Campaign
DATE | NAME | CATEGORY | SUBCATE | INFO |
|
25.7.24 |
CVE-2024-21412 | CAMPAIGN | CVE | Exploiting CVE-2024-21412: A Stealer Campaign Unleashed |
| 20.6.24 | Sustained | CAMPAIGN | CAMPAIGN | Sustained Campaign Using Chinese Espionage Tools Targets Telcos |
| 18.6.24 | Spinning YARN | CAMPAIGN | Malware | Spinning YARN - A New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis and Confluence |
18.5.24 | Earth Hundun's | Campaign | CyberSpy | Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024 |
10.5.24 | APT28 | Campaign | APT | APT28 campaign targeting Polish government institutions |
| 30.4.24 | DEV#POPPER | Campaign | Campaign | ANALYSIS OF DEV#POPPER: NEW ATTACK CAMPAIGN TARGETING SOFTWARE DEVELOPERS LIKELY ASSOCIATED WITH NORTH KOREAN THREAT ACTORS |
| 25.4.24 | ArcaneDoor | Campaign | Spy | ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices |
| 25.4.24 | FROZEN#SHADOW Attack | Campaign | Campaign | Analysis of Ongoing FROZEN#SHADOW Attack Campaign Leveraging SSLoad Malware and RMM Software for Domain Takeover |
| 19.4.24 | BlackTech | Campaign | Cyberespionage | Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear |
| 19.4.24 | DuneQuixote | Campaign | Campaign | DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware |
| 17.4.24 | Connect:fun | Campaign | Campaign | In a new threat briefing, Forescout Research – Vedere Labs details an exploitation campaign targeting organizations running Fortinet’s FortiClient EMS which is vulnerable to CVE-2023-48788. We are designating this campaign Connect:fun because of the use of ScreenConnect and Powerfun as post-exploitation tools – our first-ever named campaign. |
| 16.4.24 | SteganoAmor | Campaign | Campaign | SteganoAmor campaign: TA558 mass-attacking companies and public institutions all around the world |
| 12.4.24 | DarkBeatC2 | Campaign | APT | DarkBeatC2: The Latest MuddyWater Attack Framework |
11.4.24 | Android | ESET researchers uncovered the eXotic Visit espionage campaign that targets users mainly in India and Pakistan with seemingly innocuous apps | ||
11.4.24 | Virus | Raspberry Robin Now Spreading Through Windows Script Files | ||
| 28.3.24 | ShadowRay | Campaign | AI | ShadowRay: First Known Attack Campaign Targeting AI Workloads Actively Exploited In The Wild |
| 27.3.24 | RedAlpha | Campaign | Campaign | Recorded Future’s Insikt Group has identified two new cyberespionage campaigns targeting the Tibetan Community over the past two years. The campaigns, which we are collectively naming RedAlpha, combine light reconnaissance, selective targeting, and diverse malicious tooling. |
| 12.3.24 | Copybara Fraud Operation | Campaign | Operation | On top of this fraud operation architecture, TAs exploit Social Engineering techniques for distributing the Copybara banking trojan, which typically involves smishing and vishing techniques, leveraging native-speaker operators. In particular, several samples reveal TAs distributing Copybara through seemingly legitimate apps, utilizing logos of well-known banks and names that sound authentic, such as “Caixa Sign Nueva”, “BBVA Codigo”, “Sabadell Codigo”. |
| 7.3.24 | Spinning YARN | Campaign | Campaign | Spinning YARN - A New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis and Confluence |
| 21.2.24 | SMUGX | Campaign | Campaign | CHINESE THREAT ACTORS TARGETING EUROPE IN SMUGX CAMPAIGN |
| 21.2.24 | Earth Preta | Campaign | Campaign | Earth Preta Campaign Uses DOPLUGS to Target Asia |
2.2.24 | Commando Cat | Campaign | Cryptocurrency | The Nine Lives of Commando Cat: Analysing a Novel Malware Campaign Targeting Docker |
18.1.24 | Mind Sandstorm | Campaign | Campaign | New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs |
10.1.24 | Campaign | Securonix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware | ||
24.12.23 | Campaign | A Look at the Nim-based Campaign Using Microsoft Word Docs to Impersonate the Nepali Government |