Filename,Title,Source,Link,SHA-1,Date,Year
WickedRose_andNCPH,"""Wicked Rose"" And The Ncph Hacking Group",iDefense,https://app.box.com/s/0cp8nyd339dnbak96x2klgz1kxm36xd2,e802d6f06085f22242a66b06c785315e1c63c070,12/01/2006,2006
Fritz_HOW-CHINA-WILL-USE-CYBER-WARFARE(Oct-01-08),How China Will Use Cyber Warfare,Jason Fritz,https://app.box.com/s/696xnzy1an3jbm3b212y5n8xieirbemd,3e6399a4b608bbd99dd81bd2be4cd49731362b5e,10/01/2008,2008
556_10535_798405_Annex87_CyberAttacks,Russian Cyberwar On Georgia,Georgia Gov,https://app.box.com/s/ce4fr8p0mxv2pjcvh4pmma1q7oqc4vnc,2fbd7813367fad45e7fd1922381a05e27b0e9673,11/11/2008,2008
Ashmore_Impact-of-Alleged-Russian-Cyber-Attacks(Jan-18-09),Impact Of Alleged Russian Cyber Attack,William C. Ashmore,https://app.box.com/s/4q3ws8a3ymx6y4ygsp4k4zm8gx0imsy0,b0f5f77865f24c5064f78ed7cd30bbdf2c111945,01/18/2009,2009
ghostnet,Tracking Ghostnet: Investigating A Cyber Espionage Network,Information Warfare Monitor,https://app.box.com/s/8dq0gur02w8oh0z7ljjz5mh8l11cmrhh,28dd92f598e7d8987d8236767856c70be4f7e85f,03/29/2009,2009
Case_Study_Operation_Aurora_V11,Case Study: Operation Aurora,Triumfant,https://app.box.com/s/ni4xs2iuol4vskbc25vrxjih2w1ep7p6,510f1b2342f3ca3dd24179821eb451488d6e9722,01/01/2010,2010
Aurora_Botnet_Command_Structure,The Command Structure Of The Aurora Botnet,Damballa,https://app.box.com/s/6jeekvxflthmub9v26nybp5kqw9tjopj,9a7a1d3f7719c02dced8633ac0bf43d6e9ec7a1b,01/13/2010,2010
McAfee_Operation_Aurora,Combating Aurora,McAfee,https://app.box.com/s/jhy5k76ox6z8sy6tdjnqqrlz5r2o29h8,52123660be8b8cad9d46244f669f2cfd96101750,01/20/2010,2010
Aurora_HBGARY_DRAFT,"Operation Aurora: Detect, Diagnose, Respond",HBGary,https://app.box.com/s/j36zc0da9nz6q8wnv13slwxcnmiaykul,3494bd514034f0658ec66b2f515cd9a60c51a8e7,01/27/2010,2010
HBGary_Operation_Aurora,Operation Aurora,HBGary,https://app.box.com/s/fjb89qr1vnk2ox0vllj68ivadqgyz3an,4d9c8ecae38f217729cf8a9df934e7cc5de2ae1a,02/10/2010,2010
how_can_u_tell_Aurora,How Can I Tell If I Was Infected By Aurora?,McAfee,https://app.box.com/s/k0qidf9g1yfehi6pbdodmcxdqag5a9bv,1001e5c45200e0f138e9e9d508afc31c475d6ce7,02/24/2010,2010
in-depth_analysis_of_hydraq_final_231538,In-Depth Analysis Of Hydraq: The Face Of Cyberwar Enemies Unfolds,CA,https://app.box.com/s/44e7rbs177n5inhpm9si6gu3lm7fw6bj,6eb3094ecab54a8b80932f4bec263696f849ca77,03/14/2010,2010
Shadowserver_shadows-in-the-cloud,Shadows In The Cloud: Investigating Cyber Espionage 2.0,"Shadowserver, Information warfare monitor",https://app.box.com/s/mxffbrs4ju2yeoa47sbeym6n5zm1hnf3,8a982bc5c8303440faa4d5672a38bb7a613c382b,04/06/2010,2010
WashingtonPost_2010-Defense-official-discloses-cyberattack(08-24-2010),Defense official discloses cyberattack,Washington Post,https://app.box.com/s/071o7zzbyj0z4ixl69iupwow0bo82jqj,9b22d8de05493cd184246d30a4691005e9a30b94,08/24/2010,2010
MSUpdaterTrojanWhitepaper,The Msupdater Trojan And Ongoing Targeted Attacks ,"Seculert, Zscaler",https://app.box.com/s/gh8m5os2jewj2adleu2xqivj9qzf9ok8,c7d0387067ba747e3a3d9b43b7349d7888bf574e,09/03/2010,2010
w32_stuxnet_dossier,W32.Stuxnet Dossier,Symantec,https://app.box.com/s/rpdy3pk00bmkhgmf1lsfuwt6edakh6k3,93c9ad9c9d9e1d882d56d8ceb1aa684d147d0a78,02/01/2011,2011
wp-global-energy-cyberattacks-night-dragon,Global Energy Cyberattacks: Night Dragon,McAfee,https://app.box.com/s/o2tc88oihh4c67a0s8ygok9fwd66zp71,e0fce95ccdb9c400f2dd3859ebe268f5bc7877ce,02/10/2011,2011
Alerts DL-2011 Alerts-A-2011-02-18-01 Night Dragon Attachment 1,Night Dragon: Specific Protection Measures For Consideration ,NERC,https://app.box.com/s/grv4y3nziuxbsv4g16nyf4u1i1g1w0nm,1fe534fe68fe1a93ef2b536f1365219653b560ee,02/18/2011,2011
Stuxnet_Under_the_Microscope,Stuxnet Under The Microscope,ESET,https://app.box.com/s/2mmdr5vhhrjt2prszn167a0v58az9put,4c1b1b0da537c482d359bf75435cb8abb1df7093,04/20/2011,2011
C5_APT_ADecadeInReview,Advanced Persistent Threats: A Decade In Review,Command Five Pty Ltd,https://app.box.com/s/tl13bx0ek04liinz7btbc3f47jpvpbxj,725568c41fa9f1d7e8a2226e71e5b2a39fd08121,06/01/2011,2011
shady_rat_vanity,Operation Shady Rat: Unprecedented Cyber-Espionage Campaign And Intellectual-Property Bonanza,Vanity Fair,https://app.box.com/s/k34la7wec8mf3gzxphkynem95en886d3,254132938c6ff6eeaa5e3b1e8d8d506472c028b7,08/02/2011,2011
HTran_and_the_Advanced_Persistent_Threat,Htran And The Advanced Persistent Threat,Dell Secureworks,https://app.box.com/s/aqhzvj2a5vo91dgqjflh7nk4pm8aowon,1461452398e57d541209eb6bc29e0743369b373b,08/03/2011,2011
wp-operation-shady-rat,Revealed: Operation Shady Rat,McAfee,https://app.box.com/s/a086wzo5lwibw0dl7ri0kt7d0b51u299,deb92a55dffa951697d3367750df2cf8e4480f8f,08/04/2011,2011
wp_dissecting-lurid-apt,The Lurid Downloader,Trend Micro,https://app.box.com/s/7s9bvquu64vafpi14t8p6w2t6hwls1zi,23f1f9e5771be71725fa19487da59f6779f5ee3f,08/22/2011,2011
C5_APT_SKHack,Sk Hack By An Advanced Persistent Threat,Command Five Pty Ltd,https://app.box.com/s/c911g2eqxck6va9cdn9vync5628zrreb,2b98220caf158d1c4f6d72abbc379899e35edc4d,09/11/2011,2011
tb_advanced_persistent_threats,Alleged Apt Intrusion Set: 1.Php Group,"Zscaler, ThreatLabz",https://app.box.com/s/rqv5wirqhfc3zht1p2kouk8i0ymnmr92,fd81d98729029a483e0c5c69d908ab96014edbe5,10/12/2011,2011
Duqu_Trojan_Questions_and_Answers,Duqu Trojan Questions And Answers,Dell Secureworks,https://app.box.com/s/ygyqokm0cxq56lut0v1u0i4u5vts9idc,c59b324139b965677a9933f7435b5ac34ca40126,10/26/2011,2011
the_nitro_attacks,The Nitro Attacks: Stealing Secrets From The Chemical Industry,Symantec,https://app.box.com/s/sp5gpgu0xpf0dsfxj269ptxyyzm0ohkf,f26ddf5c622dd52fc46cd46813c9552a08214587,10/31/2011,2011
Palebot_Palestinian_credentials,Palebot Trojan Harvests Palestinian Online Credentials,Norman,https://app.box.com/s/73rhctcs0kj6s52eeqn509p44a368kuv,b0ac3fce955bb8361b98a791919d639b18877d56,12/08/2011,2011
WashingtonPost_2011-Cyber-intruder-sparks-response-debate(12-08-2011),"Cyber-intruder sparks response, debate",Washington Post,https://app.box.com/s/ufro1ks1913zufz8n44883up7yttfs7d,8fcaa75fb993d568f7dda7f9f237a27811839420,12/08/2011,2011
Evolution_Drivers_Duqu_Stuxnet,Stuxnet/Duqu: The Evolution Of Drivers,Kaspersky,https://app.box.com/s/shakkou3wcgwfq5u83jncdit7cmmw151,f4231f388207b578c46b126e14d5ed4f9b405424,12/28/2011,2011
wp_the-heartbeat-apt-campaign,The Heartbeat Apt Campaign,Trend Micro,https://app.box.com/s/4qfg9m8wrdgsdf7k3fwrz7zmg2tkfxno,a486fb5b0b485796f0b2d1248c948e7c64c6b49a,01/03/2012,2012
The_Sin_Digoo_Affair,The Sin Digoo Affair,Dell Secureworks,https://app.box.com/s/qj9849r6n72ktrc9q3n9107xduauffss,771d703ce533bea8dbece799705ce8e61717a8a5,02/29/2012,2012
Crouching_tiger_hidden_dragon,"Crouching Tiger, Hidden Dragon, Stolen Data",Contextis,https://app.box.com/s/vk0oacayqkgrk3tp492h3ja9jnlktk7t,75c240fb4334b2307b56c336284acad112e40063,03/12/2012,2012
Crypto-DarkComet-Report,It'S Not The End Of The World: Darkcomet Misses By A Mile,Arbor Networks,https://app.box.com/s/akmz317h8dkapm52ksycf187rw2ylp21,50511389957f7c2e0127031d8633724ae05354f3,03/13/2012,2012
wp_luckycat_redux,Luckycat Redux: Inside An Apt Campaign With Multiple Targets  In India And Japan,Trend Micro,https://app.box.com/s/vun0x0rrek5l51djb8igbojb7v85sg3q,bdb218fdc0cce0bc57f77a9a1e6d3cc7e81b55f9,03/26/2012,2012
Symantec_The-luckycat-hackers(04-03-2012),The Luckycat Hackers,Symantec,https://app.box.com/s/oiblu3lk6fsqnjqv6bx4ygkv7e14tcb8,3392452b5245a2e5b7299367f5588c75d44cca25,04/03/2012,2012
OSX_SabPub,New Version Of Osx.Sabpub & Confirmed Mac Apt Attacks,Kaspersky,https://app.box.com/s/ew3h0mve5lf5x69ydjd1sm1r380rqy4k,0b792ff94ca71eeb71aba780286f7c4bf9f75b40,04/16/2012,2012
w32_flamer_newsforyou,Have I Got Newsforyou: Analysis Of Flamer C&C Server,Symantec,https://app.box.com/s/6ujt4gi1c962id9o4iviesurww2grbxi,0120f4f065c62bcd218bbc21bc729bd3645adf14,05/18/2012,2012
wp_ixeshe,Ixeshe An Apt Campaign,Trend Micro,https://app.box.com/s/t74crjmu21ee2gpnnx56182bj74facvi,c00b7449b733f070c148c5b6c0a4df087a3f34f1,05/22/2012,2012
skywiper,Skywiper (A.K.A. Flame A.K.A. Flamer): A Complex Malware For Targeted Attacks ,"CrySyS, BME",https://app.box.com/s/ebeqddqmxdjqttnqjr1xzi7agiqusrac,6e4df95a65ad848c8192c7c76ed35d622764cab3,05/31/2012,2012
PEST-CONTROL,Pest Control: Taming The Rats,Matasano,https://app.box.com/s/k6kyhjnok9n5vqtchm4u1luoluth0j1i,203258819d7fbffdfae2c5df96d71254a2816ca6,06/13/2012,2012
Tibet_Lurk,Recent Observations In Tibet-Related Information Operations: Advanced Social Engineering For The Distribution Of Lurk Malware,Citizen Lab,https://app.box.com/s/njc3dvwkbx4i9y0s300r3k3ocrj1gmua,61c047476369c5069e39f3d06825d847d924d216,07/10/2012,2012
From-Bahrain-With-Love-FinFishers-Spy-Kit-Exposed,From Bahrain With Love: Finfisher Spy Kit Exposed?,Citizen Lab,https://app.box.com/s/1y57tx3onyislwp9w9k0dqew874y11s9,6d0de3e44a012f45a7b56a9862d1d67ef8bfd7e8,07/25/2012,2012
The_Madi_Infostealers,The 'Madi' Infostealers - A Detailed Analysis,Kaspersky,https://app.box.com/s/h2rowevapfawgbkdpcinjgbci6iy71ml,51b16ee4bb04d663a4c67e23e3d3bf816ae12207,07/27/2012,2012
kaspersky-lab-gauss,Gauss: Abnormal Distribution,Kaspersky,https://app.box.com/s/y0wmp82qdqivrx4x21nfj5miod1tjuf1,4c9c37199b1e1da37d0dae56f7a6469e0b0a4c6e,08/09/2012,2012
VOHO_WP_FINAL_READY-FOR-Publication-09242012_AC,The Voho Campaign: An In Depth Analysis ,RSA,https://app.box.com/s/g1nx7q1o451m0o8hmhbeg82igcflk6q5,759e45d0b495ec23949b3324fd543df7e450afdc,08/12/2012,2012
The_Mirage_Campaign,The Mirage Campaign,Dell Secureworks,https://app.box.com/s/h9vlkkgq0yaat56muq6nei95nchysbay,cfd4451a15223fdf667285b12a8829a4b409495a,08/18/2012,2012
the-elderwood-project,The Elderwood Project,Symantec,https://app.box.com/s/kbhzz24wt2t7kd92c2409uyqawj1jl0t,ce7a662c0f822536e6beff4856f701d28137c8e1,09/06/2012,2012
IEXPL0RE_RAT,Iexpl0Re Rat,Citizen Lab,https://app.box.com/s/tdgkyqg7o511v8a29mc8ec28yxzw118j,bd6f3f93d3c87e78149d766b2613ed9e18bc2620,09/07/2012,2012
trojan_taidoor-targeting_think_tanks,Trojan.Taidoor: Targeting Think Tanks,Symantec,https://app.box.com/s/td8bl14go6icl9lhi9c4idkk82e83t2c,c32627e18128fbf249a084272310996d1b794bb5,10/27/2012,2012
FTA 1007 - Shamoon,Recovering From Shamoon,Fidelis,https://app.box.com/s/fjucrojt5ldxio2sbvsql7syv46l6p4g,4477f8bb9e82fa99d4c0f1d57720f5856b8ee9f8,11/01/2012,2012
Cyberattack_against_Israeli_and_Palestinian_targets,Systematic Cyber Attacks Against Israeli And Palestinian Targets Going On For A Year  ,Norman,https://app.box.com/s/83uopvit3i46wmy3hxvw4g3rjhv8ax1s,299a326641766c588a04f990927f795ecc31726f,11/03/2012,2012
Faces_Ghost_RAT,The Many Faces Of Gh0St Rat: Plotting The Connections Between Malware Attacks,Norman,https://app.box.com/s/aj7ebr1v0x9mf3psmxeififqijwmmacy,02e2959da1d4522c2d94ffbc7a1871470b2f7912,11/30/2012,2012
Securelist_RedOctober,"The ""Red October"" Campaign - An Advanced Cyber Espionage Network Targeting Diplomatic And Government Agencies",Kaspersky,https://app.box.com/s/ymcjx37fp0zyyjybcl80czcrpzctjfp9,b64a571a29d1c2cfc40b6b6cef50a95e6ce3b455,01/14/2013,2013
Securelist_RedOctober_Detail,"""Red October"" Diplomatic Cyber Attacks Investigation",Kaspersky,https://app.box.com/s/m3hhm2et9h54sfojd33b6k7m76zoqdv1,f9e75ac3b51ec2dd195a2fd82743530f9534dd40,01/14/2013,2013
icefog,The Icefog Apt: A Tale Of Cloak And Three Daggers,Kaspersky,https://app.box.com/s/ebjeefvfx58arny58fb9vv6up39f293w,751d00dab0fac4c2b0d1c140e9897fb99a399be1,01/14/2013,2013
McAfee_Labs_Threat_Advisory_Exploit_Operation_Red_Oct,Operation Red October,McAfee,https://app.box.com/s/yzybkh6neofhi2wonyn7abjyn2hlfa8f,b6217ea7fe6b4dd5e27b2a1b4b84432db2e1b2f3,01/18/2013,2013
FireEye_Operation-Beebus(Feb-1-13),Operation Beebus,FireEye,https://app.box.com/s/3bk8cfcjiwhh1gxlkmyslrmp85wm7ewd,829bd809578a0305bc0438fd719e9c6da8f9fd96,02/01/2013,2013
C5_APT_C2InTheFifthDomain,Command And Control In The Fifth Domain,Command Five Pty Ltd,https://app.box.com/s/yfduvs6jw8w3ankhjkbi4ei5ykqho368,f8b1d371008a2108bb7ded054b7b0b7cdc4d5295,02/03/2013,2013
Presentation_Targeted-Attacks_EN,Targeted Cyber Attacks:  Examples And Challenges Ahead,CrySyS,https://app.box.com/s/vsy0oa0n3l2m2lx5oxpzj71zhbqkkgxq,100df21fed6fcf08b0982cfdf55463608613a2e2,02/12/2013,2013
Mandiant_APT1_Report,Apt1 Exposing One Of China's Cyber Espionage Units,Mandiant,https://app.box.com/s/t8w9gavaci6jye519zp13tjdicnd7xzu,3974687624eb85cdcf1fc9ccfb68eea052971e84,02/18/2013,2013
comment_crew_indicators_of_compromise,Comment Crew: Indicators Of Compromise,Symantec,https://app.box.com/s/0leqi6xaid7v745y3kujcyi5vgvf73su,349984643361273d5d3b638e369c45cbb409676c,02/22/2013,2013
stuxnet_0_5_the_missing_link,Stuxnet 0.5: The Missing Link,Symantec,https://app.box.com/s/jzbxpm7m7kakhubocrrerq0myig6befb,712311f4cacd476100c7ef037e3accc740558920,02/26/2013,2013
themysteryofthepdf0-dayassemblermicrobackdoor,The Miniduke Mystery: Pdf 0-Day Government Spy Assembler 0X29A Micro Backdoor ,Kaspersky,https://app.box.com/s/w3b1yh6agvwmocx8ftzjg8kyds0jodmk,c6dff7f0864e36e3dcc1be12747d26fb8072b52c,02/27/2013,2013
miniduke_indicators_public,Miniduke: Indicators ,"CrySyS, BME",https://app.box.com/s/d5npu14e4471j5mmpkgt1xwdnu90t43e,2d3fb67fd870f192c38bd8e51344d45645794623,02/27/2013,2013
15-2013-youonlyclicktwice,You Only Click Twice: Finfisher's Global Proliferation,Citizen Lab,https://app.box.com/s/bdtw7jyfdcr9snnt14ye7ukb9oj2gmn9,e33abbd24c9cbb57b3b4a97df165766e1fb42eeb,03/13/2013,2013
Safe-a-targeted-threat,Safe A Targeted Threat,Trend Micro,https://app.box.com/s/0yh8mn02v2wrehl9yaddrb8rjdzieeqb,334b4ee90a30c9ab9dcc6e3596f15f0dcb02486d,03/17/2013,2013
theteamspystory_final_t2,The Teamspy Story - Abusing Teamviewer In Cyberespionage Campaigns,Kaspersky,https://app.box.com/s/742gtrl1fedxy8iqwjuqsiru1m8i0l2g,57a17587785f54a103ea970277bd7c4cc179a82c,03/20/2013,2013
dissecting-operation-troy,Dissecting Operation Troy: Cyberespionage In South Korea,McAfee,https://app.box.com/s/b91tgqhiw7zyivfnxe3sbrtzfgk6n08f,c6ce890a544b01e5dafd4add9326b4178424c4e2,03/20/2013,2013
RAP002_APT1_Technical_backstage.1.0,Apt1: Technical Backstage,"Malware.lu, itrust",https://app.box.com/s/x2jgr4j1bgfas2h2b4h09mam9nn4qwu3,26353a7703ce0b186450134a5321ac37d1405380,03/27/2013,2013
tr-12-circl-plugx-analysis-v1,Analysis Of A Plugx Variant (Plugx Version 7.0),CIRCL,https://app.box.com/s/90qhti3jwdmthbz7fd1l49n9y2cp8ffq,875abf02dad2a434d708e495ffc8afe4b2500aae,03/28/2013,2013
Trojan.APT.BaneChant,Trojan.Apt.Banechant: In-Memory Trojan That Observes For Multiple Mouse Clicks,FireEye,https://app.box.com/s/5ycaruh0zf07h2jy9mpasgm1crninjwp,85ef5daf99603da833a32245fd120028829a666f,04/01/2013,2013
MiniDuke_Paper_Final,A Closer Look At Miniduke,Bitdefender,https://app.box.com/s/cfkwk5mocm6ckxmaiv8hfe73k2bl1u10,d88b186085918e2039514caa21a4017aafc556d1,04/03/2013,2013
winnti-more-than-just-a-game-130410,Winnti: More Than Just A Game,Kaspersky,https://app.box.com/s/dlzp6f7hv9q3r0kreqvu8yyt36lzdbxw,3a34d6152f2d287f58e67a03d96408b74d5c470e,04/13/2013,2013
FireEye_The-Mutter-Backdoor-Operation-Beebus-with-New-Targets(Apr-17-13),The Mutter Backdoor: Operation Beebus with New Targets,Fireeye,https://app.box.com/s/zg8cx9of6h9kdol7wwvgz8lxkqlvyr2p,660bd04b0d4b33301fcb47a98f3d671f126f66c0,04/17/2013,2013
AdversaryIntelligenceReport_DeepPanda_0 (1),Deep Panda,Crowdstrike,https://app.box.com/s/6po2pgedkjf4br5p7tm51go7p5g3z6g3,1d53861aafea11d9a60e798b90d623c8e7c7b9e7,05/03/2013,2013
NS-Unveiling-an-Indian-Cyberattack-Infrastructure_FINAL_Web,Operation Hangover - Unveiling An Indian Cyberattack Infrastructure,"Norman, Shadowserver",https://app.box.com/s/f5wyu7306nti3lbp58uesioijsl9zamm,aae01ca44ca11f33692bcfd9a20e36105ddfa2b9,05/20/2013,2013
Norman_HangOver report_Executive Summary_042513,Operation Hangover |Executive Summary,Norman,https://app.box.com/s/d3q764or208vbbg26gtcasv5uxnkcij1,e2631efe178d16691329f27a853a41a48387bfc4,05/20/2013,2013
circl-analysisreport-miniduke-stage3-public,Analysis Of A Stage 3 Miniduke Sample,CIRCL,https://app.box.com/s/c95me2uocwoothfnapxrcjwfmynue4ri,dd9dacb6b9bc34a2410f9c8fb3a5f04fdce77f29,05/30/2013,2013
NormanShark-MaudiOperation,The Chinese Malware Complexes: The Maudi Surveillance Operation,Norman,https://app.box.com/s/v04cs4pueqq78rh8uasr39tsh36gtqra,902c5b2eb9cb486171b24ca60681aea5eecdb270,06/01/2013,2013
2013-9,Crude Faux: An Analysis Of Cyber Conflict Within The Oil & Gas Industries,CERIAS,https://app.box.com/s/9dpb6yyvb4yedosa75fo1ibuo46oy35a,31d750b3565b65c43533a87bf7aa72c41258f9a0,06/01/2013,2013
kaspersky-the-net-traveler-part1-final,The Nettraveler  (Aka Travnet) ,Kaspersky,https://app.box.com/s/1qx5mkzkcvwq3eazh2ygxowfbbadofby,4fd06d33aa1a087709277eb71d204e2fbf8b9243,06/04/2013,2013
KeyBoy_Vietnam_India,"Keyboy, Targeted Attacks Against Vietnam And India",Rapid7,https://app.box.com/s/f8p3dagvmdezcpgmnh04mgqz21viklpz,9a2de0730e62aa24cdff1d1920b9535d1795be7e,06/07/2013,2013
Trojan.APT.Seinup,Trojan.Apt.Seinup Hitting Asean,FireEye,https://app.box.com/s/iap35ypb6u03wrzpmemy2z2ntf4k8wm0,c6e80e76bca03538a2dfd2aac2e4120fdab6f4fc,06/18/2013,2013
19-2013-acalltoharm,A Call To Harm: New Malware Attacks Target The Syrian Opposition,Citizen Lab,https://app.box.com/s/hydmfjuajj44kezw77k9nwj5qormpp9y,283e853a69cddd4b59b35fcc2a75205b1deb9b69,06/21/2013,2013
fta-1009---njrat-uncovered-1,Njrat Uncovered,Fidelis,https://app.box.com/s/vdg51zbfvap52w60zj0is3l1dmyya0n4,214daebe12ae36a91e13c83e820bb2e20b560828,06/28/2013,2013
US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-Slides,Hunting The Shadows: In Depth Analysis Of Escalated Apt Attacks,"Xecure, Academia Sinica",https://app.box.com/s/owi5dxkk3zx164lp90swu3weeyp805se,05f1beceab73155d552a5ee919aebc4c8e92c609,07/01/2013,2013
Dark_Seoul_Cyberattack,Dark Seoul Cyber Attack: Could It Be Worse? ,Dongseo University,https://app.box.com/s/qw0kvewoi3uxy4g3xkc31ammxttbft5z,4e6876f16b77dbb33aad5384dbf0549d717edb31,07/09/2013,2013
Plugx_Smoaler,The Plugx Malware Revisited: Introducing Smoaler,Sophos,https://app.box.com/s/dfdg420iygjtz1rmou2ps14zi25l7tfb,9a7978041e795b788d86c52a477160dae296413b,07/15/2013,2013
Secrets_of_the_Comfoo_Masters,Secrets Of The Comfoo Masters,Dell Secureworks,https://app.box.com/s/70bcgwlwqpp43spjxnyk2f7h96lg0718,86061f7d1994ebb7b8b7eb640b041fb1342adac5,07/31/2013,2013
Unveiling an Indian Cyberattack Infrastructure - appendixes,Operation Hangover - Unveiling An Indian Cyberattack Infrastructure (Appendix),Norman,https://app.box.com/s/2k6oduwj3aetbetxdjx6gjqcg7mrcvvj,ffdfed40c5b1e08a6469c2f38e6a51347a37dd1b,08/01/2013,2013
Inside_Report_by_Infosec_Consortium,Inside Report _ Apt Attacks On Indian Cyber Space,Infosec Consortium,https://app.box.com/s/a2zw9uye2hhofsc1me6yfj39u6gjalcq,886b0ab831a5084de7d80355b7578a9a9999fc88,08/01/2013,2013
Surtr_Malware_Tibetan,Surtr: Malware Family Targeting The Tibetan Community,Citizen Lab,https://app.box.com/s/m57wv4yn4wsa0j2bj6yuj23bzyrq5rg8,6b624d6d80b412a10260344f244ed93e3718e003,08/02/2013,2013
India_Pak_Tranchulas,"Where There Is Smoke, There Is Fire: South Asian Cyber Espionage Heats Up",ThreatConnect,https://app.box.com/s/s0c49bv6hitrhmcafk0phnnuer3e63v1,665c6ace0a9175735f6cdb656e79287f5a53e072,08/02/2013,2013
