Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/kbandla/APTnotes
Various public documents, whitepapers and articles about APT campaigns
https://github.com/kbandla/APTnotes
Last synced: about 1 month ago
JSON representation
Various public documents, whitepapers and articles about APT campaigns
- Host: GitHub
- URL: https://github.com/kbandla/APTnotes
- Owner: kbandla
- Created: 2013-09-26T01:31:02.000Z (over 10 years ago)
- Default Branch: master
- Last Pushed: 2024-01-01T21:37:51.000Z (6 months ago)
- Last Synced: 2024-02-07T19:54:29.925Z (5 months ago)
- Homepage:
- Size: 445 MB
- Stars: 3,374
- Watchers: 640
- Forks: 902
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
Lists
- lists - APTnotes
- security-study-tutorial - Various public documents, whitepapers and articles about APT campaigns
- Awesome-Hacking - APT Notes
- collection - APTnotes
- awesome-hacking-lists - APTnotes - Various public documents, whitepapers and articles about APT campaigns (Others (1002))
- awesomelist - APTnotes
- awesome-hacking - APT Notes
- awesome-stars - kbandla/APTnotes - Various public documents, whitepapers and articles about APT campaigns (others)
- awesome-stars - APTnotes - Various public documents, whitepapers and articles about APT campaigns (Others)
- awesome-malware-analysis - APT Notes - A collection of papers (Other / Other Resources)
- fucking-lists - APTnotes
- awesome-lists-Definative-Lists - APTnotes
- awesome-csirt - APTNotes
- Hacking-Awesome - - Various public documents, whitepapers and articles about APT campaigns (Uncategorized / Uncategorized)
- Awesome-Hacking - APT Notes
- Awesome-Hacking - APT Notes
- awesome-malware-analysis - APT Notes - A collection of papers (Other / Other Resources)
- awesome-rainmana - kbandla/APTnotes - Various public documents, whitepapers and articles about APT campaigns (Others)
- awesome_hacking - APT Notes
- Awesome-Hacking - APT Notes
- awesome-hacking-lists - kbandla/APTnotes - Various public documents, whitepapers and articles about APT campaigns (Others)
- awesome-hacking-lists - APTnotes - Various public documents, whitepapers and articles about APT campaigns (Others)
README
# APT Notes
This is a repository for various publicly-available documents and notes related to APT, sorted by year. For malware sample hashes, please see the individual reports.
[](https://gitter.im/kbandla/APTnotes?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
* [Data](https://github.com/aptnotes/data) repo makes it easier for automation
* To add new reports, please create a [new issue](https://github.com/aptnotes/data/issues)
* For more information, see the new [README](https://github.com/aptnotes/data/blob/master/README.md)
## 2023
* Dec 19 - [Seedworm: Iranian Hackers Target Telecoms Orgs in North and East Africa](https://app.box.com/s/hn3cttmgg2ijnz0qr41iwh6kpgenapvr)
* Dec 14 - [OilRig's persistent attacks using cloud service-powered downloaders](https://app.box.com/s/hwalx6d0jzl86zfotki735i40j5a7fr0)
* Dec 14 - [Gaza Cybergang Unified Front Targeting Hamas Opposition](https://app.box.com/s/7zzj7ykuxqvc32jj5w9jcgnv3kvfbxpw)
* Dec 13 - [Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally](https://app.box.com/s/fd039qqm7o9tl7yrbda7f3uevumj2twu)
* Dec 08 - [ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware](https://app.box.com/s/v7cb9iaex4o4igqpq9xbxz9sne72klr3)
* Dec 08 - [Kimsuky Group Uses AutoIt to Create Malware (RftRAT, Amadey)](https://app.box.com/s/xs2z8yf59q58ph1qn5sqr92sj2g6zefo)
* Dec 01 - [New Tool Set Found Used Against Organizations in the Middle East, Africa and the US](https://app.box.com/s/z7lwcyx3tk4dlsw4bivcrsi7gaj4u4vs)
* Nov 30 - [AeroBlade on the Hunt Targeting the U.S. Aerospace Industry](https://app.box.com/s/d4eigscymt12dg8lsnevf48duihx5bwz)
* Nov 22 - [HrServ - Previously unknown web shell used in APT attack](https://app.box.com/s/cexiy4us0t2ygcu6mewyys4aad5ogv83)
* Nov 09 - [Modern Asia APT groups TTPs](https://app.box.com/s/dwhha91g1bkrjvmzdi1j8xylez9y6rzz)
* Nov 01 - [MuddyWater eN-Able spear-phishing with new TTPs](https://app.box.com/s/gqeknolwao8lmfefd96uu2ilva5i67cs)
* Oct 31 - [From Albania To The Middle East: The Scarred Manticore Is Listening](https://app.box.com/s/7xa41s13wmuno6koqkuknexpsffehzdt)
* Oct 31 - [Analysis of activities of suspected APT-C-36 (Blind Eagle) organization launching Amadey botnet Trojan](https://app.box.com/s/ubdtp5ptp5mk79x2d1cutpsr4cik8af0)
* Oct 27 - [A cascade of compromise: unveiling Lazarus' new campaign](https://app.box.com/s/v2z7vgbi74nivtd8hwghetsx04m4s0ah)
* Mar 16 - [Fortinet Zero-Day and Custom Malware Used by Suspected Chinese Actor in Espionage Operation](https://app.box.com/s/iii4w6dhgx5q3ty6wqw3blcwquf074rq)
* Mar 14 - [The slow Ticking time bomb: Tick APT group compromise of a DLP software developer in East Asia](https://app.box.com/s/m37w9blhczmsgr4cmhjfxu432zca4sdj)
* Mar 13 - [Analysis of APT-C-56 (Transparent Tribe) camouflage resume attack campaign](https://app.box.com/s/rnoc7ldxv29za832xasqohm1ammp3g2d)
* Mar 09 - [Stealing the LIGHTSHOW (Part Two) - LIGHTSHIFT and LIGHTSHOW](https://app.box.com/s/q3opc1veurizduac9fqpcptxcc7eztg0)
* Mar 09 - [Stealing the LIGHTSHOW (Part One) - North Korea's UNC2970](https://app.box.com/s/t1wj2s9hwf71dh65w5re5est9yhvh0mu)
* Mar 07 - [Pandas with a Soul: Chinese Espionage Attacks Against Southeast Asian Government Entities](https://app.box.com/s/29jms8a3yoapqi7id90gi7fepknh155m)
* Mar 07 - [Don't Answer That! Russia-Aligned TA499 Beleaguers Targets with Video Call Requests](https://app.box.com/s/eq1umie1q7extle2oddwdluftyx12hu7)
* Mar 02 - [MQsTTang: Mustang Panda's latest backdoor treads new ground with Qt and MQTT](https://app.box.com/s/01nfw2cbbp4hi4my8tuoik8eazecd9wm)
* Mar 01 - [Iron Tiger's SysUpdate Reappears, Adds Linux Targeting](https://app.box.com/s/oyd0m0chatq9m025mjs21umb3xivhw3s)
* Feb 28 - [Blackfly: Espionage Group Targets Materials Technology](https://app.box.com/s/haoo75g6usi9rbje6mdi9618lqglo1vz)
* Feb 27 - [Lazarus group using public certificate vulnerability](https://app.box.com/s/ovpepub4io3zuwkn65viaoxcn18ifunk)
* Feb 27 - [Blind Eagle Deploys Fake UUE Files and Fsociety to Target Colombia](https://app.box.com/s/8llvu2xsb8l9t2bxt16zhjqm89810gcp)
* Feb 23 - [WinorDLL64: A backdoor from the vast Lazarus arsenal?](https://app.box.com/s/vs8eitue87tx6dvbdwtxjimkg03xf7s4)
