-212A : Backoff Point-of-Sale Malware

2014

TA14-150A : GameOver Zeus P2P Malware

2014

TA14-098A : OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)

2014

TA14-069A : Microsoft Ending Support for Windows XP and Office 2003

2014

TA14-017A : UDP-Based Amplification Attacks

2014

TA14-013A : NTP Amplification Attacks Using CVE-2013-5211

2014

TA14-002A : Malware Targeting Point of Sale Systems

2014

TA13-317A : Microsoft Updates for Multiple Vulnerabilities

2014

TA13-309A : CryptoLocker Ransomware Infections

2014

TA13-288A : Microsoft Updates for Multiple Vulnerabilities

2014

TA13-253A : Microsoft Updates for Multiple Vulnerabilities

2014

TA13-225A : Microsoft Updates for Multiple Vulnerabilities

2014

TA13-207A : Risks of Using the Intelligent Platform Management Interface (IPMI)

2013

TA13-193A : Exploit Tool Targets Vulnerabilities in McAfee ePolicy Orchestrator (ePO)

2013

TA13-190A : Microsoft Updates for Multiple Vulnerabilities

2013

TA13-175A : Risks of Default Passwords on the Internet

2013

TA13-169A : Oracle Releases Updates for Javadoc and Other Java SE Vulnerabilities

2013

TA13-168A : Microsoft Updates for Multiple Vulnerabilities

2013

TA13-141A : Washington, DC Radio Station Web Site Compromises

2013

TA13-134A : Microsoft Updates for Multiple Vulnerabilities

2013

TA13-107A : Oracle Has Released Multiple Updates for Java SE

2013

TA13-100A : Microsoft Updates for Multiple Vulnerabilities

2013

TA13-088A : DNS Amplification Attacks

2013

TA13-071A : Microsoft Updates for Multiple Vulnerabilities

2013

TA13-064A : Oracle Java Contains Multiple Vulnerabilities

2013

TA13-051A : Oracle Java Multiple Vulnerabilities

2013

TA13-043B : Microsoft Updates for Multiple Vulnerabilities

2013

TA13-043A : Adobe Updates for Multiple Vulnerabilities

2013

TA13-032A : Oracle Java Multiple Vulnerabilities

2013

TA13-024A : Content Management Systems Security and Associated Risks

2013

TA13-015A : Microsoft Releases Update for Internet Explorer Vulnerability CVE-2012-4792

2013

TA13-010A : Oracle Java 7 Security Manager Bypass Vulnerability

2013

TA13-008A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-346A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-318A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-283A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-265A : Microsoft Releases Patch for Internet Explorer Exploit

2012

TA12-262A : Microsoft Security Advisory for Internet Explorer Exploit

2012

TA12-255A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-251A : Microsoft Update For Minimum Certificate Key Length

2012

TA12-240A : Oracle Java 7 Security Manager Bypass Vulnerability

2012

TA12-227A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-192A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-174A : Microsoft XML Core Services Attack Activity

2012

TA12-164A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-129A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-101B : Adobe Reader and Acrobat Security Updates and Architectural Improvements

2012

TA12-101A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-073A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-045A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-024A : "Anonymous" DDoS Activity