fireeye-china-chopper-report,The Little Malware That Could: Detecting And Defeating The China Chopper Web Shell,FireEye,https://app.box.com/s/yvk5tr8poletupw82biic0ucpvynvoyj,8a3a657ac02569c1324ade4cca562ae8c5781f94,08/07/2013,2013
NYTimes_Attackers_Evolve_Quickly,Survival Of The Fittest: New York Times Attackers Evolve Quickly,FireEye,https://app.box.com/s/fkg2mxeqpb2ivx9neyz6bseopy1dfg5p,5f17e7b886d2388ffc134157dd1b66aa65372b59,08/12/2013,2013
ByeBye_Shell_target,Byebye Shell And The Targeting Of Pakistan,Rapid7,https://app.box.com/s/a4a59w1go5opcj607ssoh11oqnhozv0h,4b6cc1420b5d641564c9895882a5ba97d18137be,08/19/2013,2013
fireeye-poison-ivy-report,Poison Ivy:  Assessing Damage And Extracting Intelligence,FireEye,https://app.box.com/s/7gw9d1cbuvygb3qamjytpgh9nbmk7cbw,5276375276d632b9a43037ef9a99221b81cb1a61,08/21/2013,2013
Operation_Molerats,Operation Molerats,FireEye,https://app.box.com/s/96rwehp2pkoou5gnimrx3sfdymv0nkhv,3b74caac2fb42068781f9812b5080a6975ce3d24,08/23/2013,2013
Operation_EphemeralHydra,Operation Ephemeral Hydra: Ie Zero-Day Linked To Deputydog Uses Diskless Method,FireEye,https://app.box.com/s/qm0qqb7bpc0ut2c5n76zr5i0rdfhy5ts,1bf6c5eaaf996f463b25837c15b400c895862419,09/10/2013,2013
Kimsuky,"The ""Kimsuky"" Operation: A North Korean Apt?",Kaspersky,https://app.box.com/s/bel4s8xubunn5gxjvorgm7qg2v0e9kgt,64f98d4c515e31f68c6e7fdf442753a6af8c0bee,09/11/2013,2013
Operation_DeputyDog,Operation Deputydog: Zero-Day (Cve-2013-3893) Attack Against Japanese Targets,FireEye,https://app.box.com/s/w4rzfbf0ziip0dt4smkwtraluv8o0z9g,21a5b79498a242f6869649cb808d02366dba6e89,09/13/2013,2013
hidden_lynx,Hidden Lynx: Professional Hackers For Hire,Symantec,https://app.box.com/s/m7yxjl7nljw2iltpbasm7t2dswhya6iv,e4aa40ce1a865021e0b178a4c444126743335d32,09/17/2013,2013
2q-report-on-targeted-attack-campaigns,2Q Report On Targeted Attack Campaigns,Trend Micro,https://app.box.com/s/bwgb7uhh6p4bdkyvlw94dpq19tq0fvbv,f69e4d23674d06ee459d2abbecc5f3f4cbd58047,09/19/2013,2013
fireeye-wwc-report,World War C: Understanding Nation-State Motives Behind Today's Advanced Cyber Attacks,FireEye,https://app.box.com/s/dbgzho741wbtce2r5hppvocy6cwjbcbk,5ff5d49650b4fa5988f435f60434744a7bcaee48,09/30/2013,2013
wp-fakem-rat,Fakem Rat: Malware Disguised As Windows Messenger And Yahoo! Messenger,Trend Micro,https://app.box.com/s/otjh028wd3rfia4ysdtldj3whsd1i4y2,a899d6713da1b9da8aa77cb3db5360b4e8574b5c,10/24/2013,2013
FireEye-Terminator_RAT,Evasive Tactics: Terminator Rat,FireEye,https://app.box.com/s/zesgiuff58vejn97rad0w9tt827cusg0,9a4dcfa7178cccc6283a92bc768be1374eb347f9,10/24/2013,2013
fireeye-malware-supply-chain,Supply Chain Analysis: From Quartermaster To Sunshopfireeye,FireEye,https://app.box.com/s/cpnh3qzju92xffn9qtlw45vceuleqh6d,7ddab1f54ef0ba0a48efdb7ca39ddcc82f0a84d6,11/11/2013,2013
FTA 1010 - njRAT The Saga Continues,"""Njrat"", The Saga Continues",Fidelis,https://app.box.com/s/6blnvkflzcded9jlthm7yt1zzki6eakz,a8f9bc957ae0ee7e38a2cefb83afff0b1bd68422,12/02/2013,2013
fireeye-operation-ke3chang,Operation Ke3Chang Targeted Attacks Against Ministries Of Foreign Affairs,FireEye,https://app.box.com/s/8w1uu9e2l7jwq40gtea7xem6ezg79ffu,b670b7a7904baded891a4c6e7afe692998989668,12/11/2013,2013
ETSO_APT_Attacks_Analysis,Etso Apt Attacks Analysis  ,AhnLab,https://app.box.com/s/n4vji662ern1bii9hhahvglujeobqmk0,dc92b79b353eb0e47e71216f3fa1f0c6167e29e7,12/20/2013,2013
energy-at-risk,Energy At Risk: A Study Of It Security In The Energy And Natural Resources Industry,KPMG,https://app.box.com/s/z7lwte5v91lz2rkfywd9s1grnqeuy1fk,f03931c7214e71f4bfcc6a5008acb3f4bb1cb0e3,12/31/2013,2013
targeted_attacks_against_the_energy_sector,Targeted Attacks Against The Energy Sector,Symantec,https://app.box.com/s/blcobivhvh1gwqh7qjtkrdpaggz2lmlr,8421ef67d1e6dcc277f07f39f86e21fd89cf1d5a,01/13/2014,2014
FTA 1001 FINAL 1.15.14,New Cdto: A Sneakernet Trojan Solution,Fidelis,https://app.box.com/s/63rg0wfr0ki2xvtt7ja1b7lmn7dspcdc,9767abff87b137695ab8481729ed7130499a0c80,01/15/2014,2014
h12756-wp-shell-crew,Emerging Threat Profile Shell_Crew ,RSA,https://app.box.com/s/xqldk5renv5ecihr7wyyazplrnezknmx,ec6771a81e830f50c2d54b26dc0f6a642439ee09,01/21/2014,2014
FTA 1011 Follow UP,Intruder File Report- Sneakernet Trojan,Fidelis,https://app.box.com/s/yvbehxsn3tknzogt74z9ryn7r7elwpmf,036b1154d4cc2de08dc647eb743c6b4c9d860902,01/31/2014,2014
unveilingthemask_v1.0,Unveiling Careto - The Masked Apt,Kaspersky,https://app.box.com/s/aepgdq5vc2dxd2m9t0ab2v28rtwbhjua,1e4c8aef818d7d0e950974b6c9d2a792969e3a94,02/11/2014,2014
Operation_SnowMan,Operation Snowman: Deputydog Actor Compromises Us Veterans Of Foreign Wars Website,FireEye,https://app.box.com/s/6uv4v8hpnfpka971qk0gd3j4mnm5x7mt,114583db8690cd01c60d5758dbe2e2dc1e96fb25,02/13/2014,2014
XtremeRAT_fireeye,Xtremerat: Nuisance Or Threat?,FireEye,https://app.box.com/s/s7kamaz3bmziz8vu1fvwz2e9m13xiysg,186d7913fe80c35a06e76a5c8fd08520f43b4246,02/19/2014,2014
The_Monju_Incident,The Monju Incident ,Context,https://app.box.com/s/l6n25enqom0uydgxogybp82294nkf4dt,9b66a35bea35d963d1ff07cab2a3914b38e24257,02/19/2014,2014
Operation_GreedyWonk,"Operation Greedywonk: Multiple Economic And Foreign Policy Sites Compromised, Serving Up Flash Zero-Day Exploit",FireEye,https://app.box.com/s/870bnpwyxqjqg9o0z4sl0e2mlkzar60q,e162b0015a753a6d85a13296e601c31271868b1f,02/20/2014,2014
deep-panda-webshells,Mo' Shells Mo' Problems - Deep Panda Web Shells,Crowdstrike,https://app.box.com/s/pn1mtot3a2d2seuqx46unamdl7udlwq0,76a6ea858e3524682ad3ee30251003228db50fb3,02/20/2014,2014
FTA 1012 STTEAM Final,"Gathering In The Middle East, Operation Stteam",Fidelis,https://app.box.com/s/ine4z2lyf8ryqao789oc0als335iip8c,d31648d83d04cc22669f21fa92ee48345e76e062,02/23/2014,2014
Crowdstrike_The French Connection(Feb-25-14),The French Connection: French Aerospace-Focused CVE-2014-0322 Attack Shares Similarities with 2012 Capstone Turbine Activity,Crowdstrike,https://app.box.com/s/yh95vh5l17z2vcffwjvg3v05fzn0pzp1,51e8e24162c94d68637f8252ea6e8f5707b52a23,02/25/2014,2014
GData_Uroburos_RedPaper_EN_v1,Uroburos Highly Complex Espionage Software With Russian Roots,Gdata,https://app.box.com/s/dokswmrkrxmipfmdpsvelnq18w4ypogw,917691a4f8af50a09926f97bf1be2e0cb71f8c68,02/28/2014,2014
The_Siesta_Campaign,The Siesta Campaign: A New Cybercrime Operation Awakens,Trend Micro,https://app.box.com/s/0rcadhypkl7fod418nv58uicnnljvnrh,1e1f0c599eb1c22360cb9bf8bc30399050e3764b,03/06/2014,2014
snake_whitepaper,Snake Campaign & Cyber Espionage Toolkit,BAE Systems,https://app.box.com/s/xmeq5ajvmzux1appt1qvd8wme7k13o63,0849ce1f0272c4604d47e464ab56cad0b5b60263,03/07/2014,2014
Reuters_Turla,"Suspected Russian Spyware Turla Targets Europe, United States",Reuters,https://app.box.com/s/n9zt53c246ltmhhjkcfay9xq8mee09yo,94d04c5da4ed33cd78d033ad371aa8472e53d701,03/08/2014,2014
Op_Clandestine_Fox,New Zero-Day Exploit Targeting Internet Explorer Versions 9 Through 11 Identified In Targeted Attacks,FireEye,https://app.box.com/s/5epjx7i7fc3q8jh8o4exabquoar1s3ii,829bf301061a9a6358c233ca5aa459439fc0aec8,04/26/2014,2014
fireeye-operation-saffron-rose,Operation Saffron Rose,FireEye,https://app.box.com/s/pnagcb7vgpqaxen71n2x557m05q7dazl,41c3f02fe289ddb0d0c5a010f5865b58da939b1c,05/13/2014,2014
CrowdStrike_Flying_Kitten,Cat Scratch Fever: Crowdstrike Tracks Newly Reported Iranian Actor As Flying Kitten,Crowdstrike,https://app.box.com/s/vr9chzv8t952gywbaom6r0p4bo4pub8r,e743ba5074212801ce09ee640730028ab8f41d48,05/13/2014,2014
Miniduke_twitter,Miniduke Still Duking It Out,ESET,https://app.box.com/s/dnn3hp5nlwuiwxcqjc9kmsfiodcimi64,91c2cdb099060388dd93b0e440a3ff4dff5fd622,05/20/2014,2014
FTA_1013_RAT_in_a_jar,Rat In A Jar: A Phishing Campaign Using Unrecom,Fidelis,https://app.box.com/s/hhfmfv9itrx2mabe5m441a381zvc5jul,b1e45b08bfa1db986e1e643291d250a0cda1988c,05/21/2014,2014
ASERT-Threat-Intelligence-Brief-2014-07-Illuminating-Etumbot-APT,Illuminating The Etumbot Apt Backdoor,Arbor Networks,https://app.box.com/s/h8c0ds5etxke111s38r7rs3ltmpf2mot,51bb16ba51be3c144ac9e09a68732cbe0bb785d5,06/06/2014,2014
putter-panda,Putter Panda,Crowdstrike,https://app.box.com/s/ugahgfd07evh7q0h8lnb00brew4ixvdk,ddadffb91053c4d19590e2035c8eeed14fceca60,06/09/2014,2014
TrapX_ZOMBIE_Report_Final,Anatomy Of The Attack: Zombie Zero,Trapx,https://app.box.com/s/r95pew4gb5gi1qw40l6s0jbzw5lfwqbm,bd1794d152f04add2aef937826a9cf949c4b25ab,06/10/2014,2014
Bluecoat_SnakeInTheGrass-Python-Malware-Targeted(06-10-2014),Snake In The Grass: Python-based Malware Used For Targeted Attacks,Bluecoat,https://app.box.com/s/4n263mzodo4mb7jz1w3deidg9xuu2teh,7132fa8920490fd6f33a464f7018fbd0baffb43b,06/10/2014,2014
Compromise_Greece_Beijing,#9 Blitzanalysis: Embassy Of Greece Beijing - Compromise,R136a1,https://app.box.com/s/j108s0yjga3w42lm7wifklqilr4l35ld,292359e869860f8308c2cf789986fe7c12502553,06/20/2014,2014
Dragonfly_Threat_Against_Western_Energy_Suppliers,Dragonfly: Cyberespionage Attacks Against Energy Suppliers,Symantec,https://app.box.com/s/edyb0yn2g8ozavlmxoh082l7z5o5v3yx,1856b8232153c3cc879662288b34b4a660586a9a,06/30/2014,2014
circl-tr25-analysis-turla-pfinet-snake-uroburos,Tr-25 Analysis - Turla / PNet / Snake/ Uroburos,CIRCL,https://app.box.com/s/54kvbxp9nc0xtme1omd1xpxcckwm945g,7f3e46c42095721ba79b1a47e26e662eb7492057,07/10/2014,2014
Pitty_Tiger_Final_Report,The Eye Of The Tiger (Pitty Tiger),Airbus,https://app.box.com/s/54porxs30re847wc7ca1jk1hzbtvt0hv,d5a6d2366c4973f06e95bb1201747d0175321952,07/11/2014,2014
Sayad_Flying_Kitten_analysis,Sayad (Flying Kitten) Infostealer: Is This The Work Of The Iranian Ajax Security Team?,Vinsula,https://app.box.com/s/hjjb0aysslxse1ehpyt5ny68lf8tyctg,591cef00735f510079e0fe4bd0067ca0150fd004,07/20/2014,2014
Kaspersky_Lab_crouching_yeti_appendixes_eng_final,Crouching Yeti: Appendixes,Kaspersky,https://app.box.com/s/90zdh7pfbmon8mtea3okbc6s83ro28bx,a53ce340535461cc92e274f7c5bfb0d8653d5087,07/31/2014,2014
EB-YetiJuly2014-Public,Energetic Bear _ Crouching Yeti,Kaspersky,https://app.box.com/s/z0apbug9w1ztt8ex0pe99sq0d2u9r3nu,142d4447504e30012d98fea16831f2363c62c5ca,07/31/2014,2014
KL_report_syrian_malware,"Syrian Malware, The Ever-Evolving Threat",Kaspersky,https://app.box.com/s/029unv6hijmzrq3xzevz58y4n4xneybz,5ceee60079796aa518c5e490feaca4a0d78c031b,08/01/2014,2014
Gholee_Protective_Edge_themed_spear_phishing_campaign,Gholee Protective Edge Themed Spear Phishing Campaign,Clearsky,https://app.box.com/s/krnvva7fu9o6ywa81uwbpsasj4sz3y2n,d78156c4a19f70d219ed76526769d4d5f141a4ed,08/04/2014,2014
fireeye-sidewinder-targeted-attack,Sidewinder Targeted Attack Against Android In The Golden Age Of Ad Libraries,FireEye,https://app.box.com/s/qwg36lcvf9iaz3alks4w24btqcxmzlkq,0e5301e830d7b19600b2d110115d7c0f0ab86b02,08/04/2014,2014
ThreatConnect_Operation_Arachnophobia_Report,Operation Arachnophobia Caught In The Spider's Web,ThreatConnect,https://app.box.com/s/d7pm2c1r4cx80tt1rctysd7452lo367v,2a38d54d1d345d079325d3180c5f0eb8f5d60f8a,08/05/2014,2014
Operation_Poisoned_Hurricane,Operation Poisoned Hurricane,FireEye,https://app.box.com/s/f74irgo6g47gr37urjypwcnetjj2ymie,73f54d632b5616db3a5977c1514640e19279c056,08/06/2014,2014
KL_Epic_Turla_Technical_Appendix_20140806,The Epic Turla Operation: Solving Some Of The Mysteries Of Snake/Uroboros,Kaspersky,https://app.box.com/s/9rsegtgvnwe9n2lrk6ezxfv8mnpfhpk3,63e36939c3f90c4ca9d492b03cf04d9f03a4ec2f,08/07/2014,2014
El_Machete,El Machete,Kaspersky,https://app.box.com/s/badlir1w3z6fowjb0xj9too0mf11ls4e,2bf418f3786cd274b9031a2297313f044054bdfd,08/20/2014,2014
NetTraveler_Makeover_10th_Birthday,Nettraveler Apt Gets A Makeover For 10Th Birthday,Kaspersky,https://app.box.com/s/5p59z0cnoul885qx2hj1f85h00mk2ec5,c264921f168c1cf344cd493d10aeebf92f80fb0c,08/27/2014,2014
HPSR SecurityBriefing_Episode16_NorthKorea,Profiling An Enigma:  The Mystery Of North Korea's Cyber Threat Landscape,HP,https://app.box.com/s/a6c2ljuyf6kzgx853khmhmrxk4toal8x,194656e774aaacb86ae2c48f0c894e82ec68a833,08/27/2014,2014
Alienvault_Scanbox,Scanbox: A Reconnaissance Framework Used With Watering Hole Attacks,Alienvault,https://app.box.com/s/vlbe0y40djeaadl2l4iqdm13cju3v3n6,28c56a1e795cd404308274424d10edcc3e9b4339,08/28/2014,2014
Syrian_Malware_Team_BlackWorm,Connecting The Dots: Syrian Malware Team Uses Blackworm For Attacks,FireEye,https://app.box.com/s/5sir2hjd6rhi9a03nb5e4ykkx3s4l7d6,543e0df8b308a9383f86d4314d93b5a2e718bd42,08/29/2014,2014
Darwin_fav_APT_Group,Darwin's Favorite Apt Group,FireEye,https://app.box.com/s/aj0b81yqt1fe6ufuklxuirvh8hawnnjb,c24ba893644a149a1f05432c392a716251dca72f,09/03/2014,2014
XSLCmd_OSX,Forced To Adapt: Xslcmd Backdoor Now On Os X,FireEye,https://app.box.com/s/fc2gc8m4ospivuhzjmj2vfc1l3sxc17j,b4c64e64f6309c0f424cdf0cdf449576f36cee16,09/04/2014,2014
Chinese_MITM_Google,Analysis Of Chinese Mitm On Google,Netresec,https://app.box.com/s/rpig9c10mj8wdri1ulftjxbabm543mxa,850ce69b276f4726de382eabcffa8cb8d68cecfc,09/04/2014,2014
sec14-paper-marczak,When Governments Hack Opponents: A Look At Actors And Technology,Usenix Conference,https://app.box.com/s/idaqxp9usqbtbo80vhemh66shyvavagu,2cfbb7b89a5e220b21bbf64161dc880c1b644017,09/08/2014,2014
sec14-paper-hardy,Targeted Threat Index: Characterizing And Quantifying Politically-Motivated Targeted Malware,Usenix Conference,https://app.box.com/s/flstb1aalkoeq5f0g4baemo9g1bclrd2,7aa450d7e2b43175590a1ee2c94f5342152cfc56,09/08/2014,2014
fireeye-operation-quantum-entanglement,Operation Quantum Entanglement,FireEye,https://app.box.com/s/qvuhc7j8tle0a83z3iivsz3yz6aok3tv,bf937bb2315901541521f00abce8d441d272da16,09/10/2014,2014
cosmicduke_whitepaper,Cosmicduke Cosmu With A Twist Of Miniduke,F-Secure,https://app.box.com/s/b0mc62by5j96jg9l91t68mlq6roksbg2,f726486a5cc1e42d2030b07d56f87983814226c7,09/18/2014,2014
th3bug_Watering_Hole_PoisonIvy,Recent Watering Hole Attacks Attributed To Apt Group Th3Bug Using Poison Ivy,Palo Alto,https://app.box.com/s/4j0ajrkivoyxw0licxinxpkgrk1ep7b8,7fc85f6c70527da8b2c4e6a32e1d4e18c007fcb6,09/19/2014,2014
blackenergy_whitepaper,Blackenergy & Quedagh: The Convergence Of Crimeware  And Apt Attacks,F-Secure,https://app.box.com/s/ccj81xcg1xunuyjmnb3kt3ug77r16z7q,efd7b3a3a2bf6e3976411347dc9101fea70c9405,09/26/2014,2014
Aided_Frame_Aided_Direction,"Aided Frame, Aided Direction (Because It's A Redirect)",FireEye,https://app.box.com/s/c0vmfv396d3lej8g37mxbhjgbjen1m21,83adcb352168b2d345155cf4ec7bbc876bb89849,09/26/2014,2014
PAN_Nitro,New Indicators Of Compromise For Apt Group Nitro Uncovered,Palo Alto,https://app.box.com/s/drb0p2idherjlxlwdqh0nharpt310s8u,bc4cef4cabbcf83dbc1c72f736acb6207b260216,10/03/2014,2014
Democracy_HongKong_Under_Attack,Democracy In Hong Kong Under Attack,Volexity,https://app.box.com/s/dvtxta3jtratjxlpr5rzwsqvqfetsn6z,9439561abc998b7f0f733142bc44f717b2615374,10/09/2014,2014
ZoxPNG_Full_Analysis-Final,Zoxpng Analysis,Novetta,https://app.box.com/s/8wxap100crzcd96a05ajsj9vodpjauau,d24ff42b2d02ba406d46f3912f1f7bd2d38b6113,10/14/2014,2014
Sandworm_briefing2,Russian Cyber Espionage Campaign - Sandworm Team,iSight Partners,https://app.box.com/s/k0vbq8vx0z8qg3s4ycit1kc99cg5ay27,cccc6053fa78cef9f8a28efdaa07c8cfa6a73cc2,10/14/2014,2014
Hikit_Analysis-Final,Hikit Analysis,Novetta,https://app.box.com/s/k1zaybbj4ickaq5u0flu9bpmtp8a1e5k,5c4415913a16a0331600816bb4cf8a1954e743dd,10/14/2014,2014
Group_72,Threat Spotlight: Group 72,Cisco,https://app.box.com/s/mtk3zeae1823kz2hv3f7z6pgjgwxlkyl,20dd2aaae24812d78cd1c5e32c68b7998e00e0ca,10/14/2014,2014
OrcaRAT,Orcarat - A Whale Of A Tale,PWC,https://app.box.com/s/r3qo159trv793oeqdgsv99swjsxzq8pw,13a055fe7be7e55dcce0035eaf1990fbe8406c98,10/20/2014,2014
tactical-intelligence-bulletin---sofacy-phishing-,Tactical Intelligence Bulletin Sofacy Phishing,PWC,https://app.box.com/s/th78b3w9bhr1cpdtn9gmmm9v7j2vuq47,643c7e975121b4614156fc4f29de09b4fd1f0026,10/22/2014,2014
wp-operation-pawn-storm,Operation Pawn Storm Using Decoys To Evade Detection,Trend Micro,https://app.box.com/s/t2flymgu0ct5s3z487oedaq8dycsge77,4ff4b93665664603623bc7001e3ca961b8b78b9f,10/23/2014,2014
Modified_Binaries_Tor,Modified Binaries Tor,Joshua Pitts,https://app.box.com/s/nj7stspq3veln8iebra2f5u1203i86eg,c0708a3efcf32d02cfb5348f87fe140ae6f470e8,10/23/2014,2014
LeoUncia_OrcaRat,Leouncia And Orcarat,Airbus,https://app.box.com/s/737gsokqbgsi9d6yenyob3kgafl8mrc4,4bd6fa0c0a85f9041cecd54d722decdb4e817fe0,10/24/2014,2014
Novetta_Operation-SMN(10-24-2014),Operation SMN,Novetta,https://app.box.com/s/tp6i8x92oxp2jjs1gajmimxsbgwb3hpa,6b69bd2d1f6def7c593fa7feeb652bf938ee5632,10/24/2014,2014
pwc_ScanBox_framework,"Scanbox Framework: Who's Affected, And Who's Using It?",PWC,https://app.box.com/s/u273q9utje6wds8mtv17efskdu5oj8la,c264d97adeb81f59b0642de9a782f6fe545ed062,10/27/2014,2014
Micro-Targeted-Malvertising-WP-10-27-14-1,Micro-Targeted Malvertising Via Real-Time Ad Bidding,Invincea,https://app.box.com/s/fy9ss400cv8irbkyrw7i72dc8xaf5xiv,20fa586304cbbfaf23453c1bbe7033de398bd9fb,10/27/2014,2014
ICS_Havex_backdoors,Full Disclosure Of Havex Trojans,Netresec,https://app.box.com/s/v76ozenghvxl8cnk7rcdw4dxsnsffz2g,50b165c213697facb2410591c3ddf772b95fc805,10/27/2014,2014
Group72_Opening_ZxShell,"Threat Spotlight: Group 72, Opening The Zxshell",Cisco,https://app.box.com/s/89uahki8m2ksfgc8pysjw6utcqjp4q9u,116309e7121bc8b0e66e4166c06f7b818e1d3629,10/28/2014,2014
apt28,Apt28: A Window Into Russia's Cyber Espionage Operations,FireEye,https://app.box.com/s/2e7s0j3cuuswoplyvaqdz4kdudvvr7x7,1d9b39654f8c7678b3e2c30e378b2e14021b5d44,10/28/2014,2014
sophos-rotten-tomato-campaign,The Rotten Tomato Campaign,Sophos,https://app.box.com/s/ngqr8jevmhlypff49eju70nhxzfy26bh,23f0de5e628eccdfc670412485653f3662ab5594,10/30/2014,2014
GDATA_TooHash_CaseStudy_102014_EN_v1,Operation Toohash How Targeted Attacks Work ,Gdata,https://app.box.com/s/11ozmt3fr8pucuo08gnotg6ab22ka7pp,85fcdce7427c13906658f1835acaef7103c22ad3,10/31/2014,2014
Operation_Poisoned_Handover,Operation Poisoned Handover: Unveiling Ties Between Apt Activity In Hong Kong's Pro-Democracy Movement,FireEye,https://app.box.com/s/4ld2qhui8rs1slmh76mzj9vaum353mk8,40674e70c595d30f19b2c2636ed7d9dc6b146e8e,11/03/2014,2014
BlackEnergy2_Plugins_Router,"Be2 Custom Plugins, Router Abuse, And Target Profiles",Kaspersky,https://app.box.com/s/0aem5xn8owa5hpsjxuqbyloielln6oyh,15daf73d022246964c2938a889361aba40e7d08b,11/03/2014,2014
darkhotelappendixindicators_kl,Darkhotel Indicators Of Compromise,Kaspersky,https://app.box.com/s/r97cjt70ywsd7pnrstr7buqzxn5svfw1,abddcfeac71a991c480810c82d7e972c74251329,11/10/2014,2014
darkhotel_kl_07.11,The Darkhotel Apt A Story Of Unusual Hospitality v1.0,Kaspersky,https://app.box.com/s/rqk4up23y49pe1zalfmstkj4zb1dxbja,dfd64e9a601283c76ae3f28875166695dc354a21,11/10/2014,2014
Kaspersky_Darkhotel_kl_07.11_1.1(11-10-2014),The Darkhotel APT A Story of Unusual Hospitality v1.1,Kaspersky,https://app.box.com/s/f6bmfscrmam0oq111f9u4bwiqu74bxyi,fab8b6fddc50a533d5b537b27156cb265fea7f02,11/10/2014,2014