* Feb 22 - [Hydrochasma: Previously Unknown Group Targets Medical and Shipping Organizations in Asia](https://app.box.com/s/29d01df2yj6gbkew7etkx3kesagb2pk1)
* Feb 21 - [HWP Malware Using the Steganography Technique: RedEyes (ScarCruft)](https://app.box.com/s/966vmmu8zehyqszqaygziq84fbrvvn3v)
* Feb 16 - [Operation Silent Watch: Desktop Surveillance in Azerbaijan and Armenia](https://app.box.com/s/1n31h25d0j5xoqrtyftmx4zuh7njwwje)
* Feb 13 - [Dalbit (m00nlight): Chinese Hacker Group's APT Attack Campaign](https://app.box.com/s/y8jswf42eqblw5m6cv5h7nkmy1q60dmn)
* Feb 08 - [Graphiron: New Russian Information Stealing Malware Deployed Against Ukraine](https://app.box.com/s/zgagcatygwcejaltkg40ij84aavt5cll)
* Feb 02 - [New APT34 Malware Targets The Middle East](https://app.box.com/s/9us9hqv5o7pnbt748p9g0o6lg3w7vdgo)
* Feb 02 - [Mustang Panda APT Group Uses European Commission-Themed Lure to Deliver PlugX Malware](https://app.box.com/s/3r1jwpewyxlnj8efx3tr6ctw9d2xghsf)
* Jan 11 - [Dark Pink: New APT hitting Asia-Pacific, Europe that goes deeper and darker](https://app.box.com/s/ppyx56ezndrsoc9n1ju68z4c86d6t093)
* Jan 05 - [BlindEagle Targeting Ecuador With Sharpened Tools](https://app.box.com/s/02999kyg7rhnghwp8v7g1zp8njpmslu3)
## 2022
* Dec 20 - [Russia's Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine](https://app.box.com/s/2xgd6r6ttw57hlg1gx0k2g72earqc9oy)
* Dec 09 - [Cloud Atlas targets entities in Russia and Belarus amid the ongoing war in Ukraine](https://app.box.com/s/b20i9u35k3os7h3dlt38emxzmymbb38j)
* Sep 15 - [Gamaredon APT targets Ukrainian government agencies in new campaign](https://app.box.com/s/gxxd8gxjcgjfw3o9bjh1wfver5ewd251)
* May 02 - [UNC3524: Eye Spy on Your Email](https://app.box.com/s/55fjwqbquh3crcy0whh74fl9khmmyncy)
* Apr 28 - [Update: Destructive Malware Targeting Organizations in Ukraine](https://app.box.com/s/leuoeise3zmmleyz3tiov7izt4s6xllf)
* Apr 28 - [LAPSUS$: Recent techniques, tactics and procedures](https://app.box.com/s/542vkzhswgr4y5w17jz3k5hmiu7e5rig)
* Apr 27 - [Stonefly: North Korea-linked Spying Operation Continues to Hit High-value Targets](https://app.box.com/s/aaubak30ry3tyox9elzknurce4by7lxq)
* Apr 26 - [A "Naver" ending game of Lazarus APT](https://app.box.com/s/gjrg4ujjlpfpkakfrzgeh7z9c0qvd68m)
* Apr 21 - [The ink-stained trail of GOLDBACKDOOR](https://app.box.com/s/q8cy0c5l8wpddfq60i4dccc2wucqsasf)
* Apr 20 - [Shuckworm: Espionage Group Continues Intense Campaign Against Ukraine](https://app.box.com/s/0kwypesas8xwv9a43cu3l5x9d632gyy6)
* Apr 18 - [TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies](https://app.box.com/s/u3xcft78hvt00u6hfkxewho4vn01xiu9)
* Apr 18 - [Lazarus attack group that exploits the INITECH process](https://app.box.com/s/suzn8gylygua4rmjabn1tqzh5vxetue3)
* Apr 18 - [Cyberattack on state organizations of Ukraine using the topic "Azovstal"](https://app.box.com/s/zkk7y68zicnnb7pu9v8z6lftmkobmxzh)
* Apr 18 - [Nobelium - Israeli Embassy Maldoc](https://app.box.com/s/91pxyu4f26183haf3dy0dyc723silaed)
* Apr 14 - [Cyberattack on state organizations of Ukraine using the malicious program IcedID](https://app.box.com/s/m60pwqycvss74wpsa4rxcqkr5u1l8prj)
* Apr 14 - [Lazarus Targets Chemical Sector](https://app.box.com/s/94475t981w6nufnaj1hv0v7igdzvie9b)
* Apr 12 - [Cyberattack by Sandworm Group (UAC-0082) on energy facilities of Ukraine using malicious programs INDUSTROYER2 and CADDYWIPER](https://app.box.com/s/quzxjttnqs9os9im11qztck3frmi37iw)
* Apr 12 - [Cyberattack by Sandworm Group (UAC-0082) on energy facilities of Ukraine using malicious programs INDUSTROYER2 and CADDYWIPER](https://app.box.com/s/quzxjttnqs9os9im11qztck3frmi37iw)
* Apr 12 - [Tarrask malware uses scheduled tasks for defense evasion](https://app.box.com/s/sod0q4n05p736xgu9v0mp02fddf66ljs)
* Apr 11 - [Snow abuse and gluttony: Analysis of suspected Lazarus attack activities against Korean companies](https://app.box.com/s/r1g8ofc5i4b8h7bgwig4r53k5zi9coro)
* Apr 06 - [Continued Targeting of Indian Power Grid Assets by Chinese State-Sponsored Activity Group](https://app.box.com/s/pbyaz149mzgliglrrm07vstvnf4kr14y)
* Mar 31 - [AcidRain: A Modem Wiper Rains Down on Europe](https://app.box.com/s/40p7timt5jlultr9k7mhsub6h4kjkktu)
* Mar 31 - [Lazarus Trojanized DeFi app for delivering malware](https://app.box.com/s/lr0zeiso7p52izl4rxwktljkmzpbfnbi)
* Mar 30 - [New Milestones for Deep Panda: Log4Shell and Digitally Signed Fire Chili Rootkits](https://app.box.com/s/y1uuj9no6pq6acfcne8lb1laj23jyxtj)
* Mar 30 - [VajraEleph from South Asia - Cyber espionage against Pakistani military personnel revealed](https://app.box.com/s/xlvbw8uodjh4jtqg3h0u5vm898kiwa34)
* Mar 29 - [Transparent Tribe campaign uses new bespoke malware to target Indian government officials](https://app.box.com/s/x4c798599srccjv65ciodew9hrv7mss1)
* Mar 29 - [APT attack disguised as North Korean defector resume format ](https://app.box.com/s/jvno7qknmcxx4i50fhov6jubdliltmsd)
* Mar 29 - [New spear phishing campaign targets Russian dissidents](https://app.box.com/s/s039oerz3q94v671d1goa5z8ok29u2gu)
* Mar 28 - [UAC-0056 cyberattack on Ukrainian authorities using GraphSteel and GrimPlant malware](https://app.box.com/s/s9jqmfj3eqvzuvbmap8tj673tj37giqd)
* Mar 24 - [Study of an APT attack on a telecommunications company in Kazakhstan](https://app.box.com/s/eos2gobtpnad1b9rblhy4g4ganpgdgk0)
* Mar 23 - [New Sandworm Malware Cyclops Blink Replaces VPNFilter](https://app.box.com/s/2izfjfe8wgev78jqsawow0lozxtkaf4z)
* Mar 22 - [Operation Dragon Castling: APT group targeting betting companies](https://app.box.com/s/xtmf4vkiyrwbnyk9dp0aa3v3aoe7zoc9)
* Mar 21 - [APT35 Automates Initial Access Using ProxyShell](https://app.box.com/s/effdjg8nuddhq3e9ooywuesizw5b0e3w)
* Mar 21 - [Serpent, No Swiping! New Backdoor Targets French Entities with Unique Attack Chain](https://app.box.com/s/kmcy16dup3hdx3dzpbay2vd240j9ffs0)
* Mar 16 - [An Overview of UNC2891](https://app.box.com/s/088994cnkgtar1ple8lear5ro00bxkuz)
* Mar 15 - [Threat Actor UAC-0056 Targeting Ukraine with Fake Translation Software](https://app.box.com/s/howogtsvvmqdljp5y4iupj6udhr970mv)
* Mar 15 - [Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and ](https://app.box.com/s/xlvqxbk7fgpgz8zzu38u0ppaobq3nvg3)
* Mar 10 - [Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups](https://app.box.com/s/r0nmwkejtgytsl6q6i60hrwxgbdbzetz)
