Destructive Attack 'DUSTMAN' |
Jan |
SA NCSC |
Caught in the Act: Running a Realistic Factory Honeypot to Capture Real Threats |
Jan |
Trend Micro |
North American Electric Cyber Threat Perspective |
Jan |
Dragos |
New Destructive Wiper "ZeroCleare" Targets Energy Sector in the Middle East |
Jan |
IBM |
APT10 Threat Analysis Report |
Jan |
Adeo |
Fox Kitten Campaign: Widespread Iranian Espionage-Offensive Campaign |
Feb |
ClearSky |
Crime Without Punishment: In-depth analysis of js-sniffers |
Feb |
Group IB |
International Security and Estonia |
Feb |
EFIS |
And then there were 6: A story of cyberspionage incident response by DART that uncovered five additional threat actors in one environment |
Feb |
Microsoft |
Cloud Snooper attack bypasses firewall security measures |
Feb |
Sophos |
Profiling of TA505 Threat Group That Continues to Attack the Financial Sector |
Feb |
FSI |
The Lazarus Constellation A study on North Korean malware |
Feb |
Lexfo |
Operation Poisoned News: Hong Kong Users Targeted with Mobile Malware via Local News Links |
Mar |
Trend Micro |
Bearing Witness: Uncovering the Logic Behind Russian Military Cyber Operations |
Mar |
Booz Allen |
Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan |
Mar |
Trend Micro |
Decade of the RATs: Novel APT Attacks Targeting Linux, Windows and Android |
Apr |
BlackBerry |
Revealing Targets of the Iranian MuddyWater Group, Extracted from their C2 |
Apr |
Clearsky |
New dark_nexus IoT Botnet Puts Others to Shame |
Apr |
Bitdefender |
Chinese Influence Operations Evolve in Campaigns Targeting Taiwanese Elections, Hong Kong Protests |
Apr |
RecordedFuture |
APTs and COVID-19: How advanced persistent threats use the coronavirus as a lure |
Apr |
MalwareBytes |
Craft for Resilence - APT Group Chimera - APT Operation Skeleton Key Targets Taiwan Semiconductor Vendors |
Apr |
CyCraft |
The 'Spy Cloud' Operation: Geumseong121 group carries out the APT attack disguising the evidence of North Korean defection |
Apr |
ESRC |
Threat landscape for industrial automation systems |
Apr |
Kaspersky |
Uncovering DRBControl Inside the Cyberespionage Campaign Targeting Gambling Operations |
Apr |
Trend Micro |
Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia |
May |
Bitdefender |
The "Silent Night" Zloader/Zbot |
May |
Malwarebytes & Hyas |
Tactics, Techniques and Procedures Used to Target Australian Networks |
May |
ACSC |
Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia |
May |
BitDefender |
Leery Turtle Threat Report |
May |
CyberStruggle |
AWS Shield Threat Landscape Report Q1 2020 |
May |
AWS |
Shifts in Underground Markets |
May |
Trend Micro |
From AGENT.BTZ to COMRAT V4. A ten-year journey |
May |
ESET |
Mobile APT Surveillance Campaigns Targeting Uyghurs |
Jun |
Lookout |
The Dark Overlord Cyber Investigation Report |
Jul |
Data Viper |
Study of the APT attacks on state institutions in Kazakhstan and Kyrgyzstan |
Jul |
Dr.Web |
The Hacker Infrastructure and Underground Hosting. An overview of the cybercriminal market |
Jul |
Trend Micro |
Worm War: The Botnet Battle for IoT Territory |
Jul |
Trend Micro |
APT29 targets COVID-19 vaccine development |
Jul |
NCSC |
Card Fraud in a PSD2 World: A Few Examples |
Jul |
Cyber R&D Lab |
THE FAKE CISCO: Hunting for backdoors in Counterfeit Cisco devices |
Jul |
F-Secure |
Cosmic Lynx: The Rise of Russian BEC |
Jul |
Agari |
Chinese state-sponsored group 'reddelta' targets the Vatican and Catholic organizations |
Jul |
Recorded Future |
Operation 'Dream Job'. Widespread North Korean Espionage Campaign |
Aug |
ClearSky |
Pillars of Russia's Desinformation and Propaganda Ecosystem |
Aug |
U.S. Department of State |
Russian GRU 85th GTsSS Deploys Previously Undisclosed Drovorub Malware |
Aug |
NSA and FBI |
No need to hack when it's leaking: GITHUB HEALTHCARE LEAKS |
Aug |
GitHub |
LAZARUS GROUP: Campaign Targetting The Cryptocurrenct Vertical |
Aug |
F-Secure |
Development of the activity of the TA505 Cybercriminal Group |
Aug |
ANSSI |
The Kittens Are Back in Town 3 Charming Kitten Campaign Evolved and Deploying Spear-Phishing link by WhatsApp |
Aug |
ClearSky |
FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks |
Aug |
USCYBERCOM |
ULTRARANK The unexpected twist of a JS-sniffer triple threat |
Aug |
Group IB |
CERBERUS Banking Trojan Analysis |
Aug |
Cyberwise |
REDCURL The pentest you didn't know about |
Aug |
Group IB |
The French Underground Under a Shroud of Extreme Caution |
NA |
Trend Micro |
Cybercrime in West Africa Poised for an Underground Market |
NA |
Trend Micro |
Lock Like a Pro: How QAKBOT Fuels Enterprise Ransomware Campaigns |
Sep |
Group IB |
SideCopy An insight into Transparent Tribe's sub-division which has been incorrectly attributed for years |
Sep |
Seqrite |
ShadowPad: new activity from the Winnti group |
NA |
PT |
LATAM Financial Cybercrime: Competitors-in-crime sharing TTPs |
NA |
ESET |
Threat landscape for industrial automation systems |
Sep |
Kaspersky |
AT commands, Tor-based communications: meet ATTOR, A fantasy creature and also a Spy platform |
NA |
ESET |