The_Uroburos_case,The Uroburos Case: New Sophisticated Rat Identified,Gdata,https://app.box.com/s/sg4cyodukt7edmmba6bfikuiu1jgzv59,96173322b936132aa4cdc0328e4a247d40ae5152,11/11/2014,2014
Korplug_Afghanistan_Tajikistan,Korplug Military Targeted Attacks: Afghanistan & Tajikistan,ESET,https://app.box.com/s/jih94kv82ucn12fdne8tsijvwn06cf4p,b336dd349c5b4620f04d98b90282c7ae900a3a42,11/12/2014,2014
Operation_CloudyOmega_Ichitaro,Operation Cloudyomega: Ichitaro Zero-Day And Ongoing Cyberespionage Campaign Targeting Japan,Symantec,https://app.box.com/s/61pv7a2qufqbm3dhargkrsqjjzgswxba,a4520f8f85d13aa469ff3e1b6d333e4c9a290e7a,11/13/2014,2014
roaming_tiger_zeronights_2014,Roaming Tiger,ESET,https://app.box.com/s/1q4787ruef22tvkgc7h82j6ib6qpc8v0,9d116269da44e22cc6f1496570bb4d56f7cc277b,11/14/2014,2014
OnionDuke_Tor,Onionduke: Apt Attacks Via The Tor Network - F-Secure Weblog : News From The Lab,F-Secure,https://app.box.com/s/vpr6m62odv8f7tz59xisqrba9khg4rhi,c50a95070633ecc76898b9f16ded848414747156,11/14/2014,2014
Derusbi_Server_Analysis-Final,Derusbi (Server Variant) Analysis,Novetta,https://app.box.com/s/t3h83k7pfdyzoi3hrhfl7k5o33sk1fwk,d246e3075bbd31f04b2a6efb53ad7d9e9faa0e96,11/14/2014,2014
EvilBunny_Suspect4_v1.0,Evil Bunny: Suspect #4,Marion Marschalek,https://app.box.com/s/xvilsesi5qd2gh6so2g3tnric51ndv57,814556f1a03e93364f4dc54555cb27549288e061,11/20/2014,2014
OperationDoubleTap,Operation Double Tap,FireEye,https://app.box.com/s/30f8215m5iow438k6gpjuxyvlsid7oom,e8fcb14805853185b36093119094085f0f7f86a2,11/21/2014,2014
regin-analysis,Regin: Top-Tier Espionage Tool Enables Stealthy Surveillance,Symantec,https://app.box.com/s/at56dm7anwlk35y4cp4ung9qwgiz6bn1,40f76477ba1f453b341743b53113ebd705c1bb75,11/23/2014,2014
Regis_The_Intercept,Secret Malware In European Union Attack Linked To U.S. And British Intelligence,The Intercept,https://app.box.com/s/qpegircfwykf835shpflarf87ah2438x,50be553c398b512ddd9741a0ab0350dccd600a3b,11/24/2014,2014
Kaspersky_Lab_whitepaper_Regin_platform_eng,The Regin Platform Nation-State Ownership Of Gsm Networks,Kaspersky,https://app.box.com/s/q23ruuvmn5mgq1dc0w3kggl6ek1pn4nz,5bbf6a633076473dc4b2afb6d166c8caa84463e4,11/24/2014,2014
DEEP_PANDA_Sakula,I Am Ironman: Deep Panda Uses Sakula Malware To Target Organizations In Multiple Sectors,Crowdstrike,https://app.box.com/s/4dfaheem1io3i71o51rf4lfo2ivotuol,02be2ef6587e940656cde835354d0073c4dce232,11/24/2014,2014
rpt-fin4,Hacking The Street?  Fin4 Likely Playing The Market,FireEye,https://app.box.com/s/56mtum85h5pznvw9r4x6yh5qivb7vgql,e5e09d247f5d25d7c960a3ef3231cef9d59a2b61,12/01/2014,2014
OperationCleaver_The_Notepad_Files,Operation Cleaver: The Notepad Files,Cylance,https://app.box.com/s/vsret8sjx5qd6xaxzv0rxdw4pocdmjll,114d677bac083a956038f44abec2bf2a59e1e080,12/03/2014,2014
Turla_2_Penquin,The 'Penquin' Turla,Kaspersky,https://app.box.com/s/5gfajyyz8firhnttdo72j0iz6uo4eo6q,dc20be49cbcecaf38bde2105a54580eb96605c25,12/08/2014,2014
bcs_wp_InceptionReport_EN_v12914,The Inception Framework: Cloud-Hosted Apt,Bluecoat,https://app.box.com/s/vny8b4ubmxo421amxtk8tvk4b9x1vz52,975c44773b456562f9ab5f9986c2102a21b618bd,12/09/2014,2014
w64_regin_stage_1,"W64/Regin, Stage #1",F-Secure,https://app.box.com/s/2ifpyh8kjoxsvrj9dnqfxfrb2go1pu3a,c5355707644b6948069345e2e8bac429e39f882d,12/10/2014,2014
w32_regin_stage_1,"W32/Regin, Stage #1",F-Secure,https://app.box.com/s/358saagkwt3gqy6w62ed6xo33w175r0y,62d5fdb316ad5b0c5e3afb5919785df4c557f25b,12/10/2014,2014
korea_power_plant_wiper,"Vulnerability, Malicious Code Appeared In The Mbr Destruction Function Using Hangul File",AhnLab,https://app.box.com/s/q8gx5wedudaui491qn6i4d7dxsnmuyla,fefd7ff6b2b254bd2e05784b51758c5d90acc06f,12/10/2014,2014
CloudAtlas_RedOctober_APT,Cloud Atlas: Redoctober Apt Is Back In Style,Kaspersky,https://app.box.com/s/pyjpzua55mu6j1my5jegdiiovmpx35yi,a9970d82d1b539ee63838619fcb9aaaae5f0c51d,12/10/2014,2014
Vinself_steganography,Vinself Now With Steganography,Airbus,https://app.box.com/s/uy1tzn58yjoarnrftgs9d8ieucwf4029,ae90917c7abe0c38ae289be9589f04c6fa7184c0,12/12/2014,2014
FTA_1014_Bots_Machines_and_the_Matrix,"Bots, Machines, And The Matrix",Fidelis,https://app.box.com/s/91ckw3z2lh26ylhxbjbjirjuyv5oslul,92f526d9a5e14080fdbec90ba2385617bbf19a10,12/12/2014,2014
Wiper_Malware,Wiper Malware _ A Detection Deep Dive,Cisco,https://app.box.com/s/efz1qmraxgqzenl5mzyeqtrh8kg1nktb,f7db20ae4b3f4784a3b4ac346424872858370a18,12/17/2014,2014
Targeting_Syrian_ISIS_Critics,Malware Attack Targeting Syrian Isis Critics,"Citizen Lab, Cyber Arabs",https://app.box.com/s/bnq1jfzfmvflkui8zw06fkp9c0x5dgxq,d0f24df94063d28e13c08fd2aeb9522034da3dea,12/18/2014,2014
TA14-353A_wiper,Alert (Ta14-353A) Targeted Destructive Malware,US-CERT,https://app.box.com/s/lldbbamo2r9d59jf9ztlif93d6o2p2uw,0e575c64a7603a1709b1ae37e286f420128d2096,12/19/2014,2014
operation-poisoned-helmand,Operation Poisoned Helmand,ThreatConnect,https://app.box.com/s/emf5ke7j5q12sku7vvvb0c1hbk70fygb,1a4508469960b248ba713cecf34653c59fd460f1,12/21/2014,2014
Anunak_APT_against_financial_institutions,Anunak: Apt Against Financial Institutions,"Group-IB, FOX-IT",https://app.box.com/s/exmsfcvad1sjqtmvtzbiil9k52js62ir,c1b7c2bec86e8edf8bba650c6fa506319198e3c3,12/22/2014,2014
Skeleton_Key_Analysis,Skeleton Key Malware Analysis,Dell Secureworks,https://app.box.com/s/elb9hgj4rvcajilnlh67kpgoskjqjra0,28f35f4b95e66030cf2a330bae394bbf8805b34f,01/12/2015,2015
DTL-12012015-01,Insight In To A Strategic Web Compromise And Attack Campaign Against Hong Kong Infrastructure,Dragon Threat Labs,https://app.box.com/s/9bt05cgrk8vbmylm5odno0k85s39kny0,2aa6e47d8b9549b8ca2ea62db6384bb4db682bcf,01/12/2015,2015
Agent.BTZ_to_ComRAT,Evolution Of Sophisticated Spyware: From Agent.Btz To Comrat,Gdata,https://app.box.com/s/gqksdtk0gogqzzzbg2w6b4y7fej6f26t,cde02057689886c29438815cbeed8ebe860a0ab2,01/15/2015,2015
Project_Cobra_Analysis,Analysis Of Project Cobra,Gdata,https://app.box.com/s/vuxbnmnptzygbuxkqbaq90vgm35hpcdv,6df16b7ff93a44fcbec3b656645631b864175bcf,01/20/2015,2015
Inception_APT_Analysis_Bluecoat,Reversing The Inception APT Malware,Bluecoat,https://app.box.com/s/sctzfr6aoagpzb9aoajcodvn6we7e055,486a65ba17141147d3d9fff2a0c26109edf78fab,01/20/2015,2015
waterbug-attack-group,The Waterbug Attack Group,Symantec,https://app.box.com/s/nrf432kfdk6kadkvbclgykekocn4pzzu,d6b2e4dba3b801252a62e0dade5c8ab71d2eefb1,01/22/2015,2015
Scarab_Russian,Scarab Attackers Took Aim At Select Russian Targets Since 2012,Symantec,https://app.box.com/s/pkoancu0b09aifvm2qfu6tdl8w0l5dqz,247676579b83264faf32e171f9187bbdbb057c7f,01/22/2015,2015
Regin_Hopscotch_Legspin,An Analysis Of Regin's Hopscotch And Legspin,Kaspersky,https://app.box.com/s/yezsypczjmt973gpcqfqh5yf9po4zr3c,630eea3f1bc9158570c53d70fc70b31003305f5c,01/22/2015,2015
P2P_PlugX_Analysis,Analysis Of A Recent Plugx Variant - P2P Plugx,JPCERT,https://app.box.com/s/outg1oalwwfvd86eopmgv2pskekzmr4t,d2e17e228e02df878f807b112f78afdc13cc6bca,01/29/2015,2015
Backdoor.Winnti_Trojan.Skelky,Backdoor.Winnti Attackers Have A Skeleton In Their Closet?,Symantec,https://app.box.com/s/89pqnoimwdkrmyhxwqj5pp17jtjm4lmc,c9a33400ab60741ff0c77a9829f3e04cfe39f2d2,01/29/2015,2015
rpt-behind-the-syria-conflict,Behind The Syrian Conflict's Digital Front Lines,FireEye,https://app.box.com/s/qriikjn5436zpiyazh8ta7gbzbd04onf,4751fe686fb4e305ef49296f46ac33139114232b,02/02/2015,2015
PawnStorm_iOS,Pawn Storm Update: Ios Espionage App Found,Trend Micro,https://app.box.com/s/9b7dfetwel6ywbcfai2wa0ja20cym721,4e645016b3627272cceb28a3b8bbba536eb9a6b4,02/04/2015,2015
GlobalThreatIntelReport,Global Threat Intel Report,Crowdstrike,https://app.box.com/s/xbbiyzpb3614bdaxuu3rs96n7f4ysppa,86f4a308b99a2a9cb335dc06457dd09399c05a29,02/10/2015,2015
operation-arid-viper-whitepaper-en,Operation Arid Viper: Bypassing The Iron Dome,Trend Micro,https://app.box.com/s/uqh30535vxopnp0achnlcemu2034aa26,9134d57a818f98608a53b53dcfb520716d9eb1c3,02/16/2015,2015
Equation_group_questions_and_answers,Equation Group: Questions And Answers,Kaspersky,https://app.box.com/s/reidof9i3qnjdq4t0k49o392g8r98tbt,41aa5bd1ed03d80650a89de3649d051f900b958b,02/16/2015,2015
Carbanak_APT_eng,Carbanak APT The Great Bank Robbery,Kaspersky,https://app.box.com/s/p7qzcury97tuwk26694uutujwqmwqyhe,99af231600ee8fd83b4b4fb057429e60cd9d21c4,02/16/2015,2015
The-Desert-Falcons-targeted-attacks,The Desert Falcons Targeted Attacks,Kaspersky,https://app.box.com/s/y45wyjrr4tnz2jlt93pk6giurxpg7ue7,0f4d8ba248dde47b514161014a57885aed084ce2,02/17/2015,2015
Elephantosis,Shooting Elephants,Netzpolitik,https://app.box.com/s/qog0dtpldhebhlasl12z3j82e0uv8t26,c8f384ae75119626032d4b42f34e883269dbf2a4,02/18/2015,2015
cto-tib-20150223-01a,Scanbox Ii,PWC,https://app.box.com/s/o83u5pekus9251w0cl5lo2m1k5u0u2vn,c73cbb8fa22e16920e3cbf51226f3fd8010d38bb,02/24/2015,2015
rpt-southeast-asia-threat-landscape,Southeast Asia: An Evolving Cyber Threat Landscape ,"FireEye, Singtel",https://app.box.com/s/h8kx7u7euolv1d6kjup0bxoujjikcbil,7c69db91f21ee20f7abcb4d95f21c4a17bfa6d17,02/25/2015,2015
plugx-goes-to-the-registry-and-india,Plugx Goes To The Registry (And India),Sophos,https://app.box.com/s/jfuf6eo3az72qrvh6ueke42ft9f23ztz,fc1d350810c19c94b1f3642fa08f50bf914ab821,02/25/2015,2015
Anthem_hack_all_roads_lead_to_China,The Anthem Hack: All Roads Lead To China,ThreatConnect,https://app.box.com/s/7rzfjpwud8blv668j1kxa7qmhcadn6pr,40559d68f1a3d25639408209de18d8ee395ae08a,02/27/2015,2015
Tibetan-Uprising-Day-Malware-Attacks_websitepdf,Tibetan Uprising Day Malware Attacks,Citizen Lab,https://app.box.com/s/43vz10qmcubl6d3cCVEzh2ahb9rbmyyj,d17fdf8935e094b2a34cde539abc85eec3533941,03/10/2015,2015
Inside_EquationDrug_Espionage_Platform,Inside The Equationdrug Espionage Platform,Kaspersky,https://app.box.com/s/vdy6lfmpvu6gzglsc3d7sade6tp9gi7e,a9a89dbd99ed439abcfced111affc69f9728fc7a,03/11/2015,2015
wp-operation-woolen-goldfish,Operation Woolen-Goldfish When Kittens Go Phishing,Trend Micro,https://app.box.com/s/pqe4y802utfswg27g3jeyaup46zje5b0,73a8169eff8f50cefe587c1097d67fb45e71a046,03/19/2015,2015
volatile-cedar-technical-report,Volatile Cedar Threat Intelligence And Research,Checkpoint,https://app.box.com/s/jgl1n5xvzu3kp7aoi3cd9r407kjfzjcc,7cd5b12fa38705e254296133991410754f1678ab,03/31/2015,2015
Novetta_winntianalysis(04-07-2015),WINNTI Analysis,Novetta,https://app.box.com/s/tv5rhy7awdq8ecfrugcrk1d4zcce3xnq,70ee75103d9fc301b7638712ba13c86014b8a0ad,04/07/2015,2015
RSA-IR-Case-Study(Apr-8-15),RSA Incident Response: An APT Case Study,RSA,https://app.box.com/s/tjoi82cp4iq6xx561qcu3xjr2rmfgmo1,f2755e9e4e380e2a8357916862e145965c6e7365,04/08/2015,2015
rpt-apt30,APT30 And The Mechanics Of A Long-Running Cyber Espionage Operation,FireEye,https://app.box.com/s/5jjomo7k001inllirt5lj83lu92ath7d,1b83984e2c9515c59885bc0078e3b1bed5d513b2,04/12/2015,2015
The Chronicles of the Hellsing APT_ the Empire Strikes Back - Securelist,The Chronicles Of The Hellsing APT: The Empire Strikes Back,Kaspersky,https://app.box.com/s/ob16ltqxv6urff6z1ore9i6t4308cxy6,3991aeb7aa51f81e0742f06b833b055aae662bf9,04/15/2015,2015
Indicators_of_Compormise_Hellsing,Hellsing Indicators Of Compromise,Kaspersky,https://app.box.com/s/ralrn76f32axakdv2fdl4kwtxqxvwee8,5b22b494cfe329c352948530cb19b6dc5067ca44,04/15/2015,2015
Operation RussianDoll,Operation Russiandoll: Adobe & Windows ZeroDay Exploits Likely leveraged By Russia's APT28,FireEye,https://app.box.com/s/oj4sr8vifeb03qe51newafin81tu8poy,3bd10169fc704a20a702c3fc61633d68843f195c,04/18/2015,2015
cto-tib-20150420-01a,"Sofacy II_ Same Sofacy, Different Day",PWC,https://app.box.com/s/dm3fbeb7hl95ilno014ftskoc1vi7n1r,417a791693f2554ee1ec94564467168ea58e2cfb,04/20/2015,2015
The CozyDuke APT - Securelist,The Cozyduke APT,Kaspersky,https://app.box.com/s/8vksggruwwqzg7a4y7xrsrysrje56pqn,46f4a7b1ec66e3aa1f6a93d64d9a4d3363621636,04/21/2015,2015
CozyDuke,Cozyduke,F-Secure,https://app.box.com/s/wig4z9nwq6wjxf3i4aslu9qro14pgsbe,7f0cdde2b33261a9a35446bb2cb51c310539fa50,04/22/2015,2015
OperationClandestineWolf,Operation Clandestine Wolf _ Adobe Flash Zero-Day In APT3 Phishing Campaign,FireEye,https://app.box.com/s/vxnua4o5c8u12xl4r7e5zkndpw65wz0m,da36e8623013f441bc3dd841e695ceb1f03db496,04/26/2015,2015
Attacks against Israeli & Palestinian interests - Cyber security updates,Attacks Against Israeli & Palestinian Interests,PWC,https://app.box.com/s/aaai5lu6q5wy0wp25m34oh383wmtg54m,2babeca1ce5aff70f24684cd80ed45ef43ec9a17,04/27/2015,2015
Ahnlab_Targeted-Attack-on-Frances-TV5Monde(May-5-15),Targeted Attack on France's TV5Monde,Ahnlab,https://app.box.com/s/ightjgw5rkaldfpfel7q9v6p3pcqhqat,b6aec94a79b7af64566cf734ef2a703c3d670e1c,05/05/2015,2015
Dissecting-the-Kraken,Dissecting The Kraken,Gdata,https://app.box.com/s/r5vy0kolgdxwwby2wjo523devdbt5leg,c478f5c474609cc5401648c0a55213f3a7137344,05/07/2015,2015
FSOFACY,APT28 Targets  Financial Markets: Zero Day Hashes Released,root9b,https://app.box.com/s/g55oxdd3q63hyngbjm4fbipfct94wrye,3bda90269f9a49360befe7f9a00f832c57af89c2,05/10/2015,2015
Cylance SPEAR Team_ A Threat Actor Resurfaces,Cylance Spear Team: A Threat Actor Resurfaces,Cylance,https://app.box.com/s/ma0qrrczbji4grvjbezpeugf3gru084x,2c19d922bfa84a0205d9142124caaa51dc2021f5,05/13/2015,2015
wp-operation-tropic-trooper,Operation Tropic Trooper: Relying On Tried-And-Tested Flaws To Infiltrate Secret Keepers,Trend Micro,https://app.box.com/s/h3xtomk798hufzzqxnhn2kjmvt6yrcxh,93b3ec0cec9636d7815424be3030ae54c2eb79b5,05/14/2015,2015
CmstarDownloader_Lurid_Enfal_Cousin,Cmstar Downloader: Lurid And Enfal's New Cousin,Palo Alto,https://app.box.com/s/67esnb1ppzsgyo3mm5es3zs8khtf3rpe,155c112f73a973ecf710fab5caa6434212275d81,05/18/2015,2015
oil-tanker-en,Operation Oil Tanker: The Phantom Menace,Pandalabs,https://app.box.com/s/xrwk7gqk44dp89fioubewttrw8a88im1,538701feeead706e34d24cf2b831071ac2f600cb,05/19/2015,2015
TheNaikonAPT-MsnMM2,The Msnmm Campaigns: The Earliest Naikon APT Campaigns,Kaspersky,https://app.box.com/s/nbtyzfb5j5x9d2qznmj3bzcpa2e8kezj,b91ed59b5aea02b712f1ea974fb4cf171ea8ba44,05/21/2015,2015
Dissecting-LinuxMoose,Dissecting Linux/Moose: The Analysis Of A Linux Router-Based Worm Hungry For Social Networks,ESET,https://app.box.com/s/38tsu5p4cc9kevuiiaxrptw3wrgksguk,198195bf91a009bdf666d630230d86b7b1d60bb9,05/26/2015,2015
ANALYSIS-ON-APT-TO-BE-ATTACK-THAT-FOCUSING-ON-CHINAS-GOVERNMENT-AGENCY-,Analysis On APT-To-Be Attack That Focusing On China's Government Agency,Antiy CERT,https://app.box.com/s/zeacvn2ae7aunrlsfjm8kbt4nbf6yn0z,42917d2bb4535fc6369cdd68bf82b7e7d28ebadf,05/27/2015,2015
Grabit,Grabit And The Rats,Kaspersky,https://app.box.com/s/x7jlktifxatv3oam1altle8km1xwju7b,4855ba957702d0393cb7ade531b46625426d9192,05/28/2015,2015
OceanLotusReport,Oceanlotus,SkyEye,https://app.box.com/s/fapwtkrudntz5po7c4u34l54j0vys9po,98e849a6be7fb956f5b17a183a2e00048f3bab25,05/29/2015,2015
Thamar-Reservoir,An Iranian Cyber-Attack Campaign Against Targets In The Middle East,Clearsky,https://app.box.com/s/mf27ius5sdlorh8nl4h4fr643g2i9orb,a0c391fec9b1faa80a0c713bd6aa37a7129adda7,06/03/2015,2015
BlueTermite_Japan,Blue Termite (Internet Watch),Kaspersky,https://app.box.com/s/0qhbl4o5adpf8fhdun7kp6cfz4ql3rdj,fee0f49a312915de5c41ebdd1eaf8aefacde1eaf,06/04/2015,2015
duqu2_crysys,Duqu 2.0: A Comparison To Duqu ,CrySyS Lab,https://app.box.com/s/yfoqrf6r0i0ih38pl0bmtud3ke0e6vhf,6c4fcf640dfbedbdddb724e69d0ed84319b0cf6e,06/10/2015,2015
Symantec_Duqu2-Reemergence-aggressive-cyberespionage-threat(06-10-2015),Duqu 2.0: Reemergence of an aggressive cyberespionage threat,Symantec,https://app.box.com/s/amixilnvbz29s9122fe9hfg00srndw70,efdcd716cde10b6f13d76b51e2f0c5a13b078047,06/10/2015,2015
The_Mystery_of_Duqu_2_0_a_sophisticated_cyberespionage_actor_returns,The Duqu 2.0 Technical Details,Kaspersky,https://app.box.com/s/9bejel60h3doxinwxdfyhig5nsqz05ga,fe05831d3dc661e418f969045f0087ba642fb27b,06/11/2015,2015
The Naikon APT - Securelist,"The Naikon APT: Tracking Down Geo-Political Intelligence Across APAC, One Nation At A Time",Kaspersky,https://app.box.com/s/zuyuhxayshyuaypjoxfm0nu8d5tivqih,af489e7e52483efe28d8f20f15be5d1dbae62a55,06/15/2015,2015
Targeted-Attacks-against-Tibetan-and-Hong-Kong-Groups-Exploiting-CVE-2014-4114,Target Attacks Against Tibetan And Hong Kong Groups Exploiting CVE-2014-4114 ,Citizen Lab,https://app.box.com/s/ma7v20ug1ij6dv1bxmb2qn69hgnr5nck,154083bd059ac6bb001e247f7e03d6189fa93362,06/15/2015,2015
unit42-operation-lotus-blossom,Operation Lotusblossom,Palo Alto,https://app.box.com/s/xhn6ru62qqom1kuxoe3mxnqrtb1sqw2q,3bcbddd61cc7df02fad5bdc692e956bac590fe98,06/16/2015,2015
winnti_pharmaceutical,Games Are Over: Winnti Is Now Targeting Pharmaceutical Companies,Kaspersky,https://app.box.com/s/f090ea4pi40hoaxe6otzfw7yl65ylw6y,8b870691f84547afc34c08c494f92a21f6d1dc3e,06/22/2015,2015
UnFIN4ished_Business_pwd,Unfin4Ished Business,PWC,https://app.box.com/s/7ep6vyqosrj2b26t6udv30jjdevkpv6f,5414153144f453be553af09c69bb1300c7678f79,06/24/2015,2015
ESET_Dino_French,Dino: The Latest Spying Malware From An Allegedly French Espionage Group Analyzed,ESET,https://app.box.com/s/wavmm2zrlt4n1jri8byn31b9fb1wo35i,fdf388b793a73c47a7caab35a5c4645c83c0931a,06/30/2015,2015
WildNeutron_Economic_espionage,Wild Neutron _ Economic Espionage Threat Actor Returns With New Tricks,Kaspersky,https://app.box.com/s/anoc1ews8p5jil4pewlafksf3d4oym5x,a73fcc0ce6923f3a6ce537ec8214cb7b539fe343,07/08/2015,2015
butterfly-corporate-spies-out-for-financial-gain,Butterfly: Corporate Spies Out For Financial Gain,Symantec,https://app.box.com/s/e8hbsm0zsrjryz3suwvutn1zjfpugwak,bf41e63f1493152c0d82f2b800099fc4170ea9f1,07/09/2015,2015
Forkmeiamfamous_SeaDuke,"""Forkmeiamfamous"": Seaduke, Latest Weapon In The Duke Armory",Symantec,https://app.box.com/s/kse3c1yd5gqku9e2nfmsny7gp99zlgu4,006d625ab23c5f9d849608506c77d45afec4c720,07/13/2015,2015
MiniDionis_CozyCar_Seaduke,Tracking Minidionis: Cozycar's New Ride Is Related To Seaduke,Palo Alto,https://app.box.com/s/s29hmikrmmik5v7eumpb4tipkdlyqhjl,d2e6c0c6d2e8dc72677482b8b4271568a3b2a9b9,07/14/2015,2015
WateringHole_Aerospace_CVE-2015-5122_IsSpace,Watering Hole Attack On Aerospace Firm Exploits CVE-2015-5122 To Install Isspace Backdoor,Palo Alto,https://app.box.com/s/8izjpumhif40wt5jzbe6yej6j1sewt0b,13feea5bb8a1f837e3772daf151e343086061f6a,07/20/2015,2015
China_Peace_Palace,China Hacks The Peace Palace: All Your Eez's Are Belong To Us,ThreatConnect,https://app.box.com/s/yso9235awisw1dmjh8dyqpi5r9nokzcx,4aa116bc762a0e2ac8ad635799c2a1acc49de6c4,07/20/2015,2015
Duke_cloud_Linux,Duke APT Group's Latest Tools: Cloud Services And Linux Support,F-Secure,https://app.box.com/s/4oehib8xu2boak3hd72sh1f9ka9gwwh7,8ee4f88f4734adc592190027018a461471e8204a,07/22/2015,2015
apt29-hammertoss-stealthy-tactics-define-a,Hammertoss: Stealthy Tactics Define A Russian Cyber Threat Group,FireEye,https://app.box.com/s/xqp6s3fb8w65f6mkm1zc89ftrl8lyfw7,05763e7c36f1120b89cedba2c39ab4680b8ba28f,07/27/2015,2015
the-black-vine-cyberespionage-group,The Black Vine Cyberespionage Group,Symantec,https://app.box.com/s/0ahidgtzecyx94hgvxoai9kmu5r6yw49,758520009778853bd186c8527b1cd73ee373ca36,07/28/2015,2015