* Mar 09 - [Very very lazy Lazyscripter's scripts: double compromise in a single obfuscation](https://app.box.com/s/3rr58tcaqth9rn1ege689pq4f94zjsgx)
* Mar 08 - [A Summary of APT41 Targeting U.S. State Governments](https://app.box.com/s/jtahutqqimavakqi7ynau7sdxrvrsw3s)
* Mar 03 - [Distribution of malicious Hangul documents disguised as press releases for the 20th presidential election](https://app.box.com/s/6xy2tbwriztdpy8frdkjknwvfta61n2z)
* Mar 02 - [HermeticWiper and PartyTicket Targeting Computers in Ukraine](https://app.box.com/s/t5hdmw12wxi1vi0nwnvz4tv8zeh1quc8)
* Mar 01 - [Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement](https://app.box.com/s/u534ihlwhaxv8k1wke1aos1d4cqwui2f)
* Mar 01 - [IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine](https://app.box.com/s/5ieu30a7o5c6pxdqxiok5jl7mg1yeiea)
* Feb 26 - [Destructive Malware Targeting Organizations in Ukraine](https://app.box.com/s/ap7ff8tdnem5jfchj71odbpye700vy98)
* Feb 25 - [OutSteel, SaintBot Delivered by Spear Phishing Attacks Targeting Ukraine](https://app.box.com/s/zu56d4dlvwyeik8spst0ct2mr0o7mo8c)
* Feb 24 - [Nobelium Returns to the Political World Stage](https://app.box.com/s/grtbac6jg31vc1dkogzj6ahzd886luay)
* Feb 24 - [Telegram Malware Spotted in Latest Iranian Cyber Espionage Activity](https://app.box.com/s/faiqlsm5s7q931y1j2kgi1mlmxjfwd70)
* Feb 24 - [SockDetour Backdoor Targets U.S. Defense Contractors](https://app.box.com/s/sp477maf6mq20whuv6gk4pr3us0xas7c)
* Feb 24 - [Ukraine: Disk-wiping Attacks Precede Russian Invasion](https://app.box.com/s/0rgnnq0iav3fb7nrpfutf3pynwbpqsv2)
* Feb 24 - [Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks](https://app.box.com/s/653jbuah6rtf91u8v6sz330fka14gy8z)
* Feb 23 - [UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware](https://app.box.com/s/1zhix5sctq830bokn4in5tc7q6ks8u8r)
* Feb 23 - [HermeticWiper - New Destructive Malware Used In Cyber Attacks on Ukraine](https://app.box.com/s/h298v7gvjrs3yla6djys8pir9vayv6vo)
* Feb 17 - [Iranian-Aligned Threat Actor ](https://app.box.com/s/q1943pvy0ps4oftxo5iad7ngt4py5y51)
* Feb 16 - [North Korea-linked APT attack found disguised as a digital asset wallet service customer center](https://app.box.com/s/sn6863bx5gk1i1o2kw7t5m2fk5s1f6iq)
* Feb 16 - [APT Group LOREC53 (Lori Bear) Recently Launched A Large-Scale Cyber Attack On Ukraine](https://app.box.com/s/japcw7r6uxnvyenklx06h21veadvdxvy)
* Feb 16 - [BabaDeda and LorecCPL downloaders used to run Outsteel against Ukraine](https://app.box.com/s/uobrphf3bkfzyy4wt9tqh41v4m09bggk)
* Feb 15 - [Charting TA2541's Flight](https://app.box.com/s/7vgs0ycvhmheyxski6g4766n9i49gq6i)
* Feb 15 - [Guard Your Drive from DriveGuard: Moses Staff Campaigns Against Israeli Organizations Span Several Months](https://app.box.com/s/7p28si8yrjdrag1cvr43843itdscx8ur)
* Feb 14 - [The APT fallout of vulnerabilities such as ProxyLogon in Exchange (Hafnium), OGNL injection, and log4shell](https://app.box.com/s/mkk5m9l8oozhmwvkqwqkc4uosuwqd6ru)
* Feb 09 - [Modified Elephant APT and a Decade of Fabricating Evidence](https://app.box.com/s/u4ugjnwl2w9f7pdfz22uh1l7cqc3xpdr)
* Feb 08 - [Ugg Boots 4 Sale: A Tale of Palestinian-Aligned Espionage](https://app.box.com/s/tkiardlg3bj6k1llkdnnr9n9glxj4246)
* Feb 07 - [Roaming Mantis reaches Europe](https://app.box.com/s/49t7lzqqzep1wj8nd6gu4i8bosi8ms8v)
* Feb 04 - [ACTINIUM targets Ukrainian organizations](https://app.box.com/s/0qxv3fc5yx2j8lbv1ftlvmaakuy0nrsk)
* Feb 03 - [Gamaredon (Primitive Bear) Russian APT Group Actively Targeting Ukraine](https://app.box.com/s/bhitsulabbr6y4d8jz56ljweejy7htqf)
* Feb 03 - [Antlion Chinese APT Uses Custom Backdoor to Target Financial Institutions in Taiwan](https://app.box.com/s/5ig1yhx66416nra8b9bdpgla1cbg0aoe)
* Feb 02 - [Cyber attack of UAC-0056 group on state organizations of Ukraine using malicious programs SaintBot and OutSteel (CERT-UA #3799)](https://app.box.com/s/gti3fn10hlnanb6c7y50g5n16w8t4cqc)
* Jan 31 - [Shuckworm Continues Cyber-Espionage Attacks Against Ukraine](https://app.box.com/s/px3ro986hh3mvw0hqxr9n9n45tilygy2)
* Jan 31 - [A detailed analysis of Lazarus APT malware disguised as Notepad++ Shell Extension](https://app.box.com/s/0gxt5eqkmufgjev73f11zu3yx20yjlhk)
* Jan 27 - [Observations from the StellarParticle Campaign](https://app.box.com/s/hbbt1tdp1nr2p7tesf1qqm9ehgn8bgfu)
* Jan 27 - [North Korea's Lazarus APT leverages Windows Update client, GitHub in latest campaign](https://app.box.com/s/iv0aw805g6rsqt0fqk4rm7wbujl90oev)
* Jan 26 - [BfV Cyber-Brief Nr. 01/2022](https://app.box.com/s/d4x8p8nu3658yhlwarws1b8tq3h80g6w)
* Jan 25 - [Prime Minister's Office Compromised: Details of Recent Espionage Campaign](https://app.box.com/s/ob3ngre0h78qxu0r7u40f810ejd7g57i)
* Jan 20 - [False flag or upgrade? Suspected sea lotus uses the Glitch platform to reproduce the attack sample](https://app.box.com/s/yaffihlkuu2yavua8gudd3ctqzikza6x)
* Jan 20 - [New espionage attack by Molerats APT targeting users in the Middle East](https://app.box.com/s/rdyrweucsdh23c55ts8eohtmtw4h7n71)
* Jan 11 - [Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure](https://app.box.com/s/koq21d7ksa28pr3oyq0cbyo1gdbho2u3)
* Jan 05 - [Kimsuky Group's APT Attacks (AppleSeed, PebbleDash)](https://app.box.com/s/iygnjm6cv5mwzlry3ct3dtor049ci6pk)
## 2021
* Dec 10 - [Phishing Campaign Targeting Korean to Deliver Agent Tesla New Variant](https://app.box.com/s/03bx0kiz8yyy8x2k8qh0ravuucb6sapq)
* Nov 07 - [Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer](https://app.box.com/s/73oze0g532ngowz0wocvgw31o20u976u)
* Sep 23 - [Operation Armor Piercer: Targeted attacks in the Indian subcontinent using commercial RATs](https://app.box.com/s/5zr8u8h2xy4tbllcxhashoq48cyetlfk)
* Sep 14 - [APT Group Targets Indian Defense Officials Through Enhanced TTPs](https://app.box.com/s/x6otivaxer0pf3hmkfzgwchig41xr7ac)
* Sep 14 - [APT Group Targets Indian Defense Officials Through Enhanced TTPs](https://app.box.com/s/x6otivaxer0pf3hmkfzgwchig41xr7ac)
* Sep 02 - [FIN7 Using Windows 11 Alpha-Themed Docs to Drop Javascript Backdoor](https://app.box.com/s/33zj46v2nv1cxiging8hc1w4j4zy05ip)
* Aug 24 - [APT41 Resurfaces as Earth Baku With New Cyberespionage Campaign](https://app.box.com/s/qtqlwejty7xz8wj8osz98webycgo5j9x)
* Aug 23 - [Kimsuky Espionage Campaign](https://app.box.com/s/t7evyuuhbdiqo9q3mtowy9exwn9flner)
