那些年,全球经历过的APT事件(转载)

围观次数:1,566 views

《孙子兵法》曰:知彼知己,百战不殆;不知彼而知己,一胜一负;不知彼不知己,每战必贻。

转载自:http://www.srxh1314.com 提供的一份材料,看了真心不错,转放到网站上。

Papers

The papers section contains historical documents.

2006

Wicked Rose and the NCPH Hacking Group

2008

Aug 10  Russian Invasion of Georgia Russian Cyberwar on Georgia

Oct ??  How China will use cyber warfare to leapfrog in military
competitiveness

Nov 19  Agent.BTZ

??? ??  Chinas
Electronic Long-Range Reconnaissance

2009

Jan 18  Impact of Alleged Russian Cyber Attacks

Mar 29  Tracking
GhostNet

2010

Jan 12  Operation
Aurora

Jan 13  The Command Structure of the Aurora Botnet Damballa

Jan 27  Operation Aurora Detect, Diagnose, Respond

Jan ??  Case Study: Operation Aurora Triumfant

Jan ??  McAfee Labs: Combating Aurora

Feb 24  How Can I Tell if I Was Infected By Aurora? (IOCs)

Mar 14  In-depth Analysis of Hydraq

Apr 06  Shadows in the cloud: Investigating Cyber Espionage 2.0

Sep 03  The MSUpdater Trojan And Ongoing Targeted
Attacks

Dec 09  The
Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability

2011

Feb ??  W32.Stuxnet Dossier

Feb 10  Global Energy Cyberattacks: Night Dragon

Feb 18  Night Dragon Specific Protection Measures for Consideration

Apr 20  Stuxnet Under the Microscope

Aug ??  Shady RAT

Aug 04  Operation Shady RAT

Aug ??  Operation Shady rat : Vanity

Aug 03  HTran and the Advanced Persistent Threat

Sep 11  SK Hack by an Advanced Persistent Threat

Sep 22  The LURID Downloader

Oct 12  Alleged APT Intrusion Set: 1.php Group

Oct 26  Duqu Trojan Questions and Answers

Oct 31  The Nitro Attacks: Stealing Secrets from the Chemical Industry

2012

Jan 03  The HeartBeat APT

Feb ??  Command and Control in the Fifth Domain

Feb 29  The Sin Digoo Affair

Mar 12  Crouching Tiger, Hidden Dragon, Stolen Data

Mar 13  Reversing DarkComet RATs crypto

Mar 26  Luckycat Redux

Apr 10  Anatomy of a Gh0st RAT

May 18  Analysis of Flamer C&C Server

May 22  IXESHEA An APT Campaign

May 31  sKyWIper (Flame/Flamer)

Jul 10  Advanced Social Engineering for the Distribution of LURK Malware

Jul 11  Wired article on DarkComet creator

Jul 27  The Madi Campaign

Aug 09  Gauss: Abnormal Distribution

Sep 06  The Elderwood Project

Sep 07  IEXPLORE RAT

Sep 12  The VOHO Campaign: An in depth analysis

Sep 18  The Mirage Campaign

Oct 08  Matasano
notes on DarkComet, Bandook, CyberGate and Xtreme RAT

Oct 27  Trojan.Taidoor: Targeting Think Tanks

Nov 03  Systematic cyber attacks against Israeli and Palestinian targets
going on for a year

2013

Jan 18  Ooperation Red October

Feb 12  Targeted cyber attacks: examples and challenges ahead

Feb 13  Operation SnowMan: DeputyDog Actor Compromises US Veterans of
Foreign Wars Website

Feb 18  Mandiant APT1 Report

Feb 22  Comment Crew: Indicators of Compromise

Feb 26  Stuxnet 0.5: The Missing Link

Feb 27  The MiniDuke Mystery: PDF 0-day Government Spy Assembler 0x29A
Micro Backdoor

Feb 27  Miniduke: Indicators v1

Mar 13  You Only Click Twice: FinFishers Global Proliferation

Mar 17  Safe: A Targeted Threat

Mar 20  Dissecting Operation Troy

Mar 27  APT1: technical backstage (Terminator/Fakem RAT)

Apr 01  Trojan.APT.BaneChant

Apr 13  Winnti More than just a game

Apr 24  Operation Hangover

May ??  Operation Hangover

May 13  Operation Saffron Rose

Jun ??  The Chinese Malware Complexes: The Maudi Surveillance Operation

Jun 01  Crude Faux: An analysis of cyber conflict within the oil & gas
industries

Jun 04  The NetTraveller (aka Travnet)

Jun 18  Trojan.APT.Seinup Hitting ASEAN

Jun 21  A Call to Harm: New Malware Attacks Target the Syrian Opposition

Jun 28  njRAT Uncovered

Jul ??  Dark Seoul Cyber Attack: Could it be worse?