Operation-Potao-Express_final_v2,Operation Potao Express: Analysis Of A Cyber-Espionage Toolkit,ESET,https://app.box.com/s/hji6y2fi3nwqbd8mtx6kiy6yckizwq2w,18e19f0aa8caf36fbb424ab650f87bb192d3434a,07/31/2015,2015
NATO_CCDCOE_CyberWarinPerspective_full_book(08-03-2015),Cyber war in perspective: Russian aggression against Ukraine,NATO,https://app.box.com/s/tnk1sw3cv0k0semcc9o275tjm5iliz45,d45c5b2614aedcd2eafcd7bd20ab7568f001be5b,08/03/2015,2015
Terracotta-VPN-Report-Final-8-3,RSA Research Terracotta VPN: Enabler Of Advanced Threat Anonymity,RSA,https://app.box.com/s/cx1sjzb1q7slnjho5n1n0iuc7y9om2ll,e820638a0c4690636ebac596e0bbc040308aa040,08/04/2015,2015
ThreatGroup-3390,Threat Group-3390 Targets Organizations For Cyberespionage,Dell Secureworks,https://app.box.com/s/6j0fm3yepzf11engl7t213zltahujorc,060957bd034772155905e49648e869f2bfc0adfb,08/05/2015,2015
Kaspersky_Report_Darkhotel_2015(08-10-2015),Darkhotel's attacks in 2015 ,Kaspersky,https://app.box.com/s/fu1lu7lza8h4znv76a5dqlrjubapxw92,034b5ef9a0a81222ce6fec74f19884af4d02353e,08/10/2015,2015
ESET_Carbanak-packing-new-guns(09-08-2015),Carbanak is packing new guns,ESET,https://app.box.com/s/h1dn7d6ptcpwjbcfj468fy5201ev4bbz,608cb9d67d1afa94db103e549c2442e5e9fc7788,09/08/2015,2015
F-Secure_TheDukes_whitepaper(9-17-15),THE DUKES: 7 years of Russian cyberespionage,F-Secure,https://app.box.com/s/ipsg0t3krs811gesknvxrdsqhsknbydj,c02195e501548fc9b8e2e13673a7e12e1af9e207,09/17/2015,2015
Secureworks_HackerGroup-Creates-Network-Fake-LinkedIn-Profiles(10-07-2015),Hacker Group Creates Network of Fake LinkedIn Profiles,Secureworks,https://app.box.com/s/w32vcrjpq3fj0fg0t8c5gwmy0olwnmnd,36fdb5f263a2abc93ab50d345d3626aded73050e,10/07/2015,2015
CitizenLab_Mapping-FinFishers-Continuing-Proliferation(Oct-15-15),Pay No Attention to the Server Behind the Proxy: Mapping FinFisher's Continuing Proliferation,Citizen Lab,https://app.box.com/s/46ab2f2m26oaqu7r2kflfig8ni686gcl,26840a8fbda17c1ae5bcb6198914ebf5e45308b2,10/15/2015,2015
Checkpoint_rocket-kitten-report(Nov-9-2015),Rocket Kitten: A Campaign With 9 Lives,Checkpoint,https://app.box.com/s/vhe51fr5m6kqqzbkkcuukta6nucn9p6a,523ae1be152df2a4d1de51ee2b3e7f23cad62628,11/09/2015,2015
Microsoft_Security_Intelligence_Report_Volume_19_English(11-16-2015),Microsoft Security Intelligence Report (Volume 19),Microsoft,https://app.box.com/s/qjvx7sdbo7cufb5b8putfyqn8ku82xq2,666a7931d4fc2466852e0676e318391a23aec1d1,11/16/2015,2015
RSA_Peering-Into-GlassRAT-final(Nov-23-15),PEERING INTO GLASSRAT: A Zero Detection Trojan from China,RSA,https://app.box.com/s/3jg797vagekvf1xjyz1j49esdhm4fmjs,1d72a50b38ee4b5f57684726cef957f61ae6d2f2,11/23/2015,2015
Symantec_Iran-based-attackers-use-back-door-threats-to-spy-on-Middle-Eastern-targets(Dec-7-2015),Iran-based attackers use back door threats to spy on Middle Eastern targets,Symantec,https://app.box.com/s/oeix6b4jcwdkwyrzq35brtmq2ktoyxnw,7819b3820b7af3f3d3f0335989a95ae6314b353b,12/07/2015,2015
Symantec_CadelSpy-Remexi-IOC(12-07-2015),Backdoor.Cadelspy and Backdoor.Remexi indicators of compromise,Symantec,https://app.box.com/s/k351gsuaj647jtmwmukmtem31oszg1tv,a3d9e8a14cf1729af25bf64193ac17bf9da56a20,12/07/2015,2015
Kaspersky_Evolution-of-Cyber-Threats-in-the-Corporate-Sector(Dec-10-2015),Evolution of Cyber Threats in the Corporate Sector,Kaspersky,https://app.box.com/s/ql84nxbrheluzhi3bt7k48damnuz00u5,75c2325f529d34155445af6a82bb22ec4277a80f,12/10/2015,2015
Fidelis_FTA_1020_Fidelis_Inocnation_FINAL(Dec-16-15),Dissecting the Malware Involved in the INOCNATION Campaign,Fidelis,https://app.box.com/s/dl6izicyky1x946ueo77nn2w8c5jxgm3,e10651d3a6223055e95464f0023b549cdf7ca00c,12/16/2015,2015
PaloAlto_BBSRAT-Attacks-Targeting-Russian-Organizations-Linked-to-Roaming-Tiger(Dec-22-15),BBSRAT Attacks Targeting Russian Organizations Linked to Roaming Tiger,Palo Alto,https://app.box.com/s/noqd4tec6z6nfv8w4z48vzvwfo3goegl,e9de634545c873b0999728df361b28fae9536dc2,12/22/2015,2015
PWC_ELISE- Security-Through-Obesity(Dec-23-15),ELISE: Security Through Obesity,PWC,https://app.box.com/s/xjjieg8w489osjfp4jk7vgum37a6ibro,7baa3b39f072e82717aa554f3434863f7e9edd1f,12/23/2015,2015
ESET_BlackEnergy-by-the-SSHBearDoor(Jan-3-16),BlackEnergy by the SSHBearDoor: attacks against Ukrainian news media and electric industry,ESET,https://app.box.com/s/uo31npu9sese34f1ppggmrug48x7rlqp,8bcb1743d4a9ddbbc6daf063dca8c8107baed218,01/03/2016,2016
Clearsky_Operation-DustySky_TLP_WHITE(Jan-7-2016),Operation Dusty Sky,Clearsky,https://app.box.com/s/cydpeasz6l8cv9oo99o4tpazd5tq4xkm,9b7bf2d6c4a10dac7483c618562e701f42c1dc32,01/07/2016,2016
Clearsky_Operation-DustySky-indicators(Jan-7-2016),Operation Dusty Sky (indicators),Clearsky,https://app.box.com/s/5iym3huegu3ssaejl0rr268sr7qy6seb,1acdc7b846d53b582075ea4a3c5ba64bbbf10e81,01/07/2016,2016
Arbor_Uncovering-the-Seven-Pointed-Dagger(Jan-11-16),Uncovering the Seven Pointed Dagger,Arbor Networks,https://app.box.com/s/z1uanuv1vn3vw5iket1r6bqrmlra0gpn,37584381a0a0c2d566b8ce13965ffa7226cdaa71,01/11/2016,2016
Cisco_Needles-in-a-Haystack(Jan-14-16),RESEARCH SPOTLIGHT: NEEDLES IN A HAYSTACK,Cisco,https://app.box.com/s/6tlgwpp0u2lzahlrhtymkp2nnbtd421f,b0e8168b58ee221655df862460e305841c86f16c,01/14/2016,2016
ESET_Cyberattacks-Ukrainian-power-industry(01-20-2016),New wave of cyberattacks against Ukrainian power industry,ESET,https://app.box.com/s/9wmebk32ymd1d6ryvl84wlqbpsi8rw5e,ed19e5c293f8acef03e89ade53f179c941155479,01/20/2016,2016
PaloAlto_Scarlet-Mimic(Jan-24-16),Scarlet Mimic,Palo Alto,https://app.box.com/s/zhour42vz6sxf7aws3oj70i1rd5ib8kx,9a7bd4348f8ad97d5440d287b81382d47f71d954,01/24/2016,2016
Kaspersky_BlackEnergy-APT-Attacks-in-Ukraine-employ-spearphishing-with-Word-documents(Jan-28-16),BlackEnergy APT Attacks in Ukraine employ spearphishing with Word documents,Kaspersky,https://app.box.com/s/igygz8ihex1hok5r1dp215ui0gz1ghwr,5780a1382be59719a980376feb783590e422b1aa,01/28/2016,2016
PaloAlto_Emissary-Trojan-Changelog-Did-Operation-Lotus-Blossom-Cause-It-to-Evolve(Feb-03-16),Emissary Trojan Changelog: Did Operation Lotus Blossom Cause It To Evolve,Palo Alto,https://app.box.com/s/oyqcfzoa1hfq5evuymj5bqfitkqlfp4v,31c81ceafb1de9c731e7e003e3a638b9841a78e4,02/03/2016,2016
PaloAlto_T9000-Advanced-Modular-Backdoor-Uses-Complex-Anti-Analysis-Techniques(Feb-04-16),T9000: Advanced Modular Backdoor Uses Complex Anti Analysis Techniques,Palo Alto,https://app.box.com/s/u9eldsgol20dmuw0nljeqo9nlw4r9ms7,62df4dd012589910b6be8df92f23e231c493772a,02/04/2016,2016
PaloAlto_Attack-on-French-Diplomat-Linked-to-Operation-Lotus-Blossom(Feb-08-16),Attack On French Diplomat Linked To Operation Lotus Blossom,Palo Alto,https://app.box.com/s/cbxo6pdyf8xua2eg5dn44ni47wbs0le0,777fc2e7355924588a27d693cdfcc31bcf8ec76b,02/08/2016,2016
ICIT-Brief-Know-Your-Enemies-2.0(02-08-2016),Know Your Enemies 2.0: A Primer on Advanced Persistent Threat Groups,ICIT,https://app.box.com/s/kj9eyf73oh2hi8zum6a8lygzqb5jhsm7,6cc38d03649b53205ea47fad7672a39480be93ab,02/08/2016,2016
Kaspersky_Poseidon-Group(Feb-09-16),Poseidon Group,Kaspersky,https://app.box.com/s/94ct7ny9breqnyhdwmcyv982w9qj2rxi,3a2dc9b54f9c5047df5162590c51e51b3392e86c,02/09/2016,2016
PaloAlto_A-Look-Into-Fysbis-Sofacys-Linux-Backdoor(Feb-12-16),A Look Into Fysbis: Sofacy's Linux Backdoor,Palo Alto,https://app.box.com/s/2x3mrik225skob8rxd50rp63wlq0fp6v,6b6c4552509612cec438d34e58908e166b005238,02/12/2016,2016
Cylance_Op_Dust_Storm_Report(Feb-23-2016),Operation Duststorm,Cylance,https://app.box.com/s/dt9mscechq7heg83z7vgujp5ujjzd97c,606f656561781dba6fdef666ece6a0cc24709f01,02/23/2016,2016
Novetta_Operation-Blockbuster-Report(Feb-24-2016),Operation Blockbuster,Novetta,https://app.box.com/s/rhn69xecfqe8k2abwmn43ilmd59y1we0,29d015e736a3012277f84f1b1bedc9bcac060648,02/24/2016,2016
Bluecoat_FROM_SEOUL_TO_SONY(2-24-16), FROM SEOUL TO SONY: THE HISTORY OF THE DARKSEOUL GROUP AND THE SONY INTRUSION MALWARE DESTOVER,Bluecoat,https://app.box.com/s/xyyord0b806e6or2nh92coxw2areyyx4,5ec7109b992643aabb83ba6187230e3033699875,02/24/2016,2016
Proofpoint_operation-transparent-tribe-threat-insight-en(Mar-01-16),Operation Transparent Tribe,Proofpoint,https://app.box.com/s/2terwf3c3e8iunw8v7kj83p2zw44nns2,f21f1f6da5cc09b6e5542606d66f2ecd68e45abc,03/01/2016,2016
TheCitizenLab_Shifting-Tactics-Tracking-changes-in-years-long-espionage-campaign-against-Tibetans(Mar-10-16),Shifting Tactics Tracking Changes In Years Long Espionage Campaign Against Tibetans,Citizen Lab,https://app.box.com/s/wb0vzmvsgude6yby0d5bn02cxebuuvhc,e39432b344d29121ec4bcb658ef5292f2416a05a,03/10/2016,2016
Symantec_Suckfly-Revealing-the secret-life-of-your-code-signing-certificates(Mar-15-16),Suckfly: Revealing the secret life of your code signing certificates,Symantec,https://app.box.com/s/p3tmorslyk9q1s3s6eul4xa4148o6fp2,4ff503930f8fd317739ca0db9c81c7d636335597,03/15/2016,2016
PWC_Taiwan-Presidential-Election-A-Case-Study-on-Thematic-Targeting(Mar-17-2016),Taiwan Presidential Election: A Case Study on Thematic Targeting,PWC,https://app.box.com/s/lyradpx3h7eic3dyiz33ufiia0wj7otn,b039fa56126220d8df26a5ad6853a884bd76581e,03/17/2016,2016
Symantec_Taiwan-targeted-cyberespionage-Trojan(03-29-2016),Taiwan targeted with new cyberespionage back door Trojan,Symantec,https://app.box.com/s/xqh458fe1url7mgl072hhd0yxqw3x0jm,9e322f3701772b212bf17221448ef5966457ea07,03/29/2016,2016
Arbor_The-Four-Element-Sword-Engagement(4-13-16),The Four Element Sword Engagement,Arbor,https://app.box.com/s/19ghms2qz9raaquoxu2bh3paoqyx545r,e7c914466713e7e74fcc1338398a1340464e63bc,04/13/2016,2016
TheCitizenLab_Between-Hong-Kong-and-Burma_Tracking-UP007-and-SLServer-Espionage-Campaigns(4-18-16),Between Hong Kong and Burma: Tracking UP007 and SLServer Espionage Campaign,Citizen Lab,https://app.box.com/s/goyec2m2zwl5fi4sv3ayzwhudcfly1lv,bbe1b72cdd7e601d5f701b5e4a03a71b776fc7fa,04/18/2016,2016
TrendMicro_NetherlandsCyberAttack(04-21-2016),Looking Into a Cyber-Attack Facilitator in the Netherlands,Trend Micro,https://app.box.com/s/ub5txv2ky12s7kuuv7d1vzqvkympepaq,1b9a9fd865cc671ceef94c0ddcfbe8bb99fdc182,04/21/2016,2016
TrendMicro_NetherlandsCyberAttack_Appendix(04-21-2016),Looking Into a Cyber-Attack Facilitator in the Netherlands (Appendix),Trend Micro,https://app.box.com/s/1vjcdqrpcvtb5fqfehk3ehxj6qh8eaf0,25509ab2f9468a0a89bd62750b3549ab32d48b1a,04/21/2016,2016
Cylance_The_Ghost_Dragon(04-22-2016),The Ghost Dragon,Cylance,https://app.box.com/s/xr1ykgout1c9ho5rotpop09smkawg5me,8c629cb675335784dd319ac0f47822274b5d7858,04/22/2016,2016
BAESystems_SSA-Two-bytes-to-951m(04-25-2016),Two Bytes to $951M,BAE Systems,https://app.box.com/s/49t6zpzjln2vvm2npdnzwtr0hkrxq37v,0387df8bdfbe771ec7ee80715c58afac76266a0e,04/25/2016,2016
Microsoft_Targeted-attacks-in-South-and-Southeast-Asia(Apr-26-16),PLATINUM Targeted attacks in South and Southeast Asia,Microsoft,https://app.box.com/s/ursk78m124t1lagjnu2862kumrnoshcp,ffe1ab81dc16f38930659c5ec9f6f8f9ebdf7d35,04/26/2016,2016
Fidelis_Turbo-Twist-Two-64-bit-Derusbi-Strains-Converge(May-2-16),Turbo Twist: Two 64-bit Derusbi Strains Converge,Fidelis,https://app.box.com/s/ex6wh2qsg1c29sob6f70x1q6eoe3v64w,5ba6ec70bf70a31f8d61d408be83d3a999d9beee,05/02/2016,2016
PaloAlto_PrinceofPersiaInfyMalware(05-02-2016),Prince of Persia: Infy Malware Active In Decade of Targeted Attacks,Palo Alto,https://app.box.com/s/zkjmru7uknf1p90mqn81ycf867le78tn,bd91ba55a44f3288be1483e8d160e2910e1eed21,05/02/2016,2016
PwC_Exploring_CVE-2015-2545(05-06-2016),Exploring CVE-2015-2545 and its users,PWC,https://app.box.com/s/g9pew9ajkp259c2t99mh4xspsev61hgm,2b7257511cc403a0a5f9d306663fbbe6c7c1c797,05/06/2016,2016
Fox-IT_mofang_threatreport_tlp-white(05-17-2016),Mofang: A politically motivated information stealing adversary,Fox-IT,https://app.box.com/s/p2oftago51ohnku082ztx1kbvaa1lxps,ffa66796bd7c7f077c31285e6563ccb522b7e9b1,05/17/2016,2016
ESET_Operation-Groundbait(5-17-16),Operation Groundbait:Analysis of a surveillance toolkit,ESET,https://app.box.com/s/hq5t0xjxxbkeulf942ufeiyf3k4zq9b6,5938181ed1aec8281f229581f38f37f78eb24821,05/17/2016,2016
Symantec_Indian-organizations-targeted-in-Suckfly-attacks(5-17-16),Indian organizations targeted in Suckfly attacks,Symantec,https://app.box.com/s/nekeu5y0v2yk4rdwpuq8y1ahyyuaduen,fbf36d88f19b64802a9b1e31e7b8554b8e33be37,05/17/2016,2016
TrendMicro_Operation-C-Major_blog(5-18-16),Operation C-Major Actors Also Used Android BlackBerry Mobile Spyware Against Targets,Trend Micro,https://app.box.com/s/xua6557tccyx7h0ksmjnu8u5bra3z15n,d4203fd526a2ba2714bc19f62e24e8ef91806b1a,05/18/2016,2016
McAfee_SWIFT-Insider-Knowledge(05-20-2016),Attacks on SWIFT Banking System Benefit From Insider Knowledge,McAfee,https://app.box.com/s/0dgvhevjt5e6all9h1zq1dsgyo2awzy7,abe3c0fd4fb29ba970c896d542fe8e9e4edf5f15,05/20/2016,2016
FireEye_Targeted-Attacks-against-Banks-in-the-Middle-East(5-23-16),Targeted Attacks against Banks in the Middle East,FireEye,https://app.box.com/s/43ovij7jz7isl93tow4s3f89yhuiwu4e,66abb93ddb5a1e2dc75b1d8db5c97417200c3996,05/23/2016,2016
GovCERTch_Report_Ruag_Espionage_Case(5-23-16),APT Case RUAG Technical Report,GovCERT.ch,https://app.box.com/s/rabwkf8pmoxndj0n0nlktvc2eti2381k,dbee63b0f8cd29139b4d12b867e3a80de139c0df,05/23/2016,2016
PaloAlto_ke3chang_tidepool(5-23-2016),Operation Ke3chang Resurfaces With New TidePool Malware,Palo Alto,https://app.box.com/s/vwuocstge7xud74xhnw9s98h2m812pyr,2c09f13be3c035ec932d6c91366f61f7f1320f72,05/23/2016,2016
PaloAlto_New- Wekby-Attacks-Use- DNS-Requests- As- Command-and- Control- Mechanism(5-24-16),New Wekby Attacks Use DNS Requests As Command and Control Mechanism,Palo Alto,https://app.box.com/s/5dcx9g1lrt3m9y2wgmxpyiv4malmdnpp,cfea29fab43ff53f7869542633891a89ead24a5f,05/24/2016,2016
Kaspersky_CVE-2015-2545_overview-of-current-threats(5-25-16),CVE-2015-2545: overview of current threats,Kaspersky,https://app.box.com/s/ztb6a52hkbenfurrecc3jifk9b67ie79,5f77c03a83f36e0f74a37efea8cc959613ee3d10,05/25/2016,2016
Symantec_SWIFT-malware-linked-financial-attacks(05-26-2016),SWIFT attackers' malware linked to more financial attacks,Symantec,https://app.box.com/s/hg658zohnowfcj62ofyt4av99xucdq0q,b0c56ff2ab4614632c008d3384d39764e4cf5664,05/26/2016,2016
TrendMicro_IXESHE_IHEATE(05-27-2016),IXESHE Derivative IHEATE Targets Users in America,Trend Micro,https://app.box.com/s/8glps1qnq0glc2c2b2wsmeb4019f9wpd,d611ca60c87498c89b450dda0f06a3cffebe53ae,05/27/2016,2016
CitizenLab-Stealth_Falcon(05-29-2016),Stealth Falcon,Citizen Lab,https://app.box.com/s/is08b06f6fj6a9z6wymf4u5y5xjm6opr,6060d8839dc4054fd3d57b2935eb79b2876f75d6,05/29/2016,2016
FireEye_IRONGATE_ICS(06-02-2016),IRONGATE ICS Malware: Nothing to See Here...Masking Malicious Activity on SCADA Systems,FireEye,https://app.box.com/s/6s871m2xa63x4ru8glto9crcv6kk8jor,78ea4b8589b7b776b4a9fe94fd42bd74740d4276,06/02/2016,2016
FireEye_IndianGovSpearPhish(06-03-2016),APT Group Sends Spear Phishing Emails to Indian Government Officials,FireEye,https://app.box.com/s/s0yj8qsfhkf81hpyrtdmhpv3lrmd5p5n,97a52c09444fff77e5b7dc8e1cc3606bed224ace,06/03/2016,2016
Fireeye_Spear-Phishing-Indian-Government-Officials(06-03-2016),Apt Group Sends Spear Phishing Emails To Indian Government Officials,FireEye,https://app.box.com/s/5hn3fparz8n2bmjpwzvxbds7gcnb7kum,3108aea5c7ef8c8a6d3633612c4f0231b1cec25b,06/03/2016,2016
CrowdStrike_BearsintheMidst_DNC(06-04-2016),Bears in the Midst: Intrusion into the Democratic National Committee,Crowdstrike,https://app.box.com/s/x5sz7dw4as54b1rif3mdtqwzzj2aek68,269f0dfade9d5929e678027bd1c274e45d851b45,06/04/2016,2016
Clearsky_Operation-DustySky2(6-9-16),Operation DustySky Part 2,Clearsky,https://app.box.com/s/ldd528ht55m4avot9b485mi6529f8c3r,a00dc576f03496351c6ec2989aac2a26891c4cff,06/09/2016,2016
Clearsky_Operation-DustySky2-indicators(6-9-16),Operation DustySky Part 2 Indicators,Clearsky,https://app.box.com/s/q9amfvko7h3x9g4rgcno0vy25btsv1rw,d14171df6033ec8c090de678e505d08c5f62fd88,06/09/2016,2016
Microsoft_DUBNIUM(06-09-2016),Reverse-engineering DUBNIUM,Microsoft,https://app.box.com/s/f0xelxxs6ey9nms9fox1uugy8nuof40t,aa49d07c40e3bf8da6779a1d08eeda6efcce3706,06/09/2016,2016
PaloAlto_SofacyUSGov(06-14-2016),New Sofacy Attacks Against US Government Agency,Palo Alto,https://app.box.com/s/49rs6u4cyq43khamdah90y9zyacjzmbr,61c759fab05cb341d84f825452ad17cbcfb23c31,06/14/2016,2016
Citizenlab_Group5_Syria_Iranian_Connection(06-14-2016),Group5: Syria and the Iranian Connection,Citizen Lab,https://app.box.com/s/2475tuv4oigvtrdy1jx6p2lct9ebzlcb,c9d42c2c21c439babfc553984e4b71f6c1db7afb,06/14/2016,2016
Secureworks_TG-4127Clinton(06-16-2016),Threat Group-4127 Targets Hillary Clinton Presidential Campaign,Secureworks,https://app.box.com/s/uy6iv3fj7akwzrj9zq1gv403b35twaoy,4827ac42240efd00e38b61e68f85379adb760861,06/16/2016,2016
DellSecureworks_ThreatGroup-4127-Targets-Clinton-Campaign(06-16-2016),Threat Group 4127 Targets Hillary Clinton Presidential Campaign,Dell Secureworks,https://app.box.com/s/jfku9mhjnf150uokw2owfxy0isj3pi28,9f1be920242bc0b1cca697c0b5034c24a9e9c0a9,06/16/2016,2016
Kaspersky_ScarCruft-OpDaybreak(06-17-2016),Flash zero-day exploit deployed by the ScarCruft APT Group,Kaspersky,https://app.box.com/s/0vp77yw58zhqmt9xoez6f7nmicbgkqrw,fb7781a1552ee8fcddd13fc560aa1dea9ad4955a,06/17/2016,2016
Kaspersky_Flash-zero-day-ScarCruft-APT-Group(06-17-2016),Operation Daybreak,Kaspersky,https://app.box.com/s/dj0libdgcbb232zyhj3fq1ehkqyti1xm,257650cc95d4f77ec70553ce9bbf0a4e393ea4e3,06/17/2016,2016
Microsoft_RE-DUBNIUM-FlashExploit(06-20-2016),Reverse-engineering DUBNIUM's Flash-targeting exploit,Microsoft,https://app.box.com/s/rsvvnrm7ct991olqsvbqrie614xt9f3b,4380f06f404326f756a7c48cb7dd0236e1934cb0,06/20/2016,2016
Fidelis_DNC-IntrusionMalware(06-20-2016),Findings from Analysis of DNC Intrusion Malware,Fidelis,https://app.box.com/s/406jm438rm7s65du4d4qnj7iwj5bkphv,d093215af4ce896149f0fc7a42eacad89f58ac3c,06/20/2016,2016
Fireeye-rpt-china-espionage(06-20-2016),Red Line Drawn: China Recalculates Its Use Of Cyber Espionage,FireEye,https://app.box.com/s/jdk38pbsyaa19vb91uffmprn9oz4a2vr,4961a742b4c650d3fb84f9321de52911df176f1b,06/20/2016,2016
ESET-Visiting_The_Bear_Den(6-21-2016),Visiting The Bear Den A Journey in the Land of (Cyber-)Espionage,ESET,https://app.box.com/s/ifsplrz92ssuo3mhgwadkgoc19e5y56e,98985054ab8d3b6c232132f1957fefc4ba01c7a6,06/21/2016,2016
PaloAlto_TrackingElirksJapanSimilaritiesPreviousAttacks(06-23-2016),Tracking Elirks Variants in Japan: Similarities to Previous Attacks,Palo Alto,https://app.box.com/s/ki60vxvdi2wzqrsrqik0yvg4sdwsbbal,eba3ad81b20ed7b9ef081714928ecf1a4324b057,06/23/2016,2016
Secureworks_ThreatGroup-4127-Targets-Google-Accounts(06-26-2016),Threat Group-4127 Targets Google Accounts,Secureworks,https://app.box.com/s/2y2p7im0bp3o5myvi5s9cxfchddn2zbd,4b340fd7ca63937db459345ebbf915a9dd5cfe01,06/26/2016,2016
PaloAlto_PrinceofPersiaGameOver(06-28-2016),Prince of Persia Game Over,Palo Alto,https://app.box.com/s/drj4vb73cv87ok5wks21rynlq3236793,3f92bfbfdb0fee7eda8613fc3a6ff515ffceb972,06/28/2016,2016