* Aug 17 - [North Korean APT InkySquid Infects Victims Using Browser Exploits](https://app.box.com/s/c2iqdutgo5p6de0dfe3f6mh9flinb8q7)
* Jul 14 - [LuminousMoth APT: Sweeping attacks for the chosen few](https://app.box.com/s/v7po0a45ua8rz0vhbb7pnc6gocrs3lfq)
* Jul 07 - [ InSideCopy: How this APT continues to evolve its arsenal ](https://app.box.com/s/6cqbzi2d8nerurekjgw9e7e0pgi828ni)
* Apr 30 - [PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector](https://app.box.com/s/ktld8f7rvgtwn8g6zgx2stx26xypr7ck)
* Mar 02 - [New nation-state cyberattacks](https://app.box.com/s/5mz8kyhvzxks9walmcq2ofsdtk1ics3h)
## 2020
* Aug 26 - [Transparent Tribe: Evolution analysis, part 2](https://app.box.com/s/2cpsj31ackb2zx5mzayhds76mcndofxr)
* Aug 20 - [Transparent Tribe: Evolution analysis, part 1](https://app.box.com/s/ujm0zncu4yslx1tvu6aes0qzm5nhvjyg)
* Mar 25 - [This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits](https://app.box.com/s/fiy6f8qswv4yn57kj40gjd56k324vwli)
## 2019
* Dec 18 - [Untangling Legion Loader's Hornet Nest of Malware](https://app.box.com/s/k5zrxyqw1q5aoaog5allrvzakqw5q62h)
* Nov 05 - [DarkUniverse - the mysterious APT framework 27](https://app.box.com/s/art5rlfy1079wxmma9c0wu0jjtax2a55)
* Oct 31 - [Calypso APT: new group attacking state institutions](https://app.box.com/s/7vzrq3frrll02n1gx4ssbtljnbgl0h7w)
* Oct 19 - [Operation Ghost](https://app.box.com/s/vx5jjdejjunjzizwsfl7g4gm163vn4nh)
* Oct 14 - [Huge Fan of Your Work: TURBINE PANDA C919 Passenger Jet](https://app.box.com/s/c9dbxjqdb52l6im90wzt5qom9pho22vo)
* Oct 07 - [The Kittens Are Back in Town 2](https://app.box.com/s/mnhv0kovo856xhocnetpcu1ta5f3iju2)
* Oct 03 - [AVIVORE - Hunting Global Aerospace through the Supply Chain](https://app.box.com/s/jzzs9epfezg1oxqthimjsi4llk0hxhpo)
* Sep 18 - [Tortoiseshell Group Targets IT Providers in Saudi Arabia in Probable Supply Chain Attacks](https://app.box.com/s/ovf9il8mblb3szopr9q6gw2en6k61e4p)
* Aug 19 - [GAME OVER: Detecting and Stopping an APT41 Operation](https://app.box.com/s/tm7vgs6gp84kz44xee2oh8xdqesnnmn5)
* Aug 12 - [Recent Cloud Atlas activity](https://app.box.com/s/i3x6bxmcche1jwn0j91tll3ln3shzyk6)
* Aug 07 - [APT41: A Dual Espionage and Cyber Crime Operation](https://app.box.com/s/0pvkz8uf1ozvinoec0sufupzzhblkumn)
* Aug 07 - [APT41: A Dual Espionage and Cyber Crime Operation](https://app.box.com/s/tijt08320isuaywxn1swd2uvbus7v7zl)
* Jul 18 - [Hard Pass: Declining APT34's Invite to Join Their Professional Network](https://app.box.com/s/xrhqs26aajdbb92ivgoenotrdykup5uu)
* Jul 09 - [Sea Turtle keeps on swimming, finds new victims, DNS hijacking techniques](https://app.box.com/s/nnixcicwsuf8f5l1k1cxq7e36rp0q1bf)
* Jun 25 - [Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers](https://app.box.com/s/mulzqlcbp076rv44ku9rcmjaw3fjkqhm)
* Jun 20 - [Waterbug: Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments](https://app.box.com/s/u5p5eae02amqr2n0zg7017cx43t1icwz)
* Apr 25 - [CARBANAK Week Part Four: The CARBANAK Desktop Video Player](https://app.box.com/s/30mizln4f525yv482qqampa8vybjj764)
* Apr 24 - [CARBANAK Week Part Three: Behind the CARBANAK Backdoor](https://app.box.com/s/rel5slouyleepdl3u7xilbmzsuk091n3)
* Apr 23 - [CARBANAK Week Part Two: Continuing the CARBANAK Source Code Analysis](https://app.box.com/s/etrhh2gb4df9sybsieg3xs1j9mx6yw8s)
* Apr 22 - [CARBANAK Week Part One: A Rare Occurrence](https://app.box.com/s/l3dcqd6i8rnmxgi0ykd9zfmlwctcaq1g)
* Apr 17 - [DNS Hijacking Abuses Trust In Core Internet Service](https://app.box.com/s/dtb6vitjf1ytxlemaszvktq12k1pr8ck)
* Apr 02 - [OceanLotus APT Group Leveraging Steganography](https://app.box.com/s/xcpoqhjuinsed58c8b36mo8omkf6ikcv)
* Mar 25 - [Pat Bear (APT-C-37)](https://app.box.com/s/gv5ug3d8shq5d6uuj6vb8nfgemtpznil)
* Feb 27 - [A Peek into BRONZE UNION's Toolbox](https://app.box.com/s/i8anwgmoww6w8xwow43uwxrfrqz6irkz)
* Feb 20 - [Attacks Of The Lazarus Cybercriminal Group Attended To Organizations In Russia](https://app.box.com/s/7vam6qq35nn1a7se265galj9i2tyzhwo)
* Jan 30 - [Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities](https://app.box.com/s/s41gyec3zirgpgysovuhc2dj065ecrdy)
## 2018
* Dec 13 - [Shamoon 3 Targets Oil and Gas Organization](https://app.box.com/s/6suj8mg93cyvduhx0ie2ts5ikki3ox2y)
* Dec 12 - [https://securingtomorrow.mcafee.com/blogs/other-blogs/mcafee-labs/operation-sharpshooter-targets-global-defense-critical-infrastructure/](https://app.box.com/s/vsx9duzr1pzh67ua7oqzit2ydprpwpgb)
* Oct 17 - [Operation Oceansalt Delivers Wave After Wave](https://app.box.com/s/ltu4qau4bolnol75znojizgczf1xsh2x)
* Sep 07 - [Domestic Kitten: An Iranian Surveillance Operation](https://app.box.com/s/48z6mq7k6xlzicxbj9360eskrta92fbm)
* Aug 30 - [Two Birds, One STONE PANDA](https://app.box.com/s/uupum93o78ta8zw7fsl8fv3nyzlpsvpi)
* Aug 22 - [OPERATION "Rocket Man"](https://app.box.com/s/93olse6t4ugbbpqe3wdjmxgi4efbjq7v)
* Aug 20 - [Russian Army Exhibition Decoy Leads to New BISKVIT Malware](https://app.box.com/s/9y7hpv3evobjjpw8c3mnq1sgrqrxpt4d)
* Jul 10 - [APT Trends Report Q2 2018](https://app.box.com/s/ws8ul8en6if6gfh3dde9od2kgstvijji)
* Jun 19 - [Olympic Destroyer is still alive](https://app.box.com/s/v49iu7e3x1tawdlpcj7f0wp76js4tl3i)
* Jun 13 - [LuckyMouse hits national data center to organize country-level waterholing campaign](https://app.box.com/s/325jld1s8ymwd8a56jcao39i6cbc1m8g)
* May 22 - [The destruction of APT3](https://app.box.com/s/w317rctu3q7wwn8pzy51fgwuvshsd2ig)
* May 09 - [Iran's Hacker Hierarchy Exposed](https://app.box.com/s/qeoob1udtmrfbuivwhs0bbth62g2x7mu)
* May 04 - [Burning Umbrella](https://app.box.com/s/fg13wm1gi656siqyxm1zegy6mubhu523)
* Apr 23 - [Energetic Bear/Crouching Yeti: attacks on servers](https://app.box.com/s/mmsfl4zgirj7zlncmx5162vkn1n6q0f2)
* Apr 20 - [Follow The Money: Dissecting the Operations of the Cyber Crime Group FIN](https://app.box.com/s/74lm8z2znl12kfeufvkruzo659iogms6)
* Apr 05 - [M-TRENDS2018](https://app.box.com/s/9r6yokyvcgwedbgdwtk80w54ai2ut8dt)
* Mar 28 - [Lazarus Group Targets More Cryptocurrency Exchanges and FinTech Companies](https://app.box.com/s/yepeditzh0t0upifbucv99utoretbbzl)
* Mar 10 - [APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS](https://app.box.com/s/4qi7z4cclbg0746pa1x3qfpxtn6zamfd)