2012

TA12-010A : Microsoft Updates for Multiple Vulnerabilities

2012

TA12-006A : Wi-Fi Protected Setup (WPS) Vulnerable to Brute-Force Attack

2011

TA11-350A : Adobe Updates for Multiple Vulnerabilities

2011

TA11-347A : Microsoft Updates for Multiple Vulnerabilities

2011

TA11-312A : Microsoft Updates for Multiple Vulnerabilities

2011

TA11-286A : Apple Updates for Multiple Vulnerabilities

2011

TA11-284A : Microsoft Updates for Multiple Vulnerabilities

2011

TA11-256A : Microsoft Updates for Multiple Vulnerabilities

2011

TA11-222A : Adobe Updates for Multiple Vulnerabilities

2011

TA11-221A : Microsoft Updates for Multiple Vulnerabilities

2011

TA11-201A : Oracle Updates for Multiple Vulnerabilities

2011

TA11-200A : Security Recommendations to Prevent Cyber Intrusions

2011

TA11-193A : Microsoft Updates for Multiple Vulnerabilities

2011

TA11-166A : Adobe Updates for Multiple Vulnerabilities

2011

TA11-165A : Microsoft Updates for Multiple Vulnerabilities

2011

TA11-130A : Microsoft Updates for Multiple Vulnerabilities

2011

TA11-102A : Microsoft Updates for Multiple Vulnerabilities

2011

TA11-067A : Microsoft Updates for Multiple Vulnerabilities

2011

TA11-039A : Microsoft Updates for Multiple Vulnerabilities

2011

TA11-011A : Microsoft Updates for Multiple Vulnerabilities

2010

TA10-348A : Microsoft Updates for Multiple Vulnerabilities

2010

TA10-313A : Microsoft Updates for Multiple Vulnerabilities

2010

TA10-287A : Oracle Updates for Multiple Vulnerabilities

2010

TA10-285A : Microsoft Updates for Multiple Vulnerabilities

2010

TA10-279A : Adobe Reader and Acrobat Affected by Multiple Vulnerabilities

2010

TA10-263A : Adobe Flash Vulnerabilities

2010

TA10-257A : Microsoft Updates for Multiple Vulnerabilities

2010

TA10-238A : Microsoft Windows Insecurely Loads Dynamic Libraries

2010

TA10-231A : Adobe Reader and Acrobat Vulnerabilities

2010

TA10-223A : Adobe Flash and AIR Vulnerabilities

2010

TA10-222A : Microsoft Updates for Multiple Vulnerabilities

2010

TA10-194B : Oracle Updates for Multiple Vulnerabilities

2010

TA10-194A : Microsoft Updates for Multiple Vulnerabilities

2010

TA10-162A : Adobe Flash and AIR Vulnerabilities

2010

TA10-159B : Microsoft Updates for Multiple Vulnerabilities

2010

TA10-159A : Adobe Flash, Reader, and Acrobat Vulnerability

2010

TA10-131A : Microsoft Updates for Multiple Vulnerabilities

2010

TA10-103C : Adobe Reader and Acrobat Vulnerabilities

2010

TA10-103B : Oracle Updates for Multiple Vulnerabilities

2010

TA10-089A : Microsoft Internet Explorer Vulnerabilities

2010

TA10-068A : Microsoft Updates for Multiple Vulnerabilities

2010

TA10-040A : Microsoft Updates for Multiple Vulnerabilities

2010

TA10-021A : Microsoft Internet Explorer Vulnerabilities

2010

TA10-013A : Adobe Reader and Acrobat Vulnerabilities

2010

TA10-012B : Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities

2010

TA10-012A : Oracle Updates for Multiple Vulnerabilities

2009

TA09-343A : Adobe Flash Vulnerabilities Affect Flash Player and Adobe AIR

2009

TA09-342A : Microsoft Updates for Multiple Vulnerabilities

2009

TA09-314A : Microsoft Updates for Multiple Vulnerabilities

2009

TA09-294A : Oracle Updates for Multiple Vulnerabilities

2009

TA09-286B : Adobe Reader and Acrobat Vulnerabilities

2009

TA09-286A : Microsoft Updates for Multiple Vulnerabilities

2009

TA09-251A : Microsoft Updates for Multiple Vulnerabilities

2009

TA09-223A : Microsoft Updates for Multiple Vulnerabilities

2009

TA09-218A : Apple Updates for Multiple Vulnerabilities

2009

TA09-209A : Microsoft Windows, Internet Explorer, and Active Template Library (ATL) Vulnerabilities

2009

TA09-204A : Adobe Flash Vulnerability Affects Flash Player and Other Adobe Products

2009

TA09-195A : Microsoft Updates for Multiple Vulnerabilities

2009

TA09-187A : Microsoft Video ActiveX Control Vulnerability

2009

TA09-161A : Adobe Acrobat and Reader Vulnerabilities

2009

TA09-160A : Microsoft Updates for Multiple Vulnerabilities

2009

TA09-133B : Adobe Reader and Acrobat JavaScript Vulnerabilities

2009

TA09-133A : Apple Updates for Multiple Vulnerabilities

2009

TA09-132A : Microsoft PowerPoint Multiple Vulnerabilities

2009

TA09-105A : Oracle Updates for Multiple Vulnerabilities

2009

TA09-104A : Microsoft Updates for Multiple Vulnerabilities

2009

TA09-088A : Conficker Worm Targets Microsoft Windows Systems

2009

TA09-069A : Microsoft Updates for Multiple Vulnerabilities

2009

TA09-051A : Adobe Acrobat and Reader Vulnerability

2009

TA09-041A : Microsoft Updates for Multiple Vulnerabilities

2009

TA09-022A : Apple QuickTime Updates for Multiple Vulnerabilities

2009

TA09-020A : Microsoft Windows Does Not Disable AutoRun Properly

2009

TA09-015A : Oracle Updates for Multiple Vulnerabilities

2009

TA09-013A : Microsoft Updates for Multiple SMB Protocol Vulnerabilities

2008

TA08-352A : Microsoft Internet Explorer Data Binding Vulnerability

2008

TA08-350A : Apple Updates for Multiple Vulnerabilities

2008

TA08-344A : Microsoft Updates for Multiple Vulnerabilities

2008

TA08-340A : Sun Java Updates for Multiple Vulnerabilities

2008

TA08-319A : Mozilla Updates for Multiple Vulnerabilities