JPCERT_AsruexShortcutFiles(06-30-2016),Asruex: Malware Infecting through Shortcut Files,JPCERT,https://app.box.com/s/mxvgs6dx4kixjv5s29yc6m81kii8opbw,0ddd9b23aaa773615e7d6392969d40b332e0c85f,06/30/2016,2016
Bitdefender_Pacifier-APT(7-1-2016),Pacifier APT,Bitdefender,https://app.box.com/s/xcu346jhiokohlj9300q6hif06swac57,6289dff2cbd2750c76517007989483922179fa40,07/01/2016,2016
ESET_targeting-Central-and-EasternEurope(07-01-2016),Espionage toolkit targeting Central and Eastern Europe uncovered,ESET,https://app.box.com/s/kmb22xnoniwxfkhsw8r3tkpo5rko0w1a,8d9af4bb8b4bafcb9e58ab21e1419abd2eed46b2,07/01/2016,2016
Cymmetria_Unveiling-Patchwork(07-07-16),Unveiling Patchwork the Copy Paste APT,Cymmetria,https://app.box.com/s/r9pw9xbcy2fz2ssewg5p7lqyvtn1b6jc,955ddb4453827e2c1664f2924e75b21fb0c0496d,07/07/2016,2016
Proofpoint_NetTraveler-TargetsRussianEuropean(07-07-2016),"NetTraveler APT Targets Russian, European Interests",ProofPoint,https://app.box.com/s/u16hs4trjkamdxkb8xth6e5ugckr3230,d647ecd9a694447bc8ee9096f425ba29d93f7fb7,07/07/2016,2016
Kaspersky_DroppingElephant(07-08-2016),The Dropping Elephant - aggressive cyber-espionage in the Asian region,Kaspersky,https://app.box.com/s/9yczw853br9y9bs98j44uwc3kx6e414y,e0606a9e6a785d942b50d281d87550dc03d3666e,07/08/2016,2016
Symantec_Patchwork-expands-to-industries(07-25-2016),Patchwork cyberespionage group expands targets from governments to wide range of industries,Symantec,https://app.box.com/s/8k4ikxiyz3od5bg6juqpjf99dcfdba4l,0184ab60e9f8f38cd59f0a53278192a286255179,07/25/2016,2016
EFF_OperationManul(08-03-2016),Operation Manul,EFF,https://app.box.com/s/0dhelcscwtesl3biuldgrbeddaffwneu,cf6fad700146b469d54f47c1541a84bb0dc08bc6,08/03/2016,2016
Forcepoint_Moonsoon(08-06-2016),Moonsoon - Analysis of an APT Campaign,Forcepoint,https://app.box.com/s/cdivyys0ej34bh9r151vybct5nlqy4l5,b910f06ecd66d0a297e2043369b82a29cf770eee,08/06/2016,2016
Symantec_Strider-group-turns-eye-targets(08-07-2016),Strider: Cyberespionage group turns eye of Sauron on targets,Symantec,https://app.box.com/s/l6i8z1vz83uwzf2ycl94xnel5voddt5v,2954f154b324e61eae407e7d656a5b4b373fb5cb,08/07/2016,2016
Kaspersky_The-ProjectSauron-APT_research_KL(08-08-2016),The ProjectSauron APT,Kaspersky,https://app.box.com/s/3n10k8gbwt7pfebhqjg8n2mwpo6m3u7j,877d7520e4b6fd17e48903f779a48b8619ebe87e,08/08/2016,2016
Visa_Oracle-Micros-Compromise(08-08-2016),Carbanak Oracle Breach,Visa,https://app.box.com/s/4sfhcqaaxwui1dbvd13254wm5wfy9bmk,8dcd6158f82898310af73d9fbeae8e626dbfdb7b,08/08/2016,2016
BrianKrebs_Carbanak-Oracle-breach(08-13-2016),Visa Alert and Update on the Oracle Breach,Brian Krebs,https://app.box.com/s/ejrvucttqc6eanln2kkmqtjklg563jxg,af70e2e4750a95aa3748fc15e3c1fb92f1b47e29,08/13/2016,2016
Citizenlab_NSO_iPhone_ZeroDays_UAE(08-24-2016),The Million Dollar Dissident: NSO Group's iPhone Zero-Days used against a UAE Human Rights Defender,Citizen Lab,https://app.box.com/s/adaa4lfxeohb7ehxv3ao6104gmvq226i,32c2e322e6e97466dc82e81fc94acc14eee10192,08/24/2016,2016
Symantec_Buckeye_HongKong(09-06-2016),Buckeye cyberespionage group shifts gaze from US to Hong Kong,Symantec,https://app.box.com/s/0rfkkv27x039vbqsblzdsm530ii2ymjl,36cc8f9d42465b2ac2681772862e21ecb2eaa137,09/06/2016,2016
Cyberkov-Hunting-Libyan-Scorpions-EN(9-18-16),Hunting Libyan Scorpions,Cyberkov Security,https://app.box.com/s/pov6xl0nvac5iaq4kafyw7p8ylmx3p8d,9030bce0306febd7e94fd047d480512583889389,09/18/2016,2016
PaloAlto_Sofacys_Komplex_OSXTrojan(09-26-2016),Sofacy's Komplex OS X Trojan,Palo Alto,https://app.box.com/s/w1qrcz1z9bx2dwt4gegv0h940ex35hlt,fb15f1de386ed3102956ff732b50c35ef56548b5,09/26/2016,2016
ThreatConnect_Belling_the_BEAR(09-28-2016),Belling the BEAR,ThreatConnect,https://app.box.com/s/xpj87wwmxjkl3cykpyjbekaqhb3v4py6,802cfc799eb72c9b5e40ca56e724c75b1fa10be8,09/28/2016,2016
Kaspersky_StrongPity-Waterhole-Targeting-Italian-Belgian-Encryption-Users(10-03-2016),On the StrongPity Waterhole Attacks Targeting Italian and Belgian Encryption Users,Kaspersky,https://app.box.com/s/c9w0xp0mgndij268ku7ti5ee4lxu54bv,f4c3883bdb12af3225b3b57f2d8352cb37586312,10/03/2016,2016
Kaspersky_Wave-your-false-flags(10-05-2016),Wave your false flags! Deception tactics muddying attribution in targeted attacks,Kaspersky,https://app.box.com/s/6smqqgagrck8ltwztwnw08x1ope6k0mi,12ecd2809c35c574672cb2b1b22323aa9de1d69a,10/05/2016,2016
VirusBulletin_EvronRaz(10-05-2016),"Apt Reports And Opsec Evolution, Or: These Are Not The Apt Reports You Are Looking For",Virus Bulletin,https://app.box.com/s/6kow9e7d5ogd1qxskl5krels702fwyon,5801fcf1d7fd14cdf2267fd5abac67a448812677,10/05/2016,2016
eset-sednit-part1(10-20-2016),En Route with Sednit Part 1: Approaching the Target,ESET,https://app.box.com/s/c7oz0zci5gxsbgnucxwah82bfdj0boe0,aa59479dccb863926ace7d5a6d87e356eb9dad4a,10/20/2016,2016
eset-sednit-part2(10-25-2016),En Route with Sednit Part 2: Observing the Comings and Goings,ESET,https://app.box.com/s/lmaensc7vzdugsy1nsh4bwligl07q53b,6f1dfb7fc2367f5787b076deb44f37704a682caa,10/25/2016,2016
PaloAlto_Houdinis-Magic-Reappearance(10-25-2016),Houdini's Magic Reappearance,Palo Alto Networks,https://app.box.com/s/y4zzbao34iv483op59h1dettrwgoe7li,242a98ec10de9c8044a355cbac843987d891b264,10/25/2016,2016
VectraNetworks_Moonlight-Targeted-attacks-MiddleEast(10-26-2016),Moonlight - Targeted attacks in the Middle East,Vectra Networks,https://app.box.com/s/f7p6hmdojxrh6mzs91yvjmpgz528b7h9,2ad4ca5919036c23d608723cebd6eca8cd6d7240,10/26/2016,2016
Forcepoint_BITTER-Targeted-attack-Pakistan(10-26-2016),BITTER: A Targeted attack against Pakistan,Forcepoint,https://app.box.com/s/iegu4jz7v3q0vcvgrkzrnq3w28q3pyne,385ba37be4d0617780a137a81d6593554f0ecc98,10/26/2016,2016
eset-sednit-part3(10-27-2016),En Route with Sednit Part 3: A Mysterious Downloader,ESET,https://app.box.com/s/p4ywd9iqr5fr48nbz5o0nfwwgjkq5itk,2cd04b3b878180782e8467c2cbe69d301a0d98ec,10/27/2016,2016
TrendMicro_BLACKGEAR-Espionage-Campaign(10-27-2016),"BLACKGEAR Espionage Campaign Evolves, Adds Japan To Target List",Trend Micro,https://app.box.com/s/ws5vsndqqi7s17ysrfa39260wqy2ktyt,bd52c0809e379a7dabdb35fcbb07d077f10a6edc,10/27/2016,2016
BoozAllen_ukraine-report-when-the-lights-went-out(11-3-2016),When The Lights Went Out: Ukraine Cybersecurity Threat Briefing,Booz Allen,https://app.box.com/s/pbj4aeiapdbblzs19gzymgsk73sxbe56,6a6ad533b71fd64fc9dd4948e920a0992f637302,11/03/2016,2016
Volexity_Powerduke-Widespread-PostElection-Spear-Phish(11-09-2016),PowerDuke: Widespread Post-Election Spear Phishing Campaigns Targeting Think Tanks and NGOs,Volexity,https://app.box.com/s/wd73vlkdiry8hibkbqvmtsn0bhmzkhgk,d1e4a9dc8b5bd3aaa06b40d5fe8fcefb5328e157,11/09/2016,2016
Trustwave_Carbanak _Anunak_Attack_Methodology(11-14-2016),New Carbanak / Anunak Attack Methodology,Trustwave,https://app.box.com/s/cbclbgiu54ihivxe7bvblwsv1e8jq44h,35f1522128ae21490cc812f5929b961fe0cbdf5c,11/14/2016,2016
Citizenlab_KeyBoy-targeting-Tibetan-Community(11-17-2016),It's Parliamentary: KeyBoy and the targeting of the Tibetan Community,Citizen Lab,https://app.box.com/s/q7rywbgt6s5c380vvjpk643ppcdtdl8v,1c664e6ab6a1e36fb0a1dccb231acfb26e943b19,11/17/2016,2016
Cysinfo_NIC-CyberSecurity-Themed-Spear-Phishing-Target-India(11-30-2016),Malware Actors Using Nic Cyber Security Themed Spear Phishing To Target Indian Government Organizations,Cysinfo,https://app.box.com/s/zsm16yh2sffqr9caehmifmvw2jrrwiga,1b647b1bf39698c459618e7451e556da5c64b8fb,11/30/2016,2016
Microsoft_SIR-Vol21-PROMETHIUM-NEODYMIUM-Updated(12-14-2016),PROMETHIUM and NEODYMIUM: Parallel zero-day attacks targeting individuals in Europe,Microsoft,https://app.box.com/s/12f9s3qxwk4oyr1vwfpaxco9p50xc2v8,31b0c92ff842596ed58185bb84c7dc4542059e85,12/14/2016,2016
PaloAlto_Sofacy-DealersChoice-Attacks(12-15-2016),Let It Ride: The Sofacy Group's DealersChoice Attacks Continue,Palo Alto Networks,https://app.box.com/s/7u92nzu48zg6kq0pmtlh9pj8p6jmjmrt,706ee4a2d806ebd510a7d0bf3640b6d7f6da74fc,12/15/2016,2016
Crowdstrike_DangerClose-FancyBear-Tracking-Ukrainian-FieldArtilleryUnits(12-21-2016),Danger Close: Fancy Bear Tracking of Ukrainian Field Artillery Units,Crowdstrike,https://app.box.com/s/77t5ropot0e1yy0r1i5g8s9bsvvnq6t3,860387572ad036bfde33775ee89e7d92fa5d0aae,12/21/2016,2016
Crowdstrike_FancyBearTracksUkrainianArtillery(12-22-2016),Use of Fancy Bear Android Malware tracking of Ukrainian Artillery Units,Crowdstrike,https://app.box.com/s/8lj785rl608lsmf80bwvtuxb7b9mscxy,31fff8f0aab57b8edf24a77d7be9c10375ace768,12/22/2016,2016
tr1adx_Bear-Hunting-APT28-Tracking(12-28-2016),Bear Hunting Season: Tracking APT28 ,tr1adx,https://app.box.com/s/py4k1124p7hqacfb6dlkghvsh5xte2zw,692ba080ccce9cb14121d88225dcae18a3149a8a,12/28/2016,2016
USCERT_GRIZZLY STEPPE(12-29-2016),GRIZZLY STEPPE - Russian Malicious Cyber Activity,US-CERT,https://app.box.com/s/5q1827f6ig94an0buhsk9i8k7e0eju8w,6c167fbcf1f24da37ded712e81f46cb82acdc3c0,12/29/2016,2016
tr1adx_Digital-Plagarist-Carbanak(01-01-2017),The Digital Plagiarist Campaign: TelePorting the Carbanak Crew to a New Dimension,tr1adx,https://app.box.com/s/7pr8b7cy9liv1bi88ha7frtzgrjycex3,b7dc94c416b4e9c080448f76a9cfbdfd211c1a8c,01/01/2017,2017
Clearsky_Iranian-OilRig-Delivers-Signed-Oxford(01-05-2017),"Iranian Threat Agent OilRig Delivers Digitally Signed Malware, Impersonates University of Oxford",Clearsky,https://app.box.com/s/o3jg5us2c3lmeszk1m09hmenca0xnmgc,37b20be7b373b82bda3d72b17b21e2e41feba382,01/05/2017,2017
PaloAlgo-DragonOK-Updates-Tools-Targets-Multiple-Regions(01-05-2017),DragonOK Updates Toolset and Targets Multiple Geographic Regions,Palo Alto Networks,https://app.box.com/s/50tu7yfcrcj3ntj6b894rq6londdps34,e093f2ddb288f71bdd0d8b7652b8fd43934aa358,01/05/2017,2017
Forcepoint-MMCore-Fileless-Returns-BigBoss-SillyGoose(01-05-2017),Mm Core In-Memory Backdoor Returns As Bigboss And Sillygoose,Forcepoint,https://app.box.com/s/4et31m42g0m8b1cj2ly2idlgruli1io6,b62c407ee38c26946eff590f87a8ea186865a9a9,01/05/2017,2017
UnitedStates_-Senate_Committee_-on_Armed_Services-Clapper-Lettre-Rogers(01-05-2017),Foreign Cyber Threats to the United States,US Senate Committee on Armed Services,https://app.box.com/s/a2yfu1q6j67gi6om5uum34if5cnztln2,a2c34f3b86cabbe9b99fb5456b763be432ac83c9,01/05/2017,2017
FireEye_APT28-Center-of-Storm(01-11-2017),At the Center of the Storm: Russia's APT28 Strategically Evolves its Cyber Operations,FireEye,https://app.box.com/s/bh072li8eyb2daq5cnd88l1lms6ujhgf,f5eb271671c7a2def034329d77843ac296266b0c,01/11/2017,2017
tr1adx_Dope-Story-Bears(01-14-2017),A Pretty Dope Story About Bears: Early Indicators of Continued World Anti-Doping Agency (WADA) Targeting,tr1adx,https://app.box.com/s/7i5o08f6dd9j6idvav7kwek3sg0cyw5n,798348eb3a5019929eab49cafd36e67617970b78,01/14/2017,2017
tr1adx-Bear-Spotting-Vol1(01-15-2017),Bear Spotting Vol. 1: Russian Nation State Targeting of Government and Military Interests,tr1adx,https://app.box.com/s/7q3rd2vov9uhkxmbpqax8vsdjafxnebm,80f2bd5c1796cf0980515170da333662ff58a992,01/15/2017,2017
Cysinfo-Uri-KashmirProtest-Phishing-targeting-Indian-Embassies(01-19-2017),URI Terror Attack & Kashmir Protest Themed Spear Phishing Emails Targeting Indian Embassies And Indian Ministry Of External Affairs,Cysinfo,https://app.box.com/s/aw4frbwy7jj5iqlhn9mas4qmc8ogfljg,479a70bbfa14396cebb0e4768c8521a53b899337,01/19/2017,2017
Citizenlab_NilePhish-Large-Scale-Targeting-Egyptian(02-02-2017),Nile Phish: Large-Scale Phishing Campaign Targeting Egyptian Civil Society,Citizen Lab,https://app.box.com/s/3140tmwszf3q0ywh3jl9uhwjxyckmgv5,7a53a9ae6b4445a626e1c2d642703aaa3f01af97,02/02/2017,2017
Badcyber_Polish-banks-hacked-information-stolen-unknown-attackers(02-03-2017),"Several Polish banks hacked, information stolen by unknown attackers",Badcyber,https://app.box.com/s/7s2s43nlaqxllf4ugef1vyvkm3mr0ryt,2b5d73d85ea4173b9fa128f351bfaea0f778e52f,02/03/2017,2017
kingslayer-a-supply-chain-attack(02-03-2017),KingSlayer A Supply chain attack,RSA,https://app.box.com/s/u4dkqqj56anyzuhxvg890k7d3g0oybyu,74962bac9526b55dfcd0c6690b2980f7483e587b,02/03/2017,2017
US-CERT-AR-17-20045_Enhanced_Analysis_of_GRIZZLY_STEPPE_Activity(02-10-2017),Enhanced Analysis of GRIZZLY STEPPE Activity,US-CERT,https://app.box.com/s/zfhxta0cuh9yycoelyzaxgc03ir4b18u,7f8c3d1d34755bd52f850bad0bc2dc1db6783661,02/10/2017,2017
Cysinfo-Targeting-Indian-Navys-Submarine-Warship-Manufacturer(02-10-2017),Cyber Attack Targeting Indian Navy's Submarine And Warship Manufacturer,Cysinfo,https://app.box.com/s/zdwfwsi2pw1081j2reu3qotz577g7pt6,619ad9c2d675c411b5c18457546aa7bcc58b31a7,02/10/2017,2017
BAESystems_Lazarus-Watering-hole-attacks(02-12-2017),Lazarus & Watering-Hole Attacks,BAE Systems,https://app.box.com/s/7wh9z15na9c823vtwo8fhyu2qt6a57df,fddefc914c62f4886d6ce9b889a3fbe8769fa886,02/12/2017,2017
PaloAlto_MagicHound-Campaign-Attacks-SaudiTargets(02-15-2017),Magic Hound Campaign Attacks Saudi Targets,Palo Alto Networks,https://app.box.com/s/qg2l481eu51ab9znszagv2ktlh4bh9z5,8675bdc6c056bf1b8893b60ecda6aa7e75ca550f,02/15/2017,2017
Secureworks_Iranian-PupyRAT-Middle-Eastern-Organizations(02-15-2017),Iranian PupyRAT Bites Middle Eastern Organizations,Secureworks,https://app.box.com/s/ztp64lp34bn9ax4vithevntn6pab6sxz,fd572a383bb94164cb8acb74a4aa8d5beb3b6afb,02/15/2017,2017
IBM_Full-Shamoon(02-15-2017),The Full Shamoon: How the Devastating Malware Was Inserted Into Networks,IBM,https://app.box.com/s/jymqnbm1hyqxboljaq7rv4p3mzizqd0c,21cd740f556c3aded545b3de39071ce066c612f6,02/15/2017,2017
Cyberx_Operation-BugDrop(02-15-2017),Operation Bugdrop: Cyberx Discovers Large-Scale Cyber-Reconnaissance Operation Targeting Ukrainian Organizations,CyberX,https://app.box.com/s/uyl8gatur9prvuv4z0ghjakdcvv5zkrf,e5395ae3b48658a35c56df32d378ee4afab3ced6,02/15/2017,2017
Lookout_ViperRAT-IDF(02-16-2017),ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar,Lookout,https://app.box.com/s/n2ruyugtbigi6yyvg6u2xmt32eyqn8gx,f05008438263f72d69a2ad48ef831832f1bf0072,02/16/2017,2017
Kaspersky_Breaking-Weakest-Link-IDF(02-16-2017),Breaking The Weakest Link Of The Strongest Chain,Kaspersky,https://app.box.com/s/wlwdugbbup1g3kb0ol71eh74qo6e67pd,c0017fe5d8637b3848db4e8783cb05aeefd152ca,02/16/2017,2017
JPCERT_ChChes-CampC-Cookie-Headers(02-17-2017),ChChes - Malware that Communicates with C&C Servers Using Cookie Headers,JPCERT,https://app.box.com/s/ud9z8kc33scu3fwbon1at9lcul9h9hw3,eeba6bed9a01db3c222e37438c5ea519eee7d617,02/17/2017,2017
BAESystems_Lazarus-FalseFlag-Malware(02-20-2017),Lazarus' False Flag Malware,BAE Systems,https://app.box.com/s/t5f8jofli5p969wsc0lydfdzihbnto93,4068d909a958924e1d908f6adc21ea998d1eb891,02/20/2017,2017
ArborNetworks_Additional-Insights-Shamoon2(02-21-2017),Additional Insights on Shamoon2,Arbor Networks,https://app.box.com/s/dt59pijmmnxc3no13g55jbdr325fpnhs,e62338f92ff8ca0d7d6ac031e9a87c46d1a47a66,02/21/2017,2017
Fireeye_SpearPhishing-Targeting-Mongolian-Government(02-22-2017),Spear Phishing Techniques Used in Attacks Targeting the Mongolian Government,FireEye,https://app.box.com/s/sgzri8xt5l6gaodokuvvfjt7emzu0z4o,7cb839427c1ed6c815f18b2677b905128b34e09c,02/22/2017,2017
Bitdefender-Whitepaper-APT-Mac-A4-en-EN-web(02-23-2017),Dissecting the APT28 Mac OS X Payload,Bitdefender,https://app.box.com/s/l7n781ig6n8wlf1aff5hgwbh4qoi5jqq,d206b485a42c611ed9fe6a0b1a3ed086e954bd30,02/23/2017,2017
PaloAlto_Gamaredon-Toolset-Evolution(02-27-2017),The Gamaredon Group Toolset Evolution,Palo Alto Networks,https://app.box.com/s/9wb59m0q2nw315jshwr3launllnnqtht,ea8659fb295612391dde5a4082fb106f677e48be,02/27/2017,2017
Cylance_DeceptionProject-New-Japanese-Centric-Threat(02-27-2017),The Deception Project: A New Japanese-Centric Threat,Cylance,https://app.box.com/s/5l02xyf45l1gww8vet75vom5jmn32m0h,0b30c4bd931d88806fcbd98cb740e5b111fc8f42,02/27/2017,2017
Kaspersky_Report_Shamoon_StoneDrill_final(03-06-2017),From Shamoon to StoneDrill,Kaspersky,https://app.box.com/s/olc867zxc9nkjzm3wkjwi0b0e2awahtn,59a92a3bd0a359bb6353578ab1a241fc50529225,03/06/2017,2017
FireEye-FIN7-SpearPhishing-Targets-SEC-Filings(03-07-2017),FIN7 Spear Phishing Campaign Targets Personnel Involved in SEC Filings,FireEye,https://app.box.com/s/7f2wiynwlbi58vsv206zn0695id5nl0k,ee0ebdcf2454d62dc23d604c472d3112a57274c6,03/07/2017,2017
ClearSky_Operation-Electric-Powder-targeting-Israel-Electric-Company(03-14-2017),Operation Electric Powder - Who is targeting Israel Electric Company?,Clearsky,https://app.box.com/s/w3udybssqsvhno4ekivacbqaetdidjjr,94d25eef5fa8292df1b03a712789d1b0a6a8b39c,03/14/2017,2017
FireEye_APT29-Domain-Fronting-With-TOR(03-27-2017),APT29 Domain Fronting With TOR,FireEye,https://app.box.com/s/8ytb4nym7whlldfvsaivnmsut9ole32h,30438e854db6bb43fb6629c746fb01ccfa8673b8,03/27/2017,2017
PaloAlto_Dimnie-Hiding-Plain-Sight(03-28-2017),Dimnie: Hiding in Plain Sight,Palo Alto Networks,https://app.box.com/s/scdmr7ekxhx4ktprct29ojxyllr41bjq,cbd4f22d9402177c3cbe6f0c30c9e1e876e9c21d,03/28/2017,2017
ESET_Carbon-Paper-Peering-into-Turlas-second-stage-backdoor(03-30-2017),Carbon Paper: Peering into Turla second stage backdoor,ESET,https://app.box.com/s/vmzqwqfrmtdjemtdaei60jqu5qrouwrt,d06b05c9f20c34154b3134a02f9bdfcac5b570e9,03/30/2017,2017
PWC_cloud-hopper-report-final-v4(04-03-2017),Operation Cloud Hopper,PWC,https://app.box.com/s/ifeoa5huug0aqdecsniw7jmrxym0k85i,4082ecd0d6b73061fc12d099d0b1b257b3d6a71d,04/03/2017,2017
Kaspersky_Lazarus-Under-The-Hood-PDF_final(04-03-2017),Lazarus Under The Hood,Kaspersky,https://app.box.com/s/np8kzut76ruc8whb32v7jpexx4bils6z,9a6098c60b1f484550326ece77eb9339ddf2e6fe,04/03/2017,2017
PaloAlto_The-Blockbuster-Sequel(04-07-2017),The Blockbuster Sequel,Palo Alto Networks,https://app.box.com/s/lmzdurawuli1a65uvx4g6e8b9jvede3f,c3bc5c67ac00f64fa55a9e6574c1b2131807848a,04/07/2017,2017
Symantec_Longhorn-Tools(04-10-2017),Longhorn: Tools used by cyberespionage group,Symantec,https://app.box.com/s/jpmrhxe5hbpjv7l7a8x0hlusep41zo5q,2854f4326f7784a76a6bccec982f76334fea02dd,04/10/2017,2017
Proofpoint_APT-Targets-Financial-Analysts-CVE-2017-0199(04-27-2017),APT Targets Financial Analysts with CVE-2017-0199,Proofpoint,https://app.box.com/s/thla4hs15c78z638bw7g5fmjlixmex9b,10a5f550f9265c745b75db913753bbed6c9a0413,04/27/2017,2017
Cysinfo_Attack-Impersonating-Indian-Think-Tank-Target-CBIpdf(05-11-2017),Cyber Attack Impersonating Identity Of Indian Think Tank To Target Central Bureau Of Investigation (cbi) And Possibly Indian Army Officials,Cysinfo,https://app.box.com/s/mmr87n5onrrqiz8gnt93vvifpwn1rvah,d99516fc275a38c063de39c0188a9dc829491e11,05/11/2017,2017
FireEye_Cyber-Espionage-Alive-Well-APT32(05-14-2017),Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations,FireEye,https://app.box.com/s/zutjtgdovy2dc32ktf5347y46eslqxq0,1c8b853a0f1d42979c2d231a728cfb2173c5e991,05/14/2017,2017
RecordedFuture_Chinese-Ministry-State-APT3(05-17-2017),Recorded Future Research Concludes Chinese Ministry of State Security Behind APT3,Recorded Future,https://app.box.com/s/rkactl8fr73y037u6fypz700i4e2dk2m,d3549e1f2aad3cadcae13a201f5291cc3d2eaec6,05/17/2017,2017