* Mar 08 - [Hidden Cobra Targets Turkish Financial Sector With New Bankshot Implant](https://app.box.com/s/a5yxk9ttke0l3wg054ub6tgb54hwp35a)
* Mar 01 - [Industrial Control System Threats](https://app.box.com/s/w9t6wtjcwv393lkspa75yxxr04umqqzw)
* Feb 20 - [APT37 (Reaper): The Overlooked North Korean Actor](https://app.box.com/s/144qx5sbghcvom6k0ivz77h1t5gbg3d8)
* Jan 18 - [Turla group update Neuron malware](https://app.box.com/s/o72u9tsw4zifxmktac4oreizhlud67ga)
* Jan 18 - [Dark Caracal Cyber-espionage at a Global Scale](https://app.box.com/s/f1zm9fcemfnuthad4yb8oz2rbplc3t41)
* Jan 12 - [Update on Pawn Storm: New Targets and Politically Motivated Campaigns](https://app.box.com/s/1wrl9umiiziapt9qxnt3kyv195k1kjui)
## 2017
* Dec 19 - [North Korea Bitten by Bitcoin Bug](https://app.box.com/s/xez1hl78xz2l55mqe5cqvlwb5ytckhxf)
* Dec 14 - [Attackers Deploy New ICS Attack Framework "TRITON" and Cause Operational Disruption to Critical Infrastructure](https://app.box.com/s/yvlm1esfazyp5ktx6ximkj2l9nkh6sk9)
* Dec 14 - [TRISIS Malware](https://app.box.com/s/lczcjm4izqlu3fuve5lf7yof2gpcxn0h)
* Dec 05 - [Charming Kitten: CSV Data](https://app.box.com/s/gair4givf0gt8ga4c65vtkj3na9wba2n)
* Dec 05 - [Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists](https://app.box.com/s/3eqrk7r3hvx4e61vznh61mmw75u3zira)
* Nov 30 - [Inside the Response of a Unique CARBANAK Intrusion](https://app.box.com/s/egwg3so00e433s191jow7xlb1o27z7m7)
* Nov 22 - [Turla group using Neuron and Nautilus tools alongside Snake malware](https://app.box.com/s/316mbg901wxjdarmtdlj6v4qv29a0ge8)
* Nov 22 - [The Carbanak/Fin7 syndicate](https://app.box.com/s/kos1krnm5s1r47do98nlyv6y9jcybf12)
* Nov 08 - [OilRig Deploys "ALMA Communicator" - DNS Tunneling Trojan](https://app.box.com/s/bseq5v27hez248arjyaypa7nt03omjvx)
* Nov 07 - [Threat Group APT28 Slips Office Malware into Doc Citing NYC Terror Attack](https://app.box.com/s/1utq97k5oowxze0qsvbeur8u4zs0yny5)
* Nov 06 - [OceanLotus Blossoms: Mass Digital Surveillance and Attacks Targeting ASEAN](https://app.box.com/s/hqvakm9c1tqmsq69xz253rhpwipb44vf)
* Nov 06 - [ChessMaster's New Strategy: Evolving Tools and Tactics](https://app.box.com/s/0rt1hrxzbo2il7vmjfyye25qrgdabova)
* Nov 02 - [The KeyBoys are back in town](https://app.box.com/s/fjeyg8km8vu1a2bu0itwe9pv8zqfl3gs)
* Oct 27 - [Investigation: WannaCry cyber attack and the NHS ](https://app.box.com/s/gevfjbqv1n4j9j80zvtj2eh9lx1nlrs5)
* Oct 27 - [Tracking Subaat: Targeted Phishing Attack Leads to Threat Actor's Repository](https://app.box.com/s/35pitp2iml5h6y1b420kbojn82k2hcdl)
* Oct 26 - [Remote Control Interloper: Analyzing New Chinese htpRAT Attacks Against ASEAN](https://app.box.com/s/ecn72owuoet5p0f916qutvsqv20rmmps)
* Oct 24 - [Iranian Threat Agent Greenbug Impersonates Israeli High-Tech and Cyber Security Companies](https://app.box.com/s/fga01c36ebgqga5ic0a4o73j5jq9vdvr)
* Oct 22 - [Cyber Conflict Decoy Document Used In Real Cyber Conflict](https://app.box.com/s/pm3fv6ll7l10d3qfcld1w4l0bqy5ajxo)
* Oct 16 - [BlackOasis APT and new targeted attacks leveraging zero-day exploit](https://app.box.com/s/8ydblix231swgmjochzrvchwxcedis8z)
* Oct 16 - [Taiwan Heist: Lazarus Tools And Ransomware](https://app.box.com/s/t3sys73oilmytcsz38e6ihnjbp4ymxyo)
* Oct 02 - [Evidence Aurora Operation Still Active: Supply Chain Attack Through CCleaner part2](https://app.box.com/s/pszqtsxza5quthzuz31pqwypaf6idzum)
* Sep 28 - [Threat Actors Target Government of Belarus Using CMSTAR Trojan](https://app.box.com/s/d8vup5qyc8poenl8e760pzau9mt0kdih)
* Sep 20 - [Evidence Aurora Operation Still Active: Supply Chain Attack Through CCleaner](https://app.box.com/s/o8rait7di3od2z60v8mj77x4a5jb2xun)
* Sep 12 - [CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY](https://app.box.com/s/mgz7lvnbg6bjhjognrlc7ovqdcqpbhgo)
* Sep 06 - [Dragonfly: Western energy sector targeted by sophisticated attack group](https://app.box.com/s/4kpnzlrdqdcg3cq02hz4zj8nmjd9iywi)
* Aug 30 - [Gazing at Gazer](https://app.box.com/s/sqiber6gp1q75h6r4eq89fjeeur2mz8h)
* Aug 30 - [Introducing WhiteBear](https://app.box.com/s/ck26ekr69wmhxk6hyii507o09p20eixs)
* Aug 18 - [Russian Bank Offices Hit with Broad Phishing Wave](https://app.box.com/s/xgtoqdnl8tdviws0jgvxnj8oniia4qqr)
* Jul 27 - [ChessMaster Makes its Move: A Look into the Campaign's Cyberespionage Arsenal](https://app.box.com/s/g91aiwwkewqq147ueb0zj9okpfvs9z8m)
* Jul 25 - [Operation Wilted Tulip](https://app.box.com/s/s0c9085u0otvi6slu121mqikt5h5dzvn)
* Jul 18 - [Cyberattacks Against Ukrainian ICS](https://app.box.com/s/73gjx8wibk847zi2zq8cya9fj1ycqqxe)
* Jul 18 - [Inexsmar: An unusual DarkHotel campaig](https://app.box.com/s/mlbeyha2vu6a5b8ystgdk6fdew4f6r98)
* Jul 05 - [An intrusion campaign targeting Chinese language news sites](https://app.box.com/s/kbror3u3vgqkn7u167u34fg41dtxwfpy)
* Jun 30 - [TeleBots are back: supply-chain attacks against Ukraine](https://app.box.com/s/740pmk3f6nrhfbj9nmcvovc64oah2ibi)
* Jun 30 - [From BlackEnergy to ExPetr](https://app.box.com/s/n13ohbzc6qkod8yqxay19pnltnecchev)
* Jun 23 - [Bronze Butler](https://app.box.com/s/fz7ranw75zxuh6mc1023igycp1x96fs4)
* Jun 15 - [North Korea Is Not Crazy](https://app.box.com/s/tb68b0jfrwg7ji1o01jw28def2lp86y7)
* Jun 14 - [KASPERAGENT Malware Campaign resurfaces in May Election](https://app.box.com/s/vye9qg0l3u5180jk03mwul4p7wlc3gvo)
* Jun 12 - [CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations](https://app.box.com/s/cl2m9xiifjoz0iajwthet2eaeyp26e13)
* Jun 12 - [WIN32/INDUSTROYER A new threat for industrial control systems](https://app.box.com/s/ec8zyav7snvm6vsfhy8ocvvngphe8lqp)
* Jun 07 - [PLATINUM continues to evolve, find ways to maintain invisibility](https://app.box.com/s/iryvk6gcqx4qyzfn245ruoo7syyex2yv)
* Jun 06 - [Privileges and Credentials: Phished at the Request of Counsel](https://app.box.com/s/sj821a63jgyif6xv2yz4gnut8kxgg7lo)
* May 25 - [TAINTED LEAKS Disinformation and Phishing With a Russian Nexus](https://app.box.com/s/wiis486wq7lyb64necfw3qwieikezs40)
* May 24 - [Operation Cobalt Kitty Threat Actor Profile & IOC](https://app.box.com/s/qmhs1k5awl5ibders0bwdlt9f9omhm4m)
* May 24 - [Operation Cobalt Kitty: A large-scale APT in Asia carried out by the OceanLotus Group](https://app.box.com/s/0bfouh1vvqc8esyh7tdvw2ttpsqzu1kh)
* May 17 - [Recorded Future Research Concludes Chinese Ministry of State Security Behind APT3](https://app.box.com/s/rkactl8fr73y037u6fypz700i4e2dk2m)