Jul 15  PlugX revisited: Smoaler

Jul 31  Secrets of the Comfoo Masters

Jul 31  Blackhat: In-Depth Analysis of Escalated APT Attacks
(Lstudio,Elirks)
video

Aug ??  Operation Hangover Unveiling an Indian Cyberattack Infrastructure

Aug ??  APT Attacks on Indian Cyber Space

Aug 02  Where There is Smoke, There is Fire: South Asian Cyber Espionage
Heats Up

Aug 02  Surtr: Malware Family Targeting the Tibetan Community

Aug 19  ByeBye Shell and the targeting of Pakistan

Aug 21  POISON IVY: Assessing Damage and Extracting Intelligence

Aug 23  Operation Molerats: Middle East Cyber Attacks Using Poison Ivy

Sep ??  Feature: EvilGrab Campaign Targets Diplomatic Agencies

Sep 11  The Kimsuky Operation

Sep 13  Operation DeputyDog: Zero-Day (CVE-2013-3893) Attack Against
Japanese Targets

Sep 17  Hidden Lynx Professional Hackers for Hire

Sep 25  The ICEFROG APT: A Tale of cloak and three
daggers

Sep 30  World War C: State of affairs in the APT world

Oct 24  Terminator RAT or FakeM RAT

Nov 10  Operation Ephemeral Hydra: IE Zero-Day Linked to DeputyDog Uses
Diskless Method

Nov 11  Supply Chain Analysis

Dev 02  njRAT, The Saga Continues

Dec 11  Operation Ke3chang

Dec 20  ETSO APT Attacks Analysis

??? ??  Deep Panda

??? ??  Detecting and Defeating the China Chopper Web Shell

2014

Jan 06  PlugX: some uncovered points

Jan 13  Targeted attacks against the Energy Sector

Jan 14  The Icefog APT Hits US Targets With Java Backdoor

Jan 21  Shell_Crew (Deep Panda)

Feb 11  Unveiling Careto The Masked APT

Feb 13  Operation SnowMan: DeputyDog Actor Compromises US Veterans of
Foreign Wars Website

Feb 19  The Monju Incident

Feb 19  XtremeRAT: Nuisance or Threat?

Feb 20  Operation GreedyWonk: Multiple Economic and Foreign Policy Sites
Compromised, Serving Up Flash Zero-Day Exploit

Feb 20  Mo Shells Mo Problems Deep Panda Web Shells

Feb 28  Uroburos: Highly complex espionage software with Russian roots

Mar 06  The Siesta Campaign

Mar 07  Snake Campaign & Cyber Espionage Toolkit

Mar 08  Russian spyware Turla

Apr 26  CVE-2014-1776: Operation Clandestine Fox

May 21  RAT in jar: A phishing campaign using Unrecom

Jun 06  Illuminating The Etumbot APT Backdoor (APT12)

Jun 09  Putter Panda

Jun 30  Dragonfly: Cyberespionage Attacks Against Energy Suppliers

Jun 10  Anatomy of the Attack: Zombie Zero

Jul 11  Pitty Tiger

Jul 31  Energetic Bear/Crouching Yeti

Jul 31  Energetic Bear/Crouching Yeti Appendix

Aug 04  Sidewinder Targeted Attack Against Android

Aug 05  Operation Arachnophobia

Aug 06  Operation Poisoned Hurricane

Aug 07  The Epic Turla Operation Appendix

Aug 12  New York Times Attackers Evolve Quickly (Aumlib/Ixeshe/APT12)

Aug 13  A
Look at Targeted Attacks Through the Lense of an NGO

Aug 18  The Syrian Malware House of Cards

Aug 20  El Machete

Aug 25  Vietnam APT Campaign

Aug 27  NetTraveler APT Gets a Makeover for 10th Birthday

Aug 27  North Koreas cyber threat landscape

Aug 28  Scanbox: A Reconnaissance Framework Used with Watering Hole
Attacks

Aug 29  Syrian Malware Team Uses BlackWorm for Attacks

Sep 03  Darwins
Favorite APT Group (APT12)

Sep 04  Forced to Adapt: XSLCmd Backdoor Now on OS X

Sep 08  Targeted Threat Index: Characterizingand Quantifying
Politically-MotivatedTargeted Malware
 video

Sep 08  When Governments Hack Opponents: A Look at Actors and Technology video

Sep 10  Operation Quantum Entanglement

Sep 17  Chinese intrusions into key defense contractors

Sep 18  COSMICDUKE: Cosmu with a twist of MiniDuke

Sep 19  Watering Hole Attacks using Poison Ivy by th3bug group

Sep 23  Ukraine
and Poland Targeted by BlackEnergy (video)

Sep 26  Aided Frame, Aided Direction (Sunshop Digital Quartermaster)

Sep 26  BlackEnergy & Quedagh

Oct 03  New indicators for APT group Nitro

Oct 09  Democracy
in Hong Kong Under Attack

Oct 14  ZoxPNG Preliminary Analysis

Oct 14  Hikit Preliminary Analysis

Oct 14  Derusbi Preliminary Analysis

Oct 14  Group 72 (Axiom)

Oct 14  Sandworm CVE-2104-4114

Oct 20  OrcaRAT A
whale of a tale

Oct 22  Operation Pawn Storm: The Red in SEDNIT

Oct 22  Sofacy Phishing by PWC

Oct 23  Modified Tor Binaries

Oct 24  LeoUncia and OrcaRat

Oct 27  Full Disclosure of Havex Trojans ICS Havex backdoors

Oct 27  ScanBox framework whos
affected, and who
s
using it?

Oct 28  APT28 A
Window Into Russia
s
Cyber Espionage Operations

Oct 28  Group
72, Opening the ZxShell

Oct 30  The Rotten Tomato Campaign

Oct 31  Operation TooHash

Nov 03  New observations on BlackEnergy2 APT activity

Nov 03  Operation Poisoned Handover: Unveiling Ties Between APT Activity
in Hong Kong
s
Pro-Democracy Movement

Nov 10  The Darkhotel APT A Story of Unusual Hospitality

Nov 11  The Uroburos case- Agent.BTZs successor, ComRAT

Nov 12  Korplug military targeted attacks: Afghanistan & Tajikistan

Nov 13  Operation CloudyOmega: Ichitaro 0-day targeting Japan

Nov 14  OnionDuke: APT Attacks Via the Tor Network

 

发表评论

电子邮件地址不会被公开。 必填项已用*标注

广告赞助