Cybereason_Large-Scale-APT-Asia(05-24-2017),Operation Cobalt Kitty: A large-scale APT in Asia carried out by the OceanLotus Group,Cybereason,https://app.box.com/s/0bfouh1vvqc8esyh7tdvw2ttpsqzu1kh,bce3c61603239578e7a1f06fef1c30903ff0d391,05/24/2017,2017
Cybereason_Cobalt-Kitty-ActorsProfiles-IOCs(05-24-2017),Operation Cobalt Kitty Threat Actor Profile & IOC,Cybereason,https://app.box.com/s/qmhs1k5awl5ibders0bwdlt9f9omhm4m,62bad1275ebdb062b9df708c1b71c34e5b92f310,05/24/2017,2017
Citizenlab_Tainted-Leaks-Disinformation-Phishing-With-Russian-Nexus(05-25-2017),TAINTED LEAKS Disinformation and Phishing With a Russian Nexus,Citizen Lab,https://app.box.com/s/wiis486wq7lyb64necfw3qwieikezs40,1721fa3665b069612d0f360fd1dcff628c0a26b1,05/25/2017,2017
FireEye_Privileges-Credentials-Phished-Request-of-Counsel(06-06-2017),Privileges and Credentials: Phished at the Request of Counsel,FireEye,https://app.box.com/s/sj821a63jgyif6xv2yz4gnut8kxgg7lo,6bc4c4b9d535e6579029edd185a930156ef4d353,06/06/2017,2017
Microsoft_PLATINUM-evolve-find-ways-to-maintain-invisibility(06-07-2017),"PLATINUM continues to evolve, find ways to maintain invisibility",Microsoft,https://app.box.com/s/iryvk6gcqx4qyzfn245ruoo7syyex2yv,c8f8d4cea73e6941d5b6bfe0caffbdd26d0ace2d,06/07/2017,2017
ESET_Win32_Industroyer(06-12-2017),WIN32/INDUSTROYER A new threat for industrial control systems,ESET,https://app.box.com/s/ec8zyav7snvm6vsfhy8ocvvngphe8lqp,9e6f9b8b5b22c32c1ec5d53ed1992f8f83013140,06/12/2017,2017
Dragos_CrashOverride-01(06-12-2017),CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations,Dragos,https://app.box.com/s/cl2m9xiifjoz0iajwthet2eaeyp26e13,f86cc703b475135372a6639e12d4651121e23fff,06/12/2017,2017
ThreatConnect_KASPERAGENT-Campaign-resurfaces-May-Election(06-14-2017),KASPERAGENT Malware Campaign resurfaces in May Election,ThreatConnect,https://app.box.com/s/vye9qg0l3u5180jk03mwul4p7wlc3gvo,cd8ae99c908220d52b892089c5d18ed39b0d0937,06/14/2017,2017
RecordedFuture_North-Korea-Is-Not-Crazy(06-15-2017),North Korea Is Not Crazy,Recorded Future,https://app.box.com/s/tb68b0jfrwg7ji1o01jw28def2lp86y7,197a1f8aaefbf84a993a8f02372ddcf6e9ac5a01,06/15/2017,2017
Secureworks_Bronze-Butler-Report(06-23-2017),Bronze Butler,Dell Secureworks,https://app.box.com/s/fz7ranw75zxuh6mc1023igycp1x96fs4,e8e651ded2d19cb62556e14a2e79eec1e897c55d,06/23/2017,2017
Kaspersky-From-BlackEnergy-to-ExPetr(06-30-2017),From BlackEnergy to ExPetr,Kaspersky,https://app.box.com/s/n13ohbzc6qkod8yqxay19pnltnecchev,fd25688495cc576eabf45affd51a9f2a2b85399b,06/30/2017,2017
ESET_TeleBots-Supply-chain-attacks-against-Ukraine(06-30-2017),TeleBots are back: supply-chain attacks against Ukraine,ESET,https://app.box.com/s/740pmk3f6nrhfbj9nmcvovc64oah2ibi,8f2ab51999dfbd55e7bf6f15862b1a89ce6ebf72,06/30/2017,2017
Citizenlab_Campaign-Chinese-language-news-sites(07-05-2017),An intrusion campaign targeting Chinese language news sites,Citizen Lab,https://app.box.com/s/kbror3u3vgqkn7u167u34fg41dtxwfpy,e7a8a3e11bb427a1ca3e9c7f63decbc3e9310e47,07/05/2017,2017
Bitdefender_Whitepaper-Inexsmar-A4-en-EN(07-18-2017),Inexsmar: An unusual DarkHotel campaig,Bitdefender,https://app.box.com/s/mlbeyha2vu6a5b8ystgdk6fdew4f6r98,39e53915de468512258066c3ae2875770bd68c45,07/18/2017,2017
Sentryo_EBOOK_CYBERATTACKS-AGAINST-UKRAINIAN-ICS(07-18-2017),Cyberattacks Against Ukrainian ICS,Sentryo,https://app.box.com/s/73gjx8wibk847zi2zq8cya9fj1ycqqxe,821e2036f0c3d06c508ad8c3442ef789d86d5bd6,07/18/2017,2017
Clearsky_Operation_Wilted_Tulip(07-25-2017),Operation Wilted Tulip,Clearsky,https://app.box.com/s/s0c9085u0otvi6slu121mqikt5h5dzvn,71cb0af91eb32f444cd97f40934b0337e03fd379,07/25/2017,2017
TrendMicro_ChessMaster-Makes-its-Move(07-27-2017),ChessMaster Makes its Move: A Look into the Campaign's Cyberespionage Arsenal,Trend Micro,https://app.box.com/s/g91aiwwkewqq147ueb0zj9okpfvs9z8m,01c32ccd1e596dbf0437b318f5ed5554a14c252a,07/27/2017,2017
RSA_Russian-Bank-Offices-Phishing-Wave(08-18-2017),Russian Bank Offices Hit with Broad Phishing Wave,RSA,https://app.box.com/s/xgtoqdnl8tdviws0jgvxnj8oniia4qqr,c42879e3e3393f1cd6a716273d4eee1b023029bd,08/18/2017,2017
Kaspersky_Introducing-WhiteBear(08-30-2017),Introducing WhiteBear,Kaspersky,https://app.box.com/s/ck26ekr69wmhxk6hyii507o09p20eixs,3dc6e80fc5ef663d8c211416165bf7110c0888df,08/30/2017,2017
ESET_Gazer(08-30-2017),Gazing at Gazer,ESET,https://app.box.com/s/sqiber6gp1q75h6r4eq89fjeeur2mz8h,2c5e1689900d6f92ec985be4f9f1df9f9b52de30,08/30/2017,2017
Symantec_Dragonfly-Western-energy-sector-targeted(09-06-2017),Dragonfly: Western energy sector targeted by sophisticated attack group,Symantec,https://app.box.com/s/4kpnzlrdqdcg3cq02hz4zj8nmjd9iywi,c7d082f04cb0d613c04517d0d6dec2d76a866c6b,09/06/2017,2017
FireEye_CVE-2017-8759-Used-Wild-Distribute-FINSPY(09-12-2017),CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY,FireEye,https://app.box.com/s/mgz7lvnbg6bjhjognrlc7ovqdcqpbhgo,290a67462a2eaf75bef1a154709616e5e8accd29,09/12/2017,2017
Intezer_Evidence-Aurora-Supply-Chain-Attack-CCleaner-Part1(09-20-2017),Evidence Aurora Operation Still Active: Supply Chain Attack Through CCleaner,Intezer,https://app.box.com/s/o8rait7di3od2z60v8mj77x4a5jb2xun,31bdd3f34c5583dc156b99986f5695368d103daa,09/20/2017,2017
PaloAlto_Threat-Actors-Target-Government-Belarus-Using-CMSTAR-Trojan(09-28-2017),Threat Actors Target Government of Belarus Using CMSTAR Trojan,Palo Alto Networks,https://app.box.com/s/d8vup5qyc8poenl8e760pzau9mt0kdih,2cca07b8341b01d6a1eae3e10c8644532cfce14f,09/28/2017,2017
Intezer_Evidence-Aurora-Supply-Chain-Attack-CCleaner-Part2(10-02-2017),Evidence Aurora Operation Still Active: Supply Chain Attack Through CCleaner part2,Intezer,https://app.box.com/s/pszqtsxza5quthzuz31pqwypaf6idzum,0b53ce14766ad66118edce7cbe62ff2926fbd281,10/02/2017,2017
BAESytems_Taiwan-Heist-Lazarus-Tools-Ransomware(10-16-2017),Taiwan Heist: Lazarus Tools And Ransomware,BAE Systems,https://app.box.com/s/t3sys73oilmytcsz38e6ihnjbp4ymxyo,0d9aab08a0ef223d0fba363b8c2ed4d0093ee291,10/16/2017,2017
Kaspersky_BlackOasis-APT-zero-day(10-16-2017),BlackOasis APT and new targeted attacks leveraging zero-day exploit,Kaspersky,https://app.box.com/s/8ydblix231swgmjochzrvchwxcedis8z,18f110cc5441d442f5aa14b9b456fce56e59d8f4,10/16/2017,2017
CiscoTalos_Cyber-Conflict-Decoy-Document-Used-In-Real-Cyber-Conflict(10-22-2017),Cyber Conflict Decoy Document Used In Real Cyber Conflict,Cisco,https://app.box.com/s/pm3fv6ll7l10d3qfcld1w4l0bqy5ajxo,ff6b2725045833863974787939889f35cf71ca02,10/22/2017,2017
Clearskysec_IranianThreatAgent-Greenbug(10-24-2017),Iranian Threat Agent Greenbug Impersonates Israeli High-Tech and Cyber Security Companies,Clearsky,https://app.box.com/s/fga01c36ebgqga5ic0a4o73j5jq9vdvr,34fd37ba9b0b6181f0a7342cb1204c55a9c2137b,10/24/2017,2017
RiskIQ_htpRAT-Malware-Attacks(10-26-2017),Remote Control Interloper: Analyzing New Chinese htpRAT Attacks Against ASEAN,RiskIQ,https://app.box.com/s/ecn72owuoet5p0f916qutvsqv20rmmps,83bc7df01a0a0a638d5bae228c1fcc0c34884ca4,10/26/2017,2017
PaloAlto_Tracking-Subaat-Phishing-Leads-Threat-Actors-Repository(10-27-2017),Tracking Subaat: Targeted Phishing Attack Leads to Threat Actor's Repository,Palo Alto Networks,https://app.box.com/s/35pitp2iml5h6y1b420kbojn82k2hcdl,ca676e9c6c05be3a8fafdd40bf0b861a11bbb875,10/27/2017,2017
NAOUK_Investigation-WannaCry-cyber-attack-and-the-NHS(10-27-2017),Investigation: WannaCry cyber attack and the NHS ,NAO UK,https://app.box.com/s/gevfjbqv1n4j9j80zvtj2eh9lx1nlrs5,db1db6be0d6564d5bff88843845c53d3540017aa,10/27/2017,2017
PWC_KeyBoys-are-back-in-town(11-02-2017),The KeyBoys are back in town,PWC,https://app.box.com/s/fjeyg8km8vu1a2bu0itwe9pv8zqfl3gs,02a369792c2bb0ac187236215efcf16f8c033c53,11/02/2017,2017
TrendMicro_ChessMasters-New-Strategy-Evolving-Tools-Tactics(11-06-2017),ChessMaster's New Strategy: Evolving Tools and Tactics,Trend Micro,https://app.box.com/s/0rt1hrxzbo2il7vmjfyye25qrgdabova,83092276fe4d5c3c656d5811413f4560e3653a41,11/06/2017,2017
Volexity_OceanLotus-Mass-Digital-Surveillance-Targeting-ASEAN-Media(11-06-2017),OceanLotus Blossoms: Mass Digital Surveillance and Attacks Targeting ASEAN,Volexity,https://app.box.com/s/hqvakm9c1tqmsq69xz253rhpwipb44vf,43b8a4716abedd6f8b2c9e2cda5b038407a0cfb4,11/06/2017,2017
McAfee_APT28-Office-Malware-Doc-Citing-NYC-TerrorAttack(11-07-2017),Threat Group APT28 Slips Office Malware into Doc Citing NYC Terror Attack,McAfee,https://app.box.com/s/1utq97k5oowxze0qsvbeur8u4zs0yny5,ce610914fa4b49e4ba6fb04d36d88a488eddc774,11/07/2017,2017
PaloAlto_OilRig-Deploys-ALMA-DNS-Tunneling-Trojan(11-08-2017),"OilRig Deploys ""ALMA Communicator"" - DNS Tunneling Trojan",Palo Alto Networks,https://app.box.com/s/bseq5v27hez248arjyaypa7nt03omjvx,6df36ad15520973c3af5e17748c7b1a2f72f7011,11/08/2017,2017
RSA_the-carbanak-fin7-syndicate(11-22-2017),The Carbanak/Fin7 syndicate,RSA,https://app.box.com/s/kos1krnm5s1r47do98nlyv6y9jcybf12,54fb362a0c807a40c4d0a0bc35bde59ed84f0f98,11/22/2017,2017
NCSC_Turla-Neuron-Nautilus-Snake-malware_1(11-22-2017),Turla group using Neuron and Nautilus tools alongside Snake malware,NCSC,https://app.box.com/s/316mbg901wxjdarmtdlj6v4qv29a0ge8,316cd38c3939a4f862b611888a489672c014b651,11/22/2017,2017
RSA_the-shadows-of-ghosts-carbanak-report(11-30-2017),Inside the Response of a Unique CARBANAK Intrusion,RSA,https://app.box.com/s/egwg3so00e433s191jow7xlb1o27z7m7,06c63b54de2848bff9557bc9c49bf75906273fb2,11/30/2017,2017
Clearsky_Charming_Kitten_2017(12-05-2017),Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists,Clearsky,https://app.box.com/s/3eqrk7r3hvx4e61vznh61mmw75u3zira,bba8af0fe4254863c86aafeedb7d86f7af7b0e99,12/05/2017,2017
Clearsky_Charming-Kitten-2017(12-05-2017).csv,Charming Kitten: CSV Data,Clearsky,https://app.box.com/s/gair4givf0gt8ga4c65vtkj3na9wba2n,e55cf58e470f10affdb7dd0664868d014a2c8d13,12/05/2017,2017
Dragos_TRISIS-01(12-14-2017),TRISIS Malware,Dragos,https://app.box.com/s/lczcjm4izqlu3fuve5lf7yof2gpcxn0h,c9534efcbf1a9c020ba864ee090e0c0b03d32181,12/14/2017,2017
Fireeye_ICS-Attack-Framework-TRITON(12-14-2017),"Attackers Deploy New ICS Attack Framework ""TRITON"" and Cause Operational Disruption to Critical Infrastructure",FireEye,https://app.box.com/s/yvlm1esfazyp5ktx6ximkj2l9nkh6sk9,b0d8df40d920ddbd5372adef63486c23545a141c,12/14/2017,2017
ProofPoint_us-wp-north-korea-bitten-by-bitcoin-bug(12-19-2017),North Korea Bitten by Bitcoin Bug,Proofpoint,https://app.box.com/s/xez1hl78xz2l55mqe5cqvlwb5ytckhxf,d8ba9a371c7dc7e6608b92e8a671b82191d6c67a,12/19/2017,2017
TrendMicro_Update-PawnStorm-Politically-Motivated-Campaigns(01-12-2018),Update on Pawn Storm: New Targets and Politically Motivated Campaigns,Trend Micro,https://app.box.com/s/1wrl9umiiziapt9qxnt3kyv195k1kjui,fa6a1828636af0c6bc1feab3748e741b9123c174,01/12/2018,2018
Lookout_Dark-Caracal_srr_20180118_us_v.1.0(01-18-2018),Dark Caracal Cyber-espionage at a Global Scale,Lookout,https://app.box.com/s/f1zm9fcemfnuthad4yb8oz2rbplc3t41,d5c605fd42adb5312d17a54d246d8178a6a9094c,01/18/2018,2018
NCSC_Turla-Neuron-Malware-Update(01-18-2018),Turla group update Neuron malware,NCSC,https://app.box.com/s/o72u9tsw4zifxmktac4oreizhlud67ga,a91289e835991b389e01254492d0fe84aeb21752,01/18/2018,2018
Fireeye_rpt_APT37(02-20-2018),APT37 (Reaper): The Overlooked North Korean Actor,FireEye,https://app.box.com/s/144qx5sbghcvom6k0ivz77h1t5gbg3d8,8742755080062ec87eb6ae0059fd7925cde83a9b,02/20/2018,2018
Dragos_2017-Review-Industrial-Control-System-Threats(03-01-2018),Industrial Control System Threats,Dragos,https://app.box.com/s/w9t6wtjcwv393lkspa75yxxr04umqqzw,c7ab93fca304e61cca180f7e2e43f2071a85c749,03/01/2018,2018
McAfee_Hidden-Cobra-Turkish-Financial-Sector-Bankshot-Implant(03-08-2018),Hidden Cobra Targets Turkish Financial Sector With New Bankshot Implant,McAfee,https://app.box.com/s/a5yxk9ttke0l3wg054ub6tgb54hwp35a,f6ebca71a6ed6d77b662d8f855d6db90194102d1,03/08/2018,2018
NCCGroup_APT15-alive-analysis-RoyalCli-RoyalDNS(03-10-2018),APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS,NCC Group,https://app.box.com/s/4qi7z4cclbg0746pa1x3qfpxtn6zamfd,3de01836586fa9b94c0ab55e84ad715b2af4aa3c,03/10/2018,2018
Intezer_Lazarus-Cryptocurrency-Exchanges-FinTech-Companies(03-28-2018),Lazarus Group Targets More Cryptocurrency Exchanges and FinTech Companies,Intezer,https://app.box.com/s/yepeditzh0t0upifbucv99utoretbbzl,97c1a7625602d1dc66a153016ac63631f9b65d82,03/28/2018,2018
Fireeye_mtrends-2018(04-05-2018),M-TRENDS2018,FireEye,https://app.box.com/s/9r6yokyvcgwedbgdwtk80w54ai2ut8dt,4f6055c44e39ff39898e5d4f3f05bf6fad74af85,04/05/2018,2018
Fireeye_rpt-fin6(04-20-2018),Follow The Money: Dissecting the Operations of the Cyber Crime Group FIN,FireEye,https://app.box.com/s/74lm8z2znl12kfeufvkruzo659iogms6,86d217e501fdd470311a9f623ca825f50c1d90b6,04/20/2018,2018
Kaspersky_EB_public_FINAL_EN_20042018(04-23-2018),Energetic Bear/Crouching Yeti: attacks on servers,Kaspersky,https://app.box.com/s/mmsfl4zgirj7zlncmx5162vkn1n6q0f2,70cd520c9b5860acb9e27cb19ad0b1270687d688,04/23/2018,2018
401TRG_Burning_Umbrella(05-04-2018),Burning Umbrella,401TRG,https://app.box.com/s/fg13wm1gi656siqyxm1zegy6mubhu523,65dbdb2c06922707a0979295c9645c71cf0d2963,05/04/2018,2018
RecordedFuture_cta-2018-0509(05-09-2018),Iran's Hacker Hierarchy Exposed,Recorded Future,https://app.box.com/s/qeoob1udtmrfbuivwhs0bbth62g2x7mu,a79482c2974edab7268fe843e75b834fb073dbaa,05/09/2018,2018
Intrusiontruth_The-destruction-ofAPT3(05-22-2018),The destruction of APT3,Intrusiontruth,https://app.box.com/s/w317rctu3q7wwn8pzy51fgwuvshsd2ig,6fa8f171b0c54e32f84947822529ec3577304030,05/22/2018,2018
Kaspersky_LuckyMouse-datacenter-waterholing-campaign(06-13-2018),LuckyMouse hits national data center to organize country-level waterholing campaign,Kaspersky,https://app.box.com/s/325jld1s8ymwd8a56jcao39i6cbc1m8g,6c2a04c303f73b5babacb999ff10008584eaf254,06/13/2018,2018
Kaspersky_OlympicDestroyerisstillalive(06-19-2018),Olympic Destroyer is still alive,Kaspersky,https://app.box.com/s/v49iu7e3x1tawdlpcj7f0wp76js4tl3i,267c3ec477cc853b163bb41a8fd82cdf6c51f4db,06/19/2018,2018
Kaspersky_APT-Trends-Report-Q2-2018(07-10-2018),APT Trends Report Q2 2018,Kaspersky,https://app.box.com/s/ws8ul8en6if6gfh3dde9od2kgstvijji,0ce2a58c7b5cfd8b5299ecbe9321e4124c1b4066,07/10/2018,2018
Fortinet_Russian-Decoy-Leads-BISKVIT(08-20-2018),Russian Army Exhibition Decoy Leads to New BISKVIT Malware,Fortinet,https://app.box.com/s/9y7hpv3evobjjpw8c3mnq1sgrqrxpt4d,e3fc342ccb48ec97aeec128210e04da127d5a94f,08/20/2018,2018
ESTSecurity_ESRC-1808-TLP-White-IR002_RocketMan_English(08-22-2018),"OPERATION ""Rocket Man""",ESTSecurity,https://app.box.com/s/93olse6t4ugbbpqe3wdjmxgi4efbjq7v,bc542b523ca87d2dad6195cb0f41885ff08e4507,08/22/2018,2018
Crowdstrike_Two-Birds-One-STONEPANDA(08-30-2018),"Two Birds, One STONE PANDA",Crowdstrike,https://app.box.com/s/uupum93o78ta8zw7fsl8fv3nyzlpsvpi,6ae6923748844d1fbb0a08d07d6bcb1112122796,08/30/2018,2018
Checkpoint_Domestic-Kitten-Iranian-Surveillance-Operation(09-07-2018),Domestic Kitten: An Iranian Surveillance Operation,Checkpoint,https://app.box.com/s/48z6mq7k6xlzicxbj9360eskrta92fbm,60ffe642ed8d9d2171b4c44729c4687fe493e87d,09/07/2018,2018
McAfee_rp-operation-oceansalt(10-17-2018),Operation Oceansalt Delivers Wave After Wave,McAfee,https://app.box.com/s/ltu4qau4bolnol75znojizgczf1xsh2x,1bf64f3fe87c916e250e3c9058d7de553e1cbbd2,10/17/2018,2018
Mcafee_OperationSharpshooter(12-12-2018),https://securingtomorrow.mcafee.com/blogs/other-blogs/mcafee-labs/operation-sharpshooter-targets-global-defense-critical-infrastructure/,McAfee,https://app.box.com/s/vsx9duzr1pzh67ua7oqzit2ydprpwpgb,f9c7b343afa46a5051d17fbf8299f46e28319ee6,12/12/2018,2018
PaloAlto_Shamoon3-Targets-Oil-and-Gas(12-13-2018),Shamoon 3 Targets Oil and Gas Organization,Palo Alto Networks,https://app.box.com/s/6suj8mg93cyvduhx0ie2ts5ikki3ox2y,956aca96f9534169cc8e43fefdbc869d48b75676,12/13/2018,2018
Kaspersky_Chafer-Remexi-Iran-diplomatic(01-30-2019),Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities,Kaspersky,https://app.box.com/s/s41gyec3zirgpgysovuhc2dj065ecrdy,b4972c4bc6cc763054e9cfd16970303c7a0f6c35,01/30/2019,2019
SecureSoft_Lazarus_Russia(02-20-2019),Attacks Of The Lazarus Cybercriminal Group Attended To Organizations In Russia,SecureSoft,https://app.box.com/s/7vam6qq35nn1a7se265galj9i2tyzhwo,d110dd857cf8a4cc6d9d0f529e799e96fcf6121f,02/20/2019,2019
DellSecureworks_Peek-BRONZE-UNION-Toolbox(02-27-2019),A Peek into BRONZE UNION's Toolbox,Dell Secureworks,https://app.box.com/s/i8anwgmoww6w8xwow43uwxrfrqz6irkz,1486155a4fdba37407cb86965e3a5e894a7fe0a1,02/27/2019,2019
Qihoo360_PatBear-APT-C-37-Armed-Organizations-Attacks(03-25-2019),Pat Bear (APT-C-37),Qihoo 360,https://app.box.com/s/gv5ug3d8shq5d6uuj6vb8nfgemtpznil,eefffff049213f895e81e03bcd27d0d7be2c8b1e,03/25/2019,2019
Cylance_OceanLotus-Steganography-Malware-Analysis-White-Paper(04-02-2019),OceanLotus APT Group Leveraging Steganography,Cylance,https://app.box.com/s/xcpoqhjuinsed58c8b36mo8omkf6ikcv,6645296c925133446d4e213a547235692761d5c2,04/02/2019,2019
CiscoTalos_SeaTurtle-DNS-hijacking-April(04-17-2019),DNS Hijacking Abuses Trust In Core Internet Service,Cisco,https://app.box.com/s/dtb6vitjf1ytxlemaszvktq12k1pr8ck,936b76720ffc221066235838b40ef9e7548c58ab,04/17/2019,2019
Fireeye_CARBANAK-Week-1-Rare-Occurrence(04-22-2019),CARBANAK Week Part One: A Rare Occurrence,FireEye,https://app.box.com/s/l3dcqd6i8rnmxgi0ykd9zfmlwctcaq1g,d0506df85bd5faf87a4a67e6affcde4ce9dda48f,04/22/2019,2019
Fireeye_CARBANAK-Week-2-CARBANAK-SourceCode-Analysis(04-23-2019),CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis,FireEye,https://app.box.com/s/etrhh2gb4df9sybsieg3xs1j9mx6yw8s,9468ff9d1bc06b4c9f187e4ab55ae485750d6c5b,04/23/2019,2019
Fireeye_CARBANAK-Week-3-Behind-CARBANAK-Backdoor(04-24-2019),CARBANAK Week Part Three: Behind the CARBANAK Backdoor,FireEye,https://app.box.com/s/rel5slouyleepdl3u7xilbmzsuk091n3,98775eb539a512859a786f6292cc6f6db04916b2,04/24/2019,2019
Fireeye_CARBANAK-Week-4-CARBANAK-Desktop-Video-Player(04-25-2019),CARBANAK Week Part Four: The CARBANAK Desktop Video Player,FireEye,https://app.box.com/s/30mizln4f525yv482qqampa8vybjj764,7de0fbb852cc5be3fce91725a1b0aeb9abe3a43b,04/25/2019,2019
ThaiCERT-A_Threat_Actor_Encyclopedia(06-19-2019),Threat Group Cards: A Threat Actor Encyclopedia,ThaiCERT,https://app.box.com/s/3hup3rrxsdvx4gii88aag7p0c4dd8033,bb2713205e66ebc71b31c97af9406ec6387fdb8f,06/19/2019,2019
Symantec_Waterbug-Group-NewToolset(06-20-2019),Waterbug: Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments,Symantec,https://app.box.com/s/u5p5eae02amqr2n0zg7017cx43t1icwz,9d996d92194bf386a8e7555d618eb5cf183e379a,06/20/2019,2019
Cybereason_Operation-SoftCell-Telecom(06-25-2019),Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers,Cybereason,https://app.box.com/s/mulzqlcbp076rv44ku9rcmjaw3fjkqhm,31cb2f45b6a0cf0234088a2c05a9e69bfe444d4b,06/25/2019,2019