* May 14 - [Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations](https://app.box.com/s/zutjtgdovy2dc32ktf5347y46eslqxq0)
* May 11 - [Cyber Attack Impersonating Identity Of Indian Think Tank To Target Central Bureau Of Investigation (cbi) And Possibly Indian Army Officials](https://app.box.com/s/mmr87n5onrrqiz8gnt93vvifpwn1rvah)
* Apr 27 - [APT Targets Financial Analysts with CVE-2017-0199](https://app.box.com/s/thla4hs15c78z638bw7g5fmjlixmex9b)
* Apr 10 - [Longhorn: Tools used by cyberespionage group](https://app.box.com/s/jpmrhxe5hbpjv7l7a8x0hlusep41zo5q)
* Apr 07 - [The Blockbuster Sequel](https://app.box.com/s/lmzdurawuli1a65uvx4g6e8b9jvede3f)
* Apr 03 - [Lazarus Under The Hood](https://app.box.com/s/np8kzut76ruc8whb32v7jpexx4bils6z)
* Apr 03 - [Operation Cloud Hopper](https://app.box.com/s/ifeoa5huug0aqdecsniw7jmrxym0k85i)
* Mar 30 - [Carbon Paper: Peering into Turla second stage backdoor](https://app.box.com/s/vmzqwqfrmtdjemtdaei60jqu5qrouwrt)
* Mar 28 - [Dimnie: Hiding in Plain Sight](https://app.box.com/s/scdmr7ekxhx4ktprct29ojxyllr41bjq)
* Mar 27 - [APT29 Domain Fronting With TOR](https://app.box.com/s/8ytb4nym7whlldfvsaivnmsut9ole32h)
* Mar 14 - [Operation Electric Powder - Who is targeting Israel Electric Company?](https://app.box.com/s/w3udybssqsvhno4ekivacbqaetdidjjr)
* Mar 07 - [FIN7 Spear Phishing Campaign Targets Personnel Involved in SEC Filings](https://app.box.com/s/7f2wiynwlbi58vsv206zn0695id5nl0k)
* Mar 06 - [From Shamoon to StoneDrill](https://app.box.com/s/olc867zxc9nkjzm3wkjwi0b0e2awahtn)
* Feb 27 - [The Deception Project: A New Japanese-Centric Threat](https://app.box.com/s/5l02xyf45l1gww8vet75vom5jmn32m0h)
* Feb 27 - [The Gamaredon Group Toolset Evolution](https://app.box.com/s/9wb59m0q2nw315jshwr3launllnnqtht)
* Feb 23 - [Dissecting the APT28 Mac OS X Payload](https://app.box.com/s/l7n781ig6n8wlf1aff5hgwbh4qoi5jqq)
* Feb 22 - [Spear Phishing Techniques Used in Attacks Targeting the Mongolian Government](https://app.box.com/s/sgzri8xt5l6gaodokuvvfjt7emzu0z4o)
* Feb 21 - [Additional Insights on Shamoon2](https://app.box.com/s/dt59pijmmnxc3no13g55jbdr325fpnhs)
* Feb 20 - [Lazarus' False Flag Malware](https://app.box.com/s/t5f8jofli5p969wsc0lydfdzihbnto93)
* Feb 17 - [ChChes - Malware that Communicates with C&C Servers Using Cookie Headers](https://app.box.com/s/ud9z8kc33scu3fwbon1at9lcul9h9hw3)
* Feb 16 - [Breaking The Weakest Link Of The Strongest Chain](https://app.box.com/s/wlwdugbbup1g3kb0ol71eh74qo6e67pd)
* Feb 16 - [ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar](https://app.box.com/s/n2ruyugtbigi6yyvg6u2xmt32eyqn8gx)
* Feb 15 - [Operation Bugdrop: Cyberx Discovers Large-Scale Cyber-Reconnaissance Operation Targeting Ukrainian Organizations](https://app.box.com/s/uyl8gatur9prvuv4z0ghjakdcvv5zkrf)
* Feb 15 - [The Full Shamoon: How the Devastating Malware Was Inserted Into Networks](https://app.box.com/s/jymqnbm1hyqxboljaq7rv4p3mzizqd0c)
* Feb 15 - [Iranian PupyRAT Bites Middle Eastern Organizations](https://app.box.com/s/ztp64lp34bn9ax4vithevntn6pab6sxz)
* Feb 15 - [Magic Hound Campaign Attacks Saudi Targets](https://app.box.com/s/qg2l481eu51ab9znszagv2ktlh4bh9z5)
* Feb 12 - [Lazarus & Watering-Hole Attacks](https://app.box.com/s/7wh9z15na9c823vtwo8fhyu2qt6a57df)
* Feb 10 - [Cyber Attack Targeting Indian Navy's Submarine And Warship Manufacturer](https://app.box.com/s/zdwfwsi2pw1081j2reu3qotz577g7pt6)
* Feb 10 - [Enhanced Analysis of GRIZZLY STEPPE Activity](https://app.box.com/s/zfhxta0cuh9yycoelyzaxgc03ir4b18u)
* Feb 03 - [KingSlayer A Supply chain attack](https://app.box.com/s/u4dkqqj56anyzuhxvg890k7d3g0oybyu)
* Feb 03 - [Several Polish banks hacked, information stolen by unknown attackers](https://app.box.com/s/7s2s43nlaqxllf4ugef1vyvkm3mr0ryt)
* Feb 02 - [Nile Phish: Large-Scale Phishing Campaign Targeting Egyptian Civil Society](https://app.box.com/s/3140tmwszf3q0ywh3jl9uhwjxyckmgv5)
* Jan 19 - [URI Terror Attack & Kashmir Protest Themed Spear Phishing Emails Targeting Indian Embassies And Indian Ministry Of External Affairs](https://app.box.com/s/aw4frbwy7jj5iqlhn9mas4qmc8ogfljg)
* Jan 15 - [Bear Spotting Vol. 1: Russian Nation State Targeting of Government and Military Interests](https://app.box.com/s/7q3rd2vov9uhkxmbpqax8vsdjafxnebm)
* Jan 14 - [A Pretty Dope Story About Bears: Early Indicators of Continued World Anti-Doping Agency (WADA) Targeting](https://app.box.com/s/7i5o08f6dd9j6idvav7kwek3sg0cyw5n)
* Jan 11 - [At the Center of the Storm: Russia's APT28 Strategically Evolves its Cyber Operations](https://app.box.com/s/bh072li8eyb2daq5cnd88l1lms6ujhgf)
* Jan 05 - [Foreign Cyber Threats to the United States](https://app.box.com/s/a2yfu1q6j67gi6om5uum34if5cnztln2)
* Jan 05 - [Mm Core In-Memory Backdoor Returns As Bigboss And Sillygoose](https://app.box.com/s/4et31m42g0m8b1cj2ly2idlgruli1io6)
* Jan 05 - [DragonOK Updates Toolset and Targets Multiple Geographic Regions](https://app.box.com/s/50tu7yfcrcj3ntj6b894rq6londdps34)
* Jan 05 - [Iranian Threat Agent OilRig Delivers Digitally Signed Malware, Impersonates University of Oxford](https://app.box.com/s/o3jg5us2c3lmeszk1m09hmenca0xnmgc)
* Jan 01 - [The Digital Plagiarist Campaign: TelePorting the Carbanak Crew to a New Dimension](https://app.box.com/s/7pr8b7cy9liv1bi88ha7frtzgrjycex3)
## 2016
* Dec 29 - [GRIZZLY STEPPE - Russian Malicious Cyber Activity](https://app.box.com/s/5q1827f6ig94an0buhsk9i8k7e0eju8w)
* Dec 28 - [Bear Hunting Season: Tracking APT28 ](https://app.box.com/s/py4k1124p7hqacfb6dlkghvsh5xte2zw)
* Dec 22 - [Use of Fancy Bear Android Malware tracking of Ukrainian Artillery Units](https://app.box.com/s/8lj785rl608lsmf80bwvtuxb7b9mscxy)
* Dec 21 - [Danger Close: Fancy Bear Tracking of Ukrainian Field Artillery Units](https://app.box.com/s/77t5ropot0e1yy0r1i5g8s9bsvvnq6t3)
* Dec 15 - [Let It Ride: The Sofacy Group's DealersChoice Attacks Continue](https://app.box.com/s/7u92nzu48zg6kq0pmtlh9pj8p6jmjmrt)
* Dec 14 - [PROMETHIUM and NEODYMIUM: Parallel zero-day attacks targeting individuals in Europe](https://app.box.com/s/12f9s3qxwk4oyr1vwfpaxco9p50xc2v8)
* Nov 30 - [Malware Actors Using Nic Cyber Security Themed Spear Phishing To Target Indian Government Organizations](https://app.box.com/s/zsm16yh2sffqr9caehmifmvw2jrrwiga)