CiscoTalos_SeaTurtle-DNS-hijacking(07-09-2019),"Sea Turtle keeps on swimming, finds new victims, DNS hijacking techniques",Cisco,https://app.box.com/s/nnixcicwsuf8f5l1k1cxq7e36rp0q1bf,bb8c51c9f8f64d656a65c3f7c3b34f2135f8264c,07/09/2019,2019
Fireeye_APT34-Invite-Join-Professional-Network(07-18-2019),Hard Pass: Declining APT34's Invite to Join Their Professional Network,FireEye,https://app.box.com/s/xrhqs26aajdbb92ivgoenotrdykup5uu,f937f0fe43db587ba38a755f06fa76bcd75d47c7,07/18/2019,2019
Fireeye_rpt-apt41(08-07-2019),APT41: A Dual Espionage and Cyber Crime Operation,FireEye,https://app.box.com/s/tijt08320isuaywxn1swd2uvbus7v7zl,30de1a1401504cd9f028862b821b98348b53e676,08/07/2019,2019
Fireeye_APT41-Dual-Espionage-Cyber-Crime-WebPage(08-07-2019),APT41: A Dual Espionage and Cyber Crime Operation,FireEye,https://app.box.com/s/0pvkz8uf1ozvinoec0sufupzzhblkumn,251adf184f43ba9101a4f3df9ff87da065eb58b3,08/07/2019,2019
Kaspersky_Recent-Cloud-Atlas-activity(08-12-2019),Recent Cloud Atlas activity,Kaspersky,https://app.box.com/s/i3x6bxmcche1jwn0j91tll3ln3shzyk6,474e2d3e3f4a8c45f73a2c34ff568c3c7d51e400,08/12/2019,2019
Fireeye_GAMEOVER-Detecting-Stopping-APT41-Operation(08-19-2019),GAME OVER: Detecting and Stopping an APT41 Operation,FireEye,https://app.box.com/s/tm7vgs6gp84kz44xee2oh8xdqesnnmn5,8093d518676b9c7a41b83927198e16c08b187dbb,08/19/2019,2019
Symantec_Tortoiseshell-Targets-ITProviders-Saudi-Supply-Chain(09-18-2019),Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks,Symantec,https://app.box.com/s/ovf9il8mblb3szopr9q6gw2en6k61e4p,b5072f526ef09287443c6a4b437a2219fb62c5d1,09/18/2019,2019
Contextis_AVIVORE-Aerospace-Supply-Chain(10-03-2019),AVIVORE - Hunting Global Aerospace through the Supply Chain,Contextis,https://app.box.com/s/jzzs9epfezg1oxqthimjsi4llk0hxhpo,f0fbe7cbd9b7a3d77550a48e6ac853593ca182bb,10/03/2019,2019
Clearsky_The-Kittens-Are-Back-in-Town-2-1(10-07-2019),The Kittens Are Back in Town 2,Clearsky,https://app.box.com/s/mnhv0kovo856xhocnetpcu1ta5f3iju2,ed60cfb74a60a22fba34b7d85fec2e4b5ca72024,10/07/2019,2019
Crowdstrike_huge-fan-of-your-work-intelligence-report(10-14-2019),Huge Fan of Your Work: TURBINE PANDA C919 Passenger Jet,Crowdstrike,https://app.box.com/s/c9dbxjqdb52l6im90wzt5qom9pho22vo,d30068cc3f5856ba52df3b019e5eaa8653e22d77,10/14/2019,2019
ESET_Operation_Ghost_Dukes(10-19-2019),Operation Ghost,ESET,https://app.box.com/s/vx5jjdejjunjzizwsfl7g4gm163vn4nh,d6f66a51549b7c2090135e8cb8c40a68c152018d,10/19/2019,2019
calypso-apt-2019-eng(10-31-2019),Calypso APT: new group attacking state institutions,Positive Technologies,https://app.box.com/s/7vzrq3frrll02n1gx4ssbtljnbgl0h7w,fa36f2632e6b9ff400f8b3ad9539f3bf4a586dec,10/31/2019,2019
Kaspersky_DarkUniverse-APT-framework27(11-05-2019),DarkUniverse - the mysterious APT framework 27,Kaspersky,https://app.box.com/s/art5rlfy1079wxmma9c0wu0jjtax2a55,4af537ca5ddf17db79dc32d4599e62434eaef1b3,11/05/2019,2019
Deepinstinct_Untanglin-Legion(12-18-2019),Untangling Legion Loader's Hornet Nest of Malware,Deepinstinct,https://app.box.com/s/k5zrxyqw1q5aoaog5allrvzakqw5q62h,4b99bc3975386ba8e0daa9ddda4dd9efc8595b7e,12/18/2019,2019
Symantec_SED_GEN_Report_IAP-WP100(01-24-2020),Current Iran-Associated Cyber Threats,Symantec,https://app.box.com/s/syruqqq3lz9h3jv1io3cvyvl3zlcfdhb,05b243bd81b310656d3348ee6d508de2f12a50d4,01/24/2020,2020
Fireeye_APT41-Global-Intrusion-Campaign(03-25-2020),This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits,Fireeye,https://app.box.com/s/fiy6f8qswv4yn57kj40gjd56k324vwli,5c1475cda2594e45e4f09bfc0c8b351fa70117b9,03/25/2020,2020
Kaspersky_Transparent-Tribe-Evolution-analysis-part1(08-20-2020),"Transparent Tribe: Evolution analysis, part 1",Kaspersky,https://app.box.com/s/ujm0zncu4yslx1tvu6aes0qzm5nhvjyg,87ab4c2ff18e568da5932e17ea24c76d9a467938,08/20/2020,2020
Kasperskty_Transparent-Tribe-Evolution-analysis-part-2(08-26-2020),"Transparent Tribe: Evolution analysis, part 2",Kaspersky,https://app.box.com/s/2cpsj31ackb2zx5mzayhds76mcndofxr,8c286ad8cb46ace5ab34ccdcf19269b92a0778a7,08/26/2020,2020
ESET_Lazarus-supply-chain-attack-SouthKorea(11-16-2020),Lazarus supply-chain attack in South Korea,ESET,https://app.box.com/s/opajzpvg0i3c0gncj3eranvuhdxajckd,d775eada6c8549d916011b4505bc4862328c454b,11/16/2020,2020
Vincss-RE018-ChinaPanda-attack-supply-chain-against-Vietnam-1(12-19-2020),China Panda attacks supply chain against Vietnam Government Certification Authority - Part1,Vincss,https://app.box.com/s/7kpp4fupti1rrzasopaggbaj8rgyi3aa,e22b4351d5cdae2ce8ec011d65b1b2753fa32b65,12/19/2020,2020
Truesec_Collaboration-Between-FIN7-RYUK-Group(12-21-2020),Collaboration Between FIN7 and the RYUK Group,Truesec,https://app.box.com/s/l5qo26svapfgstgy4xv6i9flqpubn6h2,532cc87c0ed43a88186014fba9fe3152bb785c3a,12/21/2020,2020
Kaspersky_Lazarus-covets-COVID-19-related-intelligence(12-23-2020),Lazarus covets COVID-19-related intelligence,Kaspersky,https://app.box.com/s/ytn76ij5ch9dccabwmbbbr6jb68n6294,9fc555a3933061d78232c6bff01c52e10dd473fb,12/23/2020,2020
Uptycs_RevengeRAT-Targeting-Users-SouthAmerica(12-29-2020),Revenge RAT Targeting Users in South America,Uptycs,https://app.box.com/s/ysik1zbkccxzk2cveh1yeez8w7yv0v9m,9dc10a08df2833941a79f04ee5dd9d48e354cb8f,12/29/2020,2020
RecordedFuture_pov-2020-1230(12-30-2020),SolarWinds Attribution: Are We Getting Ahead of Ourselves?,RecordedFuture,https://app.box.com/s/88n1nrdowilucktgut8m89466pdg2802,b555bc89a3a85a38751c79a996685e07d2b86767,12/30/2020,2020
Microsoft_New nation-state cyberattacks(03-02-2021),New nation-state cyberattacks,Microsoft,https://app.box.com/s/5mz8kyhvzxks9walmcq2ofsdtk1ics3h,9d1be61ac8a5f9fb884ea281009ca60c6bc9505c,03/02/2021,2021
Cybereason_PortDoor -ChineseAPT-Targets-Russian-Defense-Sector(04-30-2021),PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector,Cybereason,https://app.box.com/s/ktld8f7rvgtwn8g6zgx2stx26xypr7ck,c02efad2fd7ed95d44749a8f72d57ecb46f9b9af,04/30/2021,2021
Talos_InSideCopy(07-07-2021), InSideCopy: How this APT continues to evolve its arsenal ,Talos,https://app.box.com/s/6cqbzi2d8nerurekjgw9e7e0pgi828ni,2f44839afed1c12fd6e2e7f0fa8dd38dd632b065,07/07/2021,2021
Kaspersky-LuminousMothAPT-Sweeping-attackspdf(07-14-2021),LuminousMoth APT: Sweeping attacks for the chosen few,Kaspersky,https://app.box.com/s/v7po0a45ua8rz0vhbb7pnc6gocrs3lfq,a4d6f4b61271e4b5b7d4796d39ebae5b8b7e1728,07/14/2021,2021
Volexity_NorthKorean-APT-InkySquid-Infects-Victims-Using-Browser-Exploits(08-17-2021),North Korean APT InkySquid Infects Victims Using Browser Exploits,Volexity,https://app.box.com/s/c2iqdutgo5p6de0dfe3f6mh9flinb8q7,c807a583c68a2ca537c680e17ed6a20c9d3f0491,08/17/2021,2021
Inquest_Kimsuky-Espionage-Campaign(08-23-2021),Kimsuky Espionage Campaign,Inquest,https://app.box.com/s/t7evyuuhbdiqo9q3mtowy9exwn9flner,9327fb3746782368434192779e9c71bf63d20361,08/23/2021,2021
TrendMicro_earth-baku-indo-pacific-countries(08-24-2021),APT41 Resurfaces as Earth Baku With New Cyberespionage Campaign,Trend Micro,https://app.box.com/s/qtqlwejty7xz8wj8osz98webycgo5j9x,f5ba5f8240569e08da4796deb95b89ee1340d03d,08/24/2021,2021
Anomali_FIN7-Windows11-Themed-Drop-Javascript-Backdoor(09-02-2021),FIN7 Using Windows 11 Alpha-Themed Docs to Drop Javascript Backdoor,Anomali,https://app.box.com/s/33zj46v2nv1cxiging8hc1w4j4zy05ip,2d4ba0588b082e5b07f41bc5245dc57bd61c9921,09/02/2021,2021
Cyble_APT-Targets-Indian-Defense-Enhanced-TTPs(09-14-2021),APT Group Targets Indian Defense Officials Through Enhanced TTPs,Cyble,https://app.box.com/s/x6otivaxer0pf3hmkfzgwchig41xr7ac,56fb96e4d2cd53c6683763d1f81cc69c71e8f9c6,09/14/2021,2021
Cyble_APT-Targets-Indian-Defense-Enhanced-TTPs(09-14-2021),APT Group Targets Indian Defense Officials Through Enhanced TTPs,Cyble,https://app.box.com/s/x6otivaxer0pf3hmkfzgwchig41xr7ac,56fb96e4d2cd53c6683763d1f81cc69c71e8f9c6,09/14/2021,2021
Talos-OperationArmorPiercer(09-23-2021),Operation Armor Piercer: Targeted attacks in the Indian subcontinent using commercial RATs,Cisco,https://app.box.com/s/5zr8u8h2xy4tbllcxhashoq48cyetlfk,2dd9a2380a1145b88d521cc1cd413d7716958810,09/23/2021,2021
PaloAlto-Godzilla-Webshell(11-07-2021),"Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer",PaloAlto,https://app.box.com/s/73oze0g532ngowz0wocvgw31o20u976u,5879f7a783531da3de5dc49323b224193d33a9bc,11/07/2021,2021
Fortinet_Phishing-Targeting-Korean-Agent-Tesla-Variant(12-10-2021),Phishing Campaign Targeting Korean to Deliver Agent Tesla New Variant,Fortinet,https://app.box.com/s/03bx0kiz8yyy8x2k8qh0ravuucb6sapq,299c27eb159fe1a4bfbe577d7e483cee054d2d96,12/10/2021,2021
AhnLab_Analysis-Report-of-Kimsuky-Group(01-05-2022),"Kimsuky Group's APT Attacks (AppleSeed, PebbleDash)",Ahnlab,https://app.box.com/s/iygnjm6cv5mwzlry3ct3dtor049ci6pk,3cef77aed2d0be3eeacd1f63d421ece2656f7a93,01/05/2022,2022
CISA_AA22-011A_TLP-WHITE_01-10-22_v1(01-11-2022),Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure,cisa,https://app.box.com/s/koq21d7ksa28pr3oyq0cbyo1gdbho2u3,61a5eb27ef3e633be66583c127de39fe19be7fb8,01/11/2022,2022
Zscaler_Molerats-APT-targeting-Middle-East(01-20-2022),New espionage attack by Molerats APT targeting users in the Middle East,zscaler,https://app.box.com/s/rdyrweucsdh23c55ts8eohtmtw4h7n71,ccd8bb80544272f65b22974f8769c60a60e09ee6,01/20/2022,2022
mp.weixin.qq.com_Falseflag-Sea-lotus-Glitch(01-20-2022),False flag or upgrade? Suspected sea lotus uses the Glitch platform to reproduce the attack sample,Blog,https://app.box.com/s/yaffihlkuu2yavua8gudd3ctqzikza6x,35428b46bb9785b339a3459fb35e184d711dbb99,01/20/2022,2022
Trellix_PrimeMinisters-Details-Espionage-Campaign(01-25-2022),Prime Minister's Office Compromised: Details of Recent Espionage Campaign,Trellix,https://app.box.com/s/ob3ngre0h78qxu0r7u40f810ejd7g57i,3593410f781e8eb7a90bf4416630e3d34f6eec0f,01/25/2022,2022
bfv_cyber-brief-Nr1(01-26-2022),BfV Cyber-Brief Nr. 01/2022,BfV,https://app.box.com/s/d4x8p8nu3658yhlwarws1b8tq3h80g6w,c17307c0c37e409e7fc8a7b163b82670f3fce9b2,01/26/2022,2022
MalwareBytes_NorthKoreas-Lazarus-APT-Windows-Update-GitHub(01-27-2022),"North Korea's Lazarus APT leverages Windows Update client, GitHub in latest campaign",MalwareBytes,https://app.box.com/s/iv0aw805g6rsqt0fqk4rm7wbujl90oev,99973488f071190f68c62602b55da4c1e6f5c339,01/27/2022,2022
Crowdstrike_StellarParticle-Campaign-Novel-Tactics-Techniques(01-27-2022),Observations from the StellarParticle Campaign,crowdstrike,https://app.box.com/s/hbbt1tdp1nr2p7tesf1qqm9ehgn8bgfu,a16e7cba15ff41a224278d6cb7037e65d8cf6e8b,01/27/2022,2022
CyberGeeks_Lazarus-Malware-Notepad-Shell-Extension(01-31-2022),A detailed analysis of Lazarus APT malware disguised as Notepad++ Shell Extension,Cyber Geeks,https://app.box.com/s/0gxt5eqkmufgjev73f11zu3yx20yjlhk,c6ac7b0a3ee46801869cb818527c42054be86652,01/31/2022,2022
Symantec_Shuckworm-Cyber-Attacks-Ukraine(01-31-2022),Shuckworm Continues Cyber-Espionage Attacks Against Ukraine,Symantec,https://app.box.com/s/px3ro986hh3mvw0hqxr9n9n45tilygy2,c345da781e48105661251b94261c83e8d52058d2,01/31/2022,2022
cert.gov.ua_CERT-UA-3799(02-02-2022),Cyber attack of UAC-0056 group on state organizations of Ukraine using malicious programs SaintBot and OutSteel (CERT-UA #3799),CERT-UA,https://app.box.com/s/gti3fn10hlnanb6c7y50g5n16w8t4cqc,f2d9a3ed66dbeb41b5887dab7308059f8e3e6fc4,02/02/2022,2022
Symantec_Antlion-ChineseAPT-Target-Financial-Taiwan(02-03-2022),Antlion Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan,Symantec,https://app.box.com/s/5ig1yhx66416nra8b9bdpgla1cbg0aoe,b1bd49f1ce653a470d0a8be83bb02b9140eeba34,02/03/2022,2022
PaloAltoNetworks_Russias-Gamaredon-PrimitiveBear-Targeting-Ukraine(02-03-2022),Gamaredon (Primitive Bear) Russian APT Group Actively Targeting Ukraine,palo alto networks,https://app.box.com/s/bhitsulabbr6y4d8jz56ljweejy7htqf,80649c8b4cfc9987a5b747021917cd53f2c433e5,02/03/2022,2022
Microsoft_ACTINIUM-Ukrainian-organizations(02-04-2022),ACTINIUM targets Ukrainian organizations,microsoft,https://app.box.com/s/0qxv3fc5yx2j8lbv1ftlvmaakuy0nrsk,58a7dc800d633da1fad1756815d0e71ad120b60f,02/04/2022,2022
Kaspersky_Roaming-Mantis-reaches-Europe(02-07-2022),Roaming Mantis reaches Europe,Kaspersky,https://app.box.com/s/49t7lzqqzep1wj8nd6gu4i8bosi8ms8v,137293cfe2aa7df93d22e44862dbfac8f6ff3aa5,02/07/2022,2022
Proofpoint_UggBoots-Palestinian-Aligned-Espionage(02-08-2022),Ugg Boots 4 Sale: A Tale of Palestinian-Aligned Espionage,proofpoint,https://app.box.com/s/tkiardlg3bj6k1llkdnnr9n9glxj4246,eb3ae8c7166d76aa564ab94457383f5321b45f81,02/08/2022,2022
SentinalOne_modified-elephant-apt(02-09-2022),Modified Elephant APT and a Decade of Fabricating Evidence,SentinalOne,https://app.box.com/s/u4ugjnwl2w9f7pdfz22uh1l7cqc3xpdr,892e3677718b44d08c8b95f63867c55215931363,02/09/2022,2022
HVSConsulting_EmissaryPanda(02-14-2022),"The APT fallout of vulnerabilities such as ProxyLogon in Exchange (Hafnium), OGNL injection, and log4shell",HVS Consulting,https://app.box.com/s/mkk5m9l8oozhmwvkqwqkc4uosuwqd6ru,957289a738576160892bcaca22df777d63d586ed,02/14/2022,2022
Fortinet_DriveGuard-Moses-Staff-Campaigns(02-15-2022),Guard Your Drive from DriveGuard: Moses Staff Campaigns Against Israeli Organizations Span Several Months,fortinet,https://app.box.com/s/7p28si8yrjdrag1cvr43843itdscx8ur,d10d8afa48caf110f7e2261e6a5521231d96800d,02/15/2022,2022
Proofpoint_Charting-TA2541s-Flight(02-15-2022),Charting TA2541's Flight,proofpoint,https://app.box.com/s/7vgs0ycvhmheyxski6g4766n9i49gq6i,baccd5c5f70b4f98227f3628558b3e4a0d2ceb84,02/15/2022,2022
Telsy_BabaDeda-LorecCPL-Outsteel-Ukraine(02-16-2022),BabaDeda and LorecCPL downloaders used to run Outsteel against Ukraine,telsy,https://app.box.com/s/uobrphf3bkfzyy4wt9tqh41v4m09bggk,4622da4f28cb5b28c61aaebc8eaa43ed4bfd45e2,02/16/2022,2022
nsfocus_Lorec53-LoriBear-Ukraine(02-16-2022),APT Group LOREC53 (Lori Bear) Recently Launched A Large-Scale Cyber Attack On Ukraine,nsfocus,https://app.box.com/s/japcw7r6uxnvyenklx06h21veadvdxvy,d883d94dd0cc7257751177e42a32bd5a85796b03,02/16/2022,2022
alyac_NKorea-digital-asset-wallet-customer-center(02-16-2022),North Korea-linked APT attack found disguised as a digital asset wallet service customer center,ESTSecurity,https://app.box.com/s/sn6863bx5gk1i1o2kw7t5m2fk5s1f6iq,fdf53fac0af9cced76179fb1b9df0ce009952e36,02/16/2022,2022
Sentinelone_Log4j2-TunnelVision-Exploiting-VMware-Horizon(02-17-2022),Iranian-Aligned Threat Actor ,SentinelOne,https://app.box.com/s/q1943pvy0ps4oftxo5iad7ngt4py5y51,29ba4e36eaa5cd7c1a612f10f7ba53fb275cd6e5,02/17/2022,2022
Sentinelone_HermeticWiper-Ukraine(02-23-2022),HermeticWiper - New Destructive Malware Used In Cyber Attacks on Ukraine,sentinelone,https://app.box.com/s/h298v7gvjrs3yla6djys8pir9vayv6vo,6889710cb527eb5d941412a7145d68bbbfa12a10,02/23/2022,2022
Mandiant_UNC2596-Observed-Leveraging-Vulnerabilities-Cuba-Ransomware(02-23-2022),UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware,Mandiant,https://app.box.com/s/1zhix5sctq830bokn4in5tc7q6ks8u8r,97d56a7fe645bf9914b5547b5efa6f3ef3234ac0,02/23/2022,2022
CISA_AA22-055A_Iranian_Government-Sponsored_Actors_Conduct_Cyber_Operations(02-24-2022),Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks,cisa,https://app.box.com/s/653jbuah6rtf91u8v6sz330fka14gy8z,cd6ceecd02ed516cf106bf855e81fd26b1b51aed,02/24/2022,2022
Symantec_Ukraine-Disk-wiping-Russian-Invasion(02-24-2022),Ukraine: Disk-wiping Attacks Precede Russian Invasion,Symantec,https://app.box.com/s/0rgnnq0iav3fb7nrpfutf3pynwbpqsv2,63e5676ff2013e825dc31e0631369dd466bc4599,02/24/2022,2022
PaloAltoNetworks_SockDetour-Fileless-Socketless-Backdoor(02-24-2022),SockDetour Backdoor Targets U.S. Defense Contractors,palo alto networks,https://app.box.com/s/sp477maf6mq20whuv6gk4pr3us0xas7c,7f8679add7d3c25bc6f32fb644a1ee78eb007c7b,02/24/2022,2022
Mandiant_Telegram-Malware-Iranian-Activity(02-24-2022),Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity,mandiant,https://app.box.com/s/faiqlsm5s7q931y1j2kgi1mlmxjfwd70,20ceb7bd73b288a0f83d8e9c7c70f2f6bdb876a9,02/24/2022,2022
Fortinet_Nobelium-Returns(02-24-2022),Nobelium Returns to the Political World Stage,Fortinet,https://app.box.com/s/grtbac6jg31vc1dkogzj6ahzd886luay,dd9bef5bda6d31741d435529fc2193c89bdf4a19,02/24/2022,2022
PaloAlto_Spear-Phishing-Ukraine-OutSteel(02-25-2022),"OutSteel, SaintBot Delivered by Spear Phishing Attacks Targeting Ukraine",Palo Alto Networks,https://app.box.com/s/zu56d4dlvwyeik8spst0ct2mr0o7mo8c,60dcb5754259d9b9ef82db3a226b8f9409a6e7fb,02/25/2022,2022
CISA_AA22-057A_Destructive_Malware_Targeting_Organizations_in_Ukraine(02-26-2022),Destructive Malware Targeting Organizations in Ukraine,cisa,https://app.box.com/s/ap7ff8tdnem5jfchj71odbpye700vy98,4e0945984dd92c9f9cdcf37350d5df56e28311f8,02/26/2022,2022
ESET_IsaacWiper-HermeticWizard-targeting-Ukraine(03-01-2022),IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine,ESET,https://app.box.com/s/5ieu30a7o5c6pxdqxiok5jl7mg1yeiea,3c60522829454e2b55e2f2544e24668948bf980a,03/01/2022,2022
Proofpoint_Asylum-Ambuscade-Ukrainian-Military-Emails-Target-European(03-01-2022),Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement,proofpoint,https://app.box.com/s/u534ihlwhaxv8k1wke1aos1d4cqwui2f,2972b297a603cd2b70e365ce6db4d58846cdb802,03/01/2022,2022
RecordedFuture_mtp-2022-0302(03-02-2022),HermeticWiper and PartyTicket Targeting Computers in Ukraine,RecordedFuture,https://app.box.com/s/t5hdmw12wxi1vi0nwnvz4tv8zeh1quc8,afd4c1685181d626ba8169f95ba50c655dd8d33d,03/02/2022,2022
Ahnlab_Malicious-Hangul-disguised-pressreleases-presidential-election(03-03-2022),Distribution of malicious Hangul documents disguised as press releases for the 20th presidential election,Ahnlab,https://app.box.com/s/6xy2tbwriztdpy8frdkjknwvfta61n2z,4ed602d14da6ffdcef5a9a04f1adfe906f2bca2e,03/03/2022,2022
Mandiant_Summary-APT41-Targeting-US-State-Governments(03-08-2022),A Summary of APT41 Targeting U.S. State Governments,Mandiant,https://app.box.com/s/jtahutqqimavakqi7ynau7sdxrvrsw3s,4625a11ec7fb6b97ac5e4882aec5c1a143483bef,03/08/2022,2022
Lab52_Lazyscripters-double-compromise-single-obfuscation(03-09-2022),Very very lazy Lazyscripter's scripts: double compromise in a single obfuscation,Lab52,https://app.box.com/s/3rr58tcaqth9rn1ege689pq4f94zjsgx,7f124e29c43dfa42c4e4d87b26bd3e18d15d21d4,03/09/2022,2022
Cisco_Iranian-MuddyWater-regionally-focused-subgroups(03-10-2022),Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups,talosintelligence,https://app.box.com/s/r0nmwkejtgytsl6q6i60hrwxgbdbzetz,367ba69c8a0502752e921709a50e98b72a8903da,03/10/2022,2022
CISA_AA22-074A_Russian_State-Sponsored_Cyber_Actors_Gain_Network_Access_by_Exploiting_Default_MFA_and_PrintNightmare(03-15-2022),Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and ,CISA,https://app.box.com/s/xlvqxbk7fgpgz8zzu38u0ppaobq3nvg3,8df1840dd0b1f01264da0b9d90fa6d7eabff892d,03/15/2022,2022
Sentinelone_UAC-0056-Targeting-Ukraine-Fake-Translation-Software(03-15-2022),Threat Actor UAC-0056 Targeting Ukraine with Fake Translation Software,Sentinelone,https://app.box.com/s/howogtsvvmqdljp5y4iupj6udhr970mv,000215f424ffd26d7d1b06832490fec8a501e8eb,03/15/2022,2022
Mandiant_An-Overview-of-UNC2891(03-16-2022),An Overview of UNC2891,Mandiant,https://app.box.com/s/088994cnkgtar1ple8lear5ro00bxkuz,bf8e86195d1ccbd22938606a9f2f9086f91c6dfc,03/16/2022,2022
Proofpoint_Serpent-Backdoor-Targets-French-Entities(03-21-2022),"Serpent, No Swiping! New Backdoor Targets French Entities with Unique Attack Chain",Proofpoint,https://app.box.com/s/kmcy16dup3hdx3dzpbay2vd240j9ffs0,6fa14891cb1ded25243eedebcf706769b9db24d1,03/21/2022,2022
TheDFIRReport_APT35-Automates-Initial-Access-Using-ProxyShell(03-21-2022),APT35 Automates Initial Access Using ProxyShell,TheDFIRreport,https://app.box.com/s/effdjg8nuddhq3e9ooywuesizw5b0e3w,8b002310687d229d011cb32a6c888ffc2469c491,03/21/2022,2022
Avast_Operation-Dragon-Castling-APT-targeting-betting-companies(03-22-2022),Operation Dragon Castling: APT group targeting betting companies,Avast,https://app.box.com/s/xtmf4vkiyrwbnyk9dp0aa3v3aoe7zoc9,57578072d22b95901e875f19cfb7ead3002d07f1,03/22/2022,2022
CISA_AA22-054A New Sandworm Malware Cyclops Blink Replaces VPN Filter(03-23-2022),New Sandworm Malware Cyclops Blink Replaces VPNFilter,CISA,https://app.box.com/s/2izfjfe8wgev78jqsawow0lozxtkaf4z,1e7b9c2fb9c9533572df9070f118b15bdbcb6104,03/23/2022,2022
DrWeb-telecom_research_en(03-24-2022),Study of an APT attack on a telecommunications company in Kazakhstan,DrWeb,https://app.box.com/s/eos2gobtpnad1b9rblhy4g4ganpgdgk0,c848df52070b8baac8ccb65d4a223c2370e75469,03/24/2022,2022
cert.gov.ua-CERT-UA-4293(03-28-2022),UAC-0056 cyberattack on Ukrainian authorities using GraphSteel and GrimPlant malware,CERT_UA,https://app.box.com/s/s9jqmfj3eqvzuvbmap8tj673tj37giqd,e557448d4f67e12c6427dd89258b166a91b04ba7,03/28/2022,2022
Malwarebytes_spear-phishing-targets-Russian-dissidents(03-29-2022),New spear phishing campaign targets Russian dissidents,malwarebytes,https://app.box.com/s/s039oerz3q94v671d1goa5z8ok29u2gu,e4ea89258b2eae980abd091e9b813783422fb4e4,03/29/2022,2022
Ahnlab-APT-disguised-NorthKorean-defector-resume-VBS-script(03-29-2022),APT attack disguised as North Korean defector resume format ,Ahnlab,https://app.box.com/s/jvno7qknmcxx4i50fhov6jubdliltmsd,c5d7e2c9666e64d3d2c303b365b38a07e24026a6,03/29/2022,2022
CiscoTalos_TransparentTribe-bespoke-malware-target-Indian-gov-officials(03-29-2022),Transparent Tribe campaign uses new bespoke malware to target Indian government officials,Cisco,https://app.box.com/s/x4c798599srccjv65ciodew9hrv7mss1,0c0ff45c3ade035d3827a8850ac0cc6c3b067446,03/29/2022,2022
QAX_VajraEleph-Cyber-espionage-against-Pakistani-military(03-30-2022),VajraEleph from South Asia - Cyber espionage against Pakistani military personnel revealed,QAX,https://app.box.com/s/xlvbw8uodjh4jtqg3h0u5vm898kiwa34,a1c958967e9f8aa2caf1633099e2223b83b6ebd0,03/30/2022,2022
Fortinet_DeepPanda-Log4Shell-Digitally-Signed-Fire-Chili-Rootkits(03-30-2022),New Milestones for Deep Panda: Log4Shell and Digitally Signed Fire Chili Rootkits,Fortinet,https://app.box.com/s/y1uuj9no6pq6acfcne8lb1laj23jyxtj,065fe12cd3ae9dd718d0d2d9032ff16f2e12d7a8,03/30/2022,2022
Kaspersky_Lazarus-Trojanized-DeFi-delivering-malware(03-31-2022),Lazarus Trojanized DeFi app for delivering malware,Kaspersky,https://app.box.com/s/lr0zeiso7p52izl4rxwktljkmzpbfnbi,3ca55acc1173d75d9cbf3beb66dfb32e7503e957,03/31/2022,2022
Sentinelone_AcidRain-Wiper-Rains-Down-Europe(03-31-2022),AcidRain: A Modem Wiper Rains Down on Europe,Sentinelone,https://app.box.com/s/40p7timt5jlultr9k7mhsub6h4kjkktu,3e9f3cd1c4cf394a7bdaa9f918b6bc0407de7346,03/31/2022,2022
RecordedFuture_Chinese-targeting-IndianPowerGrid-ta-2022-0406(04-06-2022),Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group,recordedfuture,https://app.box.com/s/pbyaz149mzgliglrrm07vstvnf4kr14y,0b1b32b1d1f2cf93f41966c2eb607df4845a1c5f,04/06/2022,2022
Qianxin_Analysis of the Suspected Lazarus Attack Activities against South Korean Companies(04-11-2022),Snow abuse and gluttony: Analysis of suspected Lazarus attack activities against Korean companies,Qianxin,https://app.box.com/s/r1g8ofc5i4b8h7bgwig4r53k5zi9coro,d2c884f5d1d49194f6688d640bb71dbb50ad332e,04/11/2022,2022
Microsoft_Tarrask-malware-scheduled-tasks-defense-evasion(04-12-2022),Tarrask malware uses scheduled tasks for defense evasion,microsoft,https://app.box.com/s/sod0q4n05p736xgu9v0mp02fddf66ljs,0d80c5b363a71f4f69736cddf9b9bc2e1a632697,04/12/2022,2022
cert.gov.ua-CERT-UA-4435(04-12-2022),Cyberattack by Sandworm Group (UAC-0082) on energy facilities of Ukraine using malicious programs INDUSTROYER2 and CADDYWIPER,CERT-UA,https://app.box.com/s/quzxjttnqs9os9im11qztck3frmi37iw,69ff06f54e2333e8102da79694ce8cb2429fac5d,04/12/2022,2022
cert.gov.ua-CERT-UA-4435(04-12-2022),Cyberattack by Sandworm Group (UAC-0082) on energy facilities of Ukraine using malicious programs INDUSTROYER2 and CADDYWIPER,CERT-UA,https://app.box.com/s/quzxjttnqs9os9im11qztck3frmi37iw,69ff06f54e2333e8102da79694ce8cb2429fac5d,04/12/2022,2022
Symantec_Lazarus-Targets-Chemical-Sector(04-14-2022),Lazarus Targets Chemical Sector,Symantec,https://app.box.com/s/94475t981w6nufnaj1hv0v7igdzvie9b,be31a634d4139e6223c50cc18cc69916ba585475,04/14/2022,2022
cert.gov.ua-CERT-UA-4464(04-14-2022),Cyberattack on state organizations of Ukraine using the malicious program IcedID,CERT-UA,https://app.box.com/s/m60pwqycvss74wpsa4rxcqkr5u1l8prj,24129608075aa7b7a8e3a726a5b009c30bae881e,04/14/2022,2022
inquest_Nobelium-Israeli-Embassy-Maldoc(04-18-2022),Nobelium - Israeli Embassy Maldoc,Inquest,https://app.box.com/s/91pxyu4f26183haf3dy0dyc723silaed,609414f31b49c22b7d212df8686ab2a5d1daa9d6,04/18/2022,2022
cert.gov.ua-CERT-UA-4490(04-18-2022),"Cyberattack on state organizations of Ukraine using the topic ""Azovstal""",CERT-UA,https://app.box.com/s/zkk7y68zicnnb7pu9v8z6lftmkobmxzh,6c477457f9443000c20ae8292713e926dc12ad97,04/18/2022,2022
Ahnlab-Lazarus-attack-group-exploits-INITECH-process(04-18-2022),Lazarus attack group that exploits the INITECH process,Ahnlab,https://app.box.com/s/suzn8gylygua4rmjabn1tqzh5vxetue3,bdbe3c5510aab146d327e72ab50768503021175b,04/18/2022,2022
CISA_AA22-108A-TraderTraitor-North_Korea_APT_Targets_Blockchain_Companies(04-18-2022),TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies,CISA,https://app.box.com/s/u3xcft78hvt00u6hfkxewho4vn01xiu9,49f91b6196d02311aa43b5c72bbd28b7d1d3b905,04/18/2022,2022
Symantec-Shuckworm-Espionage-Group-Campaign-Against-Ukraine(04-20-2022),Shuckworm: Espionage Group Continues Intense Campaign Against Ukraine,Symantec,https://app.box.com/s/0kwypesas8xwv9a43cu3l5x9d632gyy6,d6d27a3621ad8ef77df6c6c9644d8deb4a32c2ba,04/20/2022,2022
Stairwell-threat-report-The-ink-stained-trail-of-GOLDBACKDOOR(04-21-2022),The ink-stained trail of GOLDBACKDOOR,stairwell,https://app.box.com/s/q8cy0c5l8wpddfq60i4dccc2wucqsasf,095c763cb66c58a7f61e97b0dcd7328ae0a51d59,04/21/2022,2022
Zscaler-Naver-ending-game-Lazarus-APT(04-26-2022),"A ""Naver"" ending game of Lazarus APT",zscaler,https://app.box.com/s/gjrg4ujjlpfpkakfrzgeh7z9c0qvd68m,e2b266f4afeaf7b3f608df75ab62abdc23f7941f,04/26/2022,2022
Symantec_Stonefly-North Korea-Continues-High-value-Targets(04-27-2022),Stonefly: North Korea-linked Spying Operation Continues to Hit High-value Targets,Symantec,https://app.box.com/s/aaubak30ry3tyox9elzknurce4by7lxq,ec0ff900599235d4e4103a9c6ea980ff54cc0a2c,04/27/2022,2022
nccgroup_LAPSUS-Recent-TTPs(04-28-2022),"LAPSUS$: Recent techniques, tactics and procedures",nccgroup,https://app.box.com/s/542vkzhswgr4y5w17jz3k5hmiu7e5rig,e8c33cefaf9dc42acf2d668cf78d781fdf17c240,04/28/2022,2022
CISA_AA22-057A_Destructive_Malware_Targeting_Organizations_in_Ukraine-r2(04-28-2022),Update: Destructive Malware Targeting Organizations in Ukraine,cisa,https://app.box.com/s/leuoeise3zmmleyz3tiov7izt4s6xllf,1d7d0bb200a0725926d92c5bea1f452453efcfec,04/28/2022,2022
Mandiant_UNC3524-Eye-Spy-Email(05-02-2022),UNC3524: Eye Spy on Your Email,Mandiant,https://app.box.com/s/55fjwqbquh3crcy0whh74fl9khmmyncy,88eac247905e7a62616e25117c29997cb3660307,05/02/2022,2022
CiscoTalos_GamaredonAPT-targets-Ukrainian-new-campaign(09-15-2022),Gamaredon APT targets Ukrainian government agencies in new campaign,CiscoTalos,https://app.box.com/s/gxxd8gxjcgjfw3o9bjh1wfver5ewd251,abee4fba459156eb4b681f95337c5fade2e24385,09/15/2022,2022
Checkpoint_Cloud-Atlas-targets-Russia-Belarus-amid-Ukraine(12-09-2022),Cloud Atlas targets entities in Russia and Belarus amid the ongoing war in Ukraine,checkpoint,https://app.box.com/s/b20i9u35k3os7h3dlt38emxzmymbb38j,ce2bb5a0741a4bdd6f9cb96a205603388c2e8323,12/09/2022,2022
PaloAlto_Russias-TridentUrsa-GamaredonAPT-CyberConflic-Operations-Ukraine(12-20-2022),Russia's Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine,Palo Alto,https://app.box.com/s/2xgd6r6ttw57hlg1gx0k2g72earqc9oy,7ffa8cc48d900c15e6ac08b104610f82011496c5,12/20/2022,2022
Checkpoint_BlindEagle-Targeting-Ecuador-Sharpened-Tools(01-05-2023),BlindEagle Targeting Ecuador With Sharpened Tools,checkpoint,https://app.box.com/s/02999kyg7rhnghwp8v7g1zp8njpmslu3,3a904da819b8adb107998f6408249cf29ce950cb,01/05/2023,2023
Group-ib_DarkPink(01-11-2023),"Dark Pink: New APT hitting Asia-Pacific, Europe that goes deeper and darker",Group-ib,https://app.box.com/s/ppyx56ezndrsoc9n1ju68z4c86d6t093,e5c9ee752a09cc290bd5bd6c40b9c14241586ff7,01/11/2023,2023
Eclecticiq_MustangPandaAPT-EUThemed-Lure-PlugX(02-02-2023),Mustang Panda APT Group Uses European Commission-Themed Lure to Deliver PlugX Malware,Eclecticiq,https://app.box.com/s/3r1jwpewyxlnj8efx3tr6ctw9d2xghsf,f9dc47847698fb913f004b17525a16d37a7c711c,02/02/2023,2023
Trendmicro_New-APT34-Malware-Targets-MiddleEast(02-02-2023),New APT34 Malware Targets The Middle East,Trend Micro,https://app.box.com/s/9us9hqv5o7pnbt748p9g0o6lg3w7vdgo,8e4de1d12b7d3b27bb649689bab287dcf1f5fe46,02/02/2023,2023
Symantec_Graphiron-Russian-Malware-Deployed-Against-Ukraine(02-08-2023),Graphiron: New Russian Information Stealing Malware Deployed Against Ukraine,Symantec,https://app.box.com/s/zgagcatygwcejaltkg40ij84aavt5cll,232cfeb4ee7a1e9aae111eebb5574dcc970e0d9b,02/08/2023,2023
Ahnlab_Dalbit-m00nlight-Chinese-APT-Campaign(02-13-2023),Dalbit (m00nlight): Chinese Hacker Group's APT Attack Campaign,Ahnlab,https://app.box.com/s/y8jswf42eqblw5m6cv5h7nkmy1q60dmn,f8464b2e4c8ac43e64aaf9c3034286da17a2b91b,02/13/2023,2023
Checkpoint_Operation-Silent-Watch-Desktop-Surveillance-Azerbaijan-Armenia(02-16-2023),Operation Silent Watch: Desktop Surveillance in Azerbaijan and Armenia,Checkpoint,https://app.box.com/s/1n31h25d0j5xoqrtyftmx4zuh7njwwje,b897b76560babe5ea2af500b12ce15160c39944f,02/16/2023,2023
Ahnlab_HWP-Malware-Steganography-ScarCruft(02-21-2023),HWP Malware Using the Steganography Technique: RedEyes (ScarCruft),AhnLab,https://app.box.com/s/966vmmu8zehyqszqaygziq84fbrvvn3v,18f2fa0dd7b7178ba88d5a5d412d86bf3df43c28,02/21/2023,2023
Symantec_Hydrochasma-UnknownGroup-Targets-Medical-Shipping-Asia(02-22-2023),Hydrochasma: Previously Unknown Group Targets Medical and Shipping Organizations in Asia,Symantec,https://app.box.com/s/29d01df2yj6gbkew7etkx3kesagb2pk1,5669fa6adf6841e8d550e03636e13e39cc8e4560,02/22/2023,2023
ESET_WinorDLL64-Lazarus-arsenal(02-23-2023),WinorDLL64: A backdoor from the vast Lazarus arsenal?,ESET,https://app.box.com/s/vs8eitue87tx6dvbdwtxjimkg03xf7s4,29308a374352e9b10395a445b54d29c44fa1a954,02/23/2023,2023
Blackberry_BlindEagle-Fake-UUE-Fsociety-Target-Colombia(02-27-2023),Blind Eagle Deploys Fake UUE Files and Fsociety to Target Colombia,Blackberry,https://app.box.com/s/8llvu2xsb8l9t2bxt16zhjqm89810gcp,669282e93ad3ee2f09ca00538a9e9f9d474dcb9b,02/27/2023,2023
Ahnlab_Lazarus-using-public-certificate-vulnerability(02-27-2023),Lazarus group using public certificate vulnerability,Ahnlab,https://app.box.com/s/ovpepub4io3zuwkn65viaoxcn18ifunk,9f0ac45dbfeeded1ad46f09e104640566c8f7eda,02/27/2023,2023
Symantec_Blackfly_Materials_Technology(02-28-2023),Blackfly: Espionage Group Targets Materials Technology,Symantec,https://app.box.com/s/haoo75g6usi9rbje6mdi9618lqglo1vz,4267c0947c6c196ac1f13f4ae440231f1828a67e,02/28/2023,2023
Trendmicro_IronTigers-SysUpdate-Adds-Linux-Targeting(03-01-2023),"Iron Tiger's SysUpdate Reappears, Adds Linux Targeting",Trend Micro,https://app.box.com/s/oyd0m0chatq9m025mjs21umb3xivhw3s,5af93af18d82bd2525635dc8a5d29126e05207ee,03/01/2023,2023
ESET_MQsTTang-MustangPandas-backdoor-Qt-MQTT(03-02-2023),MQsTTang: Mustang Panda's latest backdoor treads new ground with Qt and MQTT,ESET,https://app.box.com/s/01nfw2cbbp4hi4my8tuoik8eazecd9wm,a315b44bfa8879deee5d9ee550e6bdf1516c6258,03/02/2023,2023
Proofpoint_Russia-Aligned-TA499-Beleaguers-Targets-Video-Call-Requests(03-07-2023),Don't Answer That! Russia-Aligned TA499 Beleaguers Targets with Video Call Requests,Proofpoint,https://app.box.com/s/eq1umie1q7extle2oddwdluftyx12hu7,12f3a174311f611263f75c3b1d62f69b11c53560,03/07/2023,2023
Checkpoint_Chinese-Espionage-Southeast-Asian-Government-Entities(03-07-2023),Pandas with a Soul: Chinese Espionage Attacks Against Southeast Asian Government Entities,Checkpoint,https://app.box.com/s/29jms8a3yoapqi7id90gi7fepknh155m,d1a6a9b7fbd5a94cdd7b325883da3e413d4f8ffc,03/07/2023,2023
Mandiant_LIGHTSHOW-1-North-Koreas-UNC2970(03-09-2023),Stealing the LIGHTSHOW (Part One) - North Korea's UNC2970,Mandiant,https://app.box.com/s/t1wj2s9hwf71dh65w5re5est9yhvh0mu,e9325a67d4681c8cdfc1e2a18783142e2e74826c,03/09/2023,2023
Mandiant_LIGHTSHOW-2-LIGHTSHIFT-and-LIGHTSHOW(03-09-2023),Stealing the LIGHTSHOW (Part Two) - LIGHTSHIFT and LIGHTSHOW,Mandiant,https://app.box.com/s/q3opc1veurizduac9fqpcptxcc7eztg0,604ce904b72ea33febb00802b7b26f4d782f6f67,03/09/2023,2023
360_APT-C-56-TransparentTribe-camouflage-campaign(02-13-2023),Analysis of APT-C-56 (Transparent Tribe) camouflage resume attack campaign,CoreSec360,https://app.box.com/s/rnoc7ldxv29za832xasqohm1ammp3g2d,39ab8916e64fe878e3198b82bc0bfd0b78c8e8cd,03/13/2023,2023
ESET_Tick-APT-compromise-DLP-developer-East-Asia(03-14-2023),The slow Ticking time bomb: Tick APT group compromise of a DLP software developer in East Asia,ESET,https://app.box.com/s/m37w9blhczmsgr4cmhjfxu432zca4sdj,23219da0963e95373d5dacba4348f1ccd274fd59,03/14/2023,2023
Mandiant_Fortinet-Zero-Day-Suspected-Chinese-Operation(03-16-2023),Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation,mandiant,https://app.box.com/s/iii4w6dhgx5q3ty6wqw3blcwquf074rq,d4d5053d7057f5fd24a4e431de95c2efc33b3a59,03/16/2023,2023
ESET_apt-activity-report-q2-2023-q3-2023(10-26-2023),ESET APT Activity Report Q2-Q3 2023,ESET,https://app.box.com/s/k8lwb8mo9io4mzsu89jd8lwsu123hazd,7873f4b161d89a40f97a4b4104f212f4d556459a,10/26/2023,2023
Kaspersky_cascade-of-compromise-unveiling-Lazarus-new-campaign(10-27-2023),A cascade of compromise: unveiling Lazarus' new campaign,Kaspersky,https://app.box.com/s/v2z7vgbi74nivtd8hwghetsx04m4s0ah,d88076abd0fbde4927a2948ca8065659e9ba6752,10/27/2023,2023
CoreSec360_APT-C-36-BlindEagle-Amadey-botnet(10-31-2023),Analysis of activities of suspected APT-C-36 (Blind Eagle) organization launching Amadey botnet Trojan,CoreSec360,https://app.box.com/s/ubdtp5ptp5mk79x2d1cutpsr4cik8af0,5e1d8f90ff100844c70bc6c663ffe26771881cd7,10/31/2023,2023
Checkpoint_Fro-Albania-to-MiddleEast-Scarred-Manticore(10-31-2023),From Albania To The Middle East: The Scarred Manticore Is Listening,Checkpoint,https://app.box.com/s/7xa41s13wmuno6koqkuknexpsffehzdt,18c0a89c955b06ef112a48590e14879c919c72b4,10/31/2023,2023
Deepinstinct_MuddyWater-spearphishing-new-TTPs(11-01-2023),MuddyWater eN-Able spear-phishing with new TTPs,deepinstinct,https://app.box.com/s/gqeknolwao8lmfefd96uu2ilva5i67cs,d3bf493f5cb37521928b92e9eee3af89d0f3bf82,11/01/2023,2023
Kaspersky_Modern-Asian-APT-groups-TTPs_report_eng(11-09-2023),Modern Asia APT groups TTPs,Kaspersky,https://app.box.com/s/dwhha91g1bkrjvmzdi1j8xylez9y6rzz,ab3211cc642317a62c5330b640f24f08c3efb090,11/09/2023,2023
Kaspersky_HrServ-webshell-in-APT-attack(11-22-2023),HrServ - Previously unknown web shell used in APT attack,Kaspersky,https://app.box.com/s/cexiy4us0t2ygcu6mewyys4aad5ogv83,312885ec160f68228c8ec450e3f61b54a25e17d5,11/22/2023,2023
Blackberry_AeroBlade-Targeting-US-Aerospace-Industry(11-30-2023),AeroBlade on the Hunt Targeting the U.S. Aerospace Industry,Blackberry,https://app.box.com/s/d4eigscymt12dg8lsnevf48duihx5bwz,ef854d3ab06b7acc16e2ab04a760468966d07805,11/30/2023,2023
PaloAlto_NewToolSet-Organizations-in-Middle-East-Africa-and-US(12-01-2023),"New Tool Set Found Used Against Organizations in the Middle East, Africa and the US",Palo Alto Networks,https://app.box.com/s/z7lwcyx3tk4dlsw4bivcrsi7gaj4u4vs,e16339ec8a52ad200eae8d0fb6be95550d8f9c07,12/01/2023,2023
Ahnlab_Kimsuky-Group-AutoIt-Malware-RftRAT-Amadey(12-08-2023),"Kimsuky Group Uses AutoIt to Create Malware (RftRAT, Amadey)",Ahnlab,https://app.box.com/s/xs2z8yf59q58ph1qn5sqr92sj2g6zefo,a224702fbdf785b482d562117dddf5d4fd848208,12/08/2023,2023
ITG05_operations_leverage_Israel-Hamas_conflict_lures_to_deliver_Headlace_malware(12-08-2023),ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware,IBM,https://app.box.com/s/v7cb9iaex4o4igqpq9xbxz9sne72klr3,c4e23fff156bef106fb15a96734b9fcf44d37061,12/08/2023,2023
CISA_aa23-347a-russian-foreign-intelligence-service-svr-exploiting-jetbrains-teamcity-cve-globally_0(12-13-2023),Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally,CISA,https://app.box.com/s/fd039qqm7o9tl7yrbda7f3uevumj2twu,443181071d70821ccd4f78533f8b6b9947dc4b46,12/13/2023,2023
Sentinelone_GazaCybergang -UnifiedFront-Targeting-Opposition(12-14-2023),Gaza Cybergang Unified Front Targeting Hamas Opposition,Sentinelone,https://app.box.com/s/7zzj7ykuxqvc32jj5w9jcgnv3kvfbxpw,e8a83611d700dbc67bff004984b05714471b00c4,12/14/2023,2023
ESET_OilRig-cloud-service-powered-downloaders(12-14-2023),OilRig's persistent attacks using cloud service-powered downloaders,ESET,https://app.box.com/s/hwalx6d0jzl86zfotki735i40j5a7fr0,1c9fb3d84f4702a0ae479b9e8f5c61ed27547d74,12/14/2023,2023
Symantec_Seedworm-Iranian-Hackers-Target-Telecoms-Orgs-North-East-Africa(12-19-2023),Seedworm: Iranian Hackers Target Telecoms Orgs in North and East Africa,Symantec,https://app.box.com/s/hn3cttmgg2ijnz0qr41iwh6kpgenapvr,247bc49a579b858eb7c50a9a6cb23ab022c8e1d2,12/19/2023,2023
Netskope_Nim-based-Campaign-Word-Docs-Impersonate-Nepali-Gov(12-20-2023),A Look at the Nim-based Campaign Using Microsoft Word Docs to Impersonate the Nepali Government,Netskope,https://app.box.com/s/rel585pqa8fc80voc96wt9oidsik0pvl,3f76b2e6e9861c0c3e4205dfeb5a9868539f4bb6,12/20/2023,2023
CERT-UA-8338(12-21-2023),New UAC-0050 attack using RemcosRAT,CERT-UA,https://app.box.com/s/2smmew2ne68u13vfh3gmx9rd4w6tzlt9,0d7df9ae534779b6ee238c2d882e75e7b80797e0,12/21/2023,2023
Deepinstinct_TA-UAC-0099-Continues-Target-Ukraine(12-21-2023),Threat Actor 'UAC-0099' Continues to Target Ukraine,Deepinstinct,https://app.box.com/s/dd69xw7nerwy3w6zkqapfwhrsacgtxxj,b0cce40bbc4e54a2742d25794bc5311cd958c2b2,12/21/2023,2023
CERT-UA-8399(12-28-2023),APT28: From Initial Damage to Domain Controller Threats in an Hour,CERT-UA,https://app.box.com/s/s2uqsgl0krjgy2q806x3vy0hx6jfjem8,655acdbba1095c8339c40f02d2af3d3da50d22c4,12/28/2023,2023