* Nov 17 - [It's Parliamentary: KeyBoy and the targeting of the Tibetan Community](https://app.box.com/s/q7rywbgt6s5c380vvjpk643ppcdtdl8v)
* Nov 14 - [New Carbanak / Anunak Attack Methodology](https://app.box.com/s/cbclbgiu54ihivxe7bvblwsv1e8jq44h)
* Nov 09 - [PowerDuke: Widespread Post-Election Spear Phishing Campaigns Targeting Think Tanks and NGOs](https://app.box.com/s/wd73vlkdiry8hibkbqvmtsn0bhmzkhgk)
* Nov 03 - [When The Lights Went Out: Ukraine Cybersecurity Threat Briefing](https://app.box.com/s/pbj4aeiapdbblzs19gzymgsk73sxbe56)
* Oct 27 - [BLACKGEAR Espionage Campaign Evolves, Adds Japan To Target List](https://app.box.com/s/ws5vsndqqi7s17ysrfa39260wqy2ktyt)
* Oct 27 - [En Route with Sednit Part 3: A Mysterious Downloader](https://app.box.com/s/p4ywd9iqr5fr48nbz5o0nfwwgjkq5itk)
* Oct 26 - [BITTER: A Targeted attack against Pakistan](https://app.box.com/s/iegu4jz7v3q0vcvgrkzrnq3w28q3pyne)
* Oct 26 - [Moonlight - Targeted attacks in the Middle East](https://app.box.com/s/f7p6hmdojxrh6mzs91yvjmpgz528b7h9)
* Oct 25 - [Houdini's Magic Reappearance](https://app.box.com/s/y4zzbao34iv483op59h1dettrwgoe7li)
* Oct 25 - [En Route with Sednit Part 2: Observing the Comings and Goings](https://app.box.com/s/lmaensc7vzdugsy1nsh4bwligl07q53b)
* Oct 20 - [En Route with Sednit Part 1: Approaching the Target](https://app.box.com/s/c7oz0zci5gxsbgnucxwah82bfdj0boe0)
* Oct 05 - [Apt Reports And Opsec Evolution, Or: These Are Not The Apt Reports You Are Looking For](https://app.box.com/s/6kow9e7d5ogd1qxskl5krels702fwyon)
* Oct 05 - [Wave your false flags! Deception tactics muddying attribution in targeted attacks](https://app.box.com/s/6smqqgagrck8ltwztwnw08x1ope6k0mi)
* Oct 03 - [On the StrongPity Waterhole Attacks Targeting Italian and Belgian Encryption Users](https://app.box.com/s/c9w0xp0mgndij268ku7ti5ee4lxu54bv)
* Sep 28 - [Belling the BEAR](https://app.box.com/s/xpj87wwmxjkl3cykpyjbekaqhb3v4py6)
* Sep 26 - [Sofacy's Komplex OS X Trojan](https://app.box.com/s/w1qrcz1z9bx2dwt4gegv0h940ex35hlt)
* Sep 18 - [Hunting Libyan Scorpions](https://app.box.com/s/pov6xl0nvac5iaq4kafyw7p8ylmx3p8d)
* Sep 06 - [Buckeye cyberespionage group shifts gaze from US to Hong Kong](https://app.box.com/s/0rfkkv27x039vbqsblzdsm530ii2ymjl)
* Aug 24 - [The Million Dollar Dissident: NSO Group's iPhone Zero-Days used against a UAE Human Rights Defender](https://app.box.com/s/adaa4lfxeohb7ehxv3ao6104gmvq226i)
* Aug 13 - [Visa Alert and Update on the Oracle Breach](https://app.box.com/s/ejrvucttqc6eanln2kkmqtjklg563jxg)
* Aug 08 - [Carbanak Oracle Breach](https://app.box.com/s/4sfhcqaaxwui1dbvd13254wm5wfy9bmk)
* Aug 08 - [The ProjectSauron APT](https://app.box.com/s/3n10k8gbwt7pfebhqjg8n2mwpo6m3u7j)
* Aug 07 - [Strider: Cyberespionage group turns eye of Sauron on targets](https://app.box.com/s/l6i8z1vz83uwzf2ycl94xnel5voddt5v)
* Aug 06 - [Moonsoon - Analysis of an APT Campaign](https://app.box.com/s/cdivyys0ej34bh9r151vybct5nlqy4l5)
* Aug 03 - [Operation Manul](https://app.box.com/s/0dhelcscwtesl3biuldgrbeddaffwneu)
* Jul 25 - [Patchwork cyberespionage group expands targets from governments to wide range of industries](https://app.box.com/s/8k4ikxiyz3od5bg6juqpjf99dcfdba4l)
* Jul 08 - [The Dropping Elephant - aggressive cyber-espionage in the Asian region](https://app.box.com/s/9yczw853br9y9bs98j44uwc3kx6e414y)
* Jul 07 - [NetTraveler APT Targets Russian, European Interests](https://app.box.com/s/u16hs4trjkamdxkb8xth6e5ugckr3230)
* Jul 07 - [Unveiling Patchwork the Copy Paste APT](https://app.box.com/s/r9pw9xbcy2fz2ssewg5p7lqyvtn1b6jc)
* Jul 01 - [Espionage toolkit targeting Central and Eastern Europe uncovered](https://app.box.com/s/kmb22xnoniwxfkhsw8r3tkpo5rko0w1a)
* Jul 01 - [Pacifier APT](https://app.box.com/s/xcu346jhiokohlj9300q6hif06swac57)
* Jun 30 - [Asruex: Malware Infecting through Shortcut Files](https://app.box.com/s/mxvgs6dx4kixjv5s29yc6m81kii8opbw)
* Jun 28 - [Prince of Persia Game Over](https://app.box.com/s/drj4vb73cv87ok5wks21rynlq3236793)
* Jun 26 - [Threat Group-4127 Targets Google Accounts](https://app.box.com/s/2y2p7im0bp3o5myvi5s9cxfchddn2zbd)
* Jun 23 - [Tracking Elirks Variants in Japan: Similarities to Previous Attacks](https://app.box.com/s/ki60vxvdi2wzqrsrqik0yvg4sdwsbbal)
* Jun 21 - [Visiting The Bear Den A Journey in the Land of (Cyber-)Espionage](https://app.box.com/s/ifsplrz92ssuo3mhgwadkgoc19e5y56e)
* Jun 20 - [Red Line Drawn: China Recalculates Its Use Of Cyber Espionage](https://app.box.com/s/jdk38pbsyaa19vb91uffmprn9oz4a2vr)
* Jun 20 - [Findings from Analysis of DNC Intrusion Malware](https://app.box.com/s/406jm438rm7s65du4d4qnj7iwj5bkphv)
* Jun 20 - [Reverse-engineering DUBNIUM's Flash-targeting exploit](https://app.box.com/s/rsvvnrm7ct991olqsvbqrie614xt9f3b)
* Jun 17 - [Operation Daybreak](https://app.box.com/s/dj0libdgcbb232zyhj3fq1ehkqyti1xm)
* Jun 17 - [Flash zero-day exploit deployed by the ScarCruft APT Group](https://app.box.com/s/0vp77yw58zhqmt9xoez6f7nmicbgkqrw)
* Jun 16 - [Threat Group 4127 Targets Hillary Clinton Presidential Campaign](https://app.box.com/s/jfku9mhjnf150uokw2owfxy0isj3pi28)
* Jun 16 - [Threat Group-4127 Targets Hillary Clinton Presidential Campaign](https://app.box.com/s/uy6iv3fj7akwzrj9zq1gv403b35twaoy)
* Jun 14 - [Group5: Syria and the Iranian Connection](https://app.box.com/s/2475tuv4oigvtrdy1jx6p2lct9ebzlcb)
* Jun 14 - [New Sofacy Attacks Against US Government Agency](https://app.box.com/s/49rs6u4cyq43khamdah90y9zyacjzmbr)
* Jun 09 - [Reverse-engineering DUBNIUM](https://app.box.com/s/f0xelxxs6ey9nms9fox1uugy8nuof40t)
* Jun 09 - [Operation DustySky Part 2 Indicators](https://app.box.com/s/q9amfvko7h3x9g4rgcno0vy25btsv1rw)
* Jun 09 - [Operation DustySky Part 2](https://app.box.com/s/ldd528ht55m4avot9b485mi6529f8c3r)
* Jun 04 - [Bears in the Midst: Intrusion into the Democratic National Committee](https://app.box.com/s/x5sz7dw4as54b1rif3mdtqwzzj2aek68)
* Jun 03 - [Apt Group Sends Spear Phishing Emails To Indian Government Officials](https://app.box.com/s/5hn3fparz8n2bmjpwzvxbds7gcnb7kum)
* Jun 03 - [APT Group Sends Spear Phishing Emails to Indian Government Officials](https://app.box.com/s/s0yj8qsfhkf81hpyrtdmhpv3lrmd5p5n)
* Jun 02 - [IRONGATE ICS Malware: Nothing to See Here...Masking Malicious Activity on SCADA Systems](https://app.box.com/s/6s871m2xa63x4ru8glto9crcv6kk8jor)
* May 29 - [Stealth Falcon](https://app.box.com/s/is08b06f6fj6a9z6wymf4u5y5xjm6opr)
* May 27 - [IXESHE Derivative IHEATE Targets Users in America](https://app.box.com/s/8glps1qnq0glc2c2b2wsmeb4019f9wpd)
* May 26 - [SWIFT attackers' malware linked to more financial attacks](https://app.box.com/s/hg658zohnowfcj62ofyt4av99xucdq0q)
* May 25 - [CVE-2015-2545: overview of current threats](https://app.box.com/s/ztb6a52hkbenfurrecc3jifk9b67ie79)
* May 24 - [New Wekby Attacks Use DNS Requests As Command and Control Mechanism](https://app.box.com/s/5dcx9g1lrt3m9y2wgmxpyiv4malmdnpp)
* May 23 - [Operation Ke3chang Resurfaces With New TidePool Malware](https://app.box.com/s/vwuocstge7xud74xhnw9s98h2m812pyr)
* May 23 - [APT Case RUAG Technical Report](https://app.box.com/s/rabwkf8pmoxndj0n0nlktvc2eti2381k)
* May 23 - [Targeted Attacks against Banks in the Middle East](https://app.box.com/s/43ovij7jz7isl93tow4s3f89yhuiwu4e)
* May 20 - [Attacks on SWIFT Banking System Benefit From Insider Knowledge](https://app.box.com/s/0dgvhevjt5e6all9h1zq1dsgyo2awzy7)
* May 18 - [Operation C-Major Actors Also Used Android BlackBerry Mobile Spyware Against Targets](https://app.box.com/s/xua6557tccyx7h0ksmjnu8u5bra3z15n)
* May 17 - [Indian organizations targeted in Suckfly attacks](https://app.box.com/s/nekeu5y0v2yk4rdwpuq8y1ahyyuaduen)
* May 17 - [Operation Groundbait:Analysis of a surveillance toolkit](https://app.box.com/s/hq5t0xjxxbkeulf942ufeiyf3k4zq9b6)
* May 17 - [Mofang: A politically motivated information stealing adversary](https://app.box.com/s/p2oftago51ohnku082ztx1kbvaa1lxps)
* May 06 - [Exploring CVE-2015-2545 and its users](https://app.box.com/s/g9pew9ajkp259c2t99mh4xspsev61hgm)
* May 02 - [Prince of Persia: Infy Malware Active In Decade of Targeted Attacks](https://app.box.com/s/zkjmru7uknf1p90mqn81ycf867le78tn)
* May 02 - [Turbo Twist: Two 64-bit Derusbi Strains Converge](https://app.box.com/s/ex6wh2qsg1c29sob6f70x1q6eoe3v64w)
* Apr 26 - [PLATINUM Targeted attacks in South and Southeast Asia](https://app.box.com/s/ursk78m124t1lagjnu2862kumrnoshcp)
* Apr 25 - [Two Bytes to $951M](https://app.box.com/s/49t6zpzjln2vvm2npdnzwtr0hkrxq37v)
* Apr 22 - [The Ghost Dragon](https://app.box.com/s/xr1ykgout1c9ho5rotpop09smkawg5me)
* Apr 21 - [Looking Into a Cyber-Attack Facilitator in the Netherlands (Appendix)](https://app.box.com/s/1vjcdqrpcvtb5fqfehk3ehxj6qh8eaf0)
* Apr 21 - [Looking Into a Cyber-Attack Facilitator in the Netherlands](https://app.box.com/s/ub5txv2ky12s7kuuv7d1vzqvkympepaq)
* Apr 18 - [Between Hong Kong and Burma: Tracking UP007 and SLServer Espionage Campaign](https://app.box.com/s/goyec2m2zwl5fi4sv3ayzwhudcfly1lv)
* Apr 13 - [The Four Element Sword Engagement](https://app.box.com/s/19ghms2qz9raaquoxu2bh3paoqyx545r)
* Mar 29 - [Taiwan targeted with new cyberespionage back door Trojan](https://app.box.com/s/xqh458fe1url7mgl072hhd0yxqw3x0jm)
* Mar 17 - [Taiwan Presidential Election: A Case Study on Thematic Targeting](https://app.box.com/s/lyradpx3h7eic3dyiz33ufiia0wj7otn)
* Mar 15 - [Suckfly: Revealing the secret life of your code signing certificates](https://app.box.com/s/p3tmorslyk9q1s3s6eul4xa4148o6fp2)
* Mar 10 - [Shifting Tactics Tracking Changes In Years Long Espionage Campaign Against Tibetans](https://app.box.com/s/wb0vzmvsgude6yby0d5bn02cxebuuvhc)
* Mar 01 - [Operation Transparent Tribe](https://app.box.com/s/2terwf3c3e8iunw8v7kj83p2zw44nns2)
* Feb 24 - [ FROM SEOUL TO SONY: THE HISTORY OF THE DARKSEOUL GROUP AND THE SONY INTRUSION MALWARE DESTOVER](https://app.box.com/s/xyyord0b806e6or2nh92coxw2areyyx4)
* Feb 24 - [Operation Blockbuster](https://app.box.com/s/rhn69xecfqe8k2abwmn43ilmd59y1we0)
* Feb 23 - [Operation Duststorm](https://app.box.com/s/dt9mscechq7heg83z7vgujp5ujjzd97c)
* Feb 12 - [A Look Into Fysbis: Sofacy's Linux Backdoor](https://app.box.com/s/2x3mrik225skob8rxd50rp63wlq0fp6v)
* Feb 09 - [Poseidon Group](https://app.box.com/s/94ct7ny9breqnyhdwmcyv982w9qj2rxi)
* Feb 08 - [Know Your Enemies 2.0: A Primer on Advanced Persistent Threat Groups](https://app.box.com/s/kj9eyf73oh2hi8zum6a8lygzqb5jhsm7)
* Feb 08 - [Attack On French Diplomat Linked To Operation Lotus Blossom](https://app.box.com/s/cbxo6pdyf8xua2eg5dn44ni47wbs0le0)
* Feb 04 - [T9000: Advanced Modular Backdoor Uses Complex Anti Analysis Techniques](https://app.box.com/s/u9eldsgol20dmuw0nljeqo9nlw4r9ms7)
* Feb 03 - [Emissary Trojan Changelog: Did Operation Lotus Blossom Cause It To Evolve](https://app.box.com/s/oyqcfzoa1hfq5evuymj5bqfitkqlfp4v)
* Jan 28 - [BlackEnergy APT Attacks in Ukraine employ spearphishing with Word documents](https://app.box.com/s/igygz8ihex1hok5r1dp215ui0gz1ghwr)
* Jan 24 - [Scarlet Mimic](https://app.box.com/s/zhour42vz6sxf7aws3oj70i1rd5ib8kx)
* Jan 20 - [New wave of cyberattacks against Ukrainian power industry](https://app.box.com/s/9wmebk32ymd1d6ryvl84wlqbpsi8rw5e)
* Jan 14 - [RESEARCH SPOTLIGHT: NEEDLES IN A HAYSTACK](https://app.box.com/s/6tlgwpp0u2lzahlrhtymkp2nnbtd421f)
* Jan 11 - [Uncovering the Seven Pointed Dagger](https://app.box.com/s/z1uanuv1vn3vw5iket1r6bqrmlra0gpn)
* Jan 07 - [Operation Dusty Sky (indicators)](https://app.box.com/s/5iym3huegu3ssaejl0rr268sr7qy6seb)
* Jan 07 - [Operation Dusty Sky](https://app.box.com/s/cydpeasz6l8cv9oo99o4tpazd5tq4xkm)
* Jan 03 - [BlackEnergy by the SSHBearDoor: attacks against Ukrainian news media and electric industry](https://app.box.com/s/uo31npu9sese34f1ppggmrug48x7rlqp)
## 2015
* Dec 23 - [ELISE: Security Through Obesity](https://app.box.com/s/xjjieg8w489osjfp4jk7vgum37a6ibro)
* Dec 22 - [BBSRAT Attacks Targeting Russian Organizations Linked to Roaming Tiger](https://app.box.com/s/noqd4tec6z6nfv8w4z48vzvwfo3goegl)
* Dec 16 - [Dissecting the Malware Involved in the INOCNATION Campaign](https://app.box.com/s/dl6izicyky1x946ueo77nn2w8c5jxgm3)
* Dec 10 - [Evolution of Cyber Threats in the Corporate Sector](https://app.box.com/s/ql84nxbrheluzhi3bt7k48damnuz00u5)
* Dec 07 - [Iran-based attackers use back door threats to spy on Middle Eastern targets](https://app.box.com/s/oeix6b4jcwdkwyrzq35brtmq2ktoyxnw)
* Nov 23 - [PEERING INTO GLASSRAT: A Zero Detection Trojan from China](https://app.box.com/s/3jg797vagekvf1xjyz1j49esdhm4fmjs)
* Nov 16 - [Microsoft Security Intelligence Report (Volume 19)](https://app.box.com/s/qjvx7sdbo7cufb5b8putfyqn8ku82xq2)
* Nov 09 - [Rocket Kitten: A Campaign With 9 Lives](https://app.box.com/s/vhe51fr5m6kqqzbkkcuukta6nucn9p6a)
* Oct 15 - [Pay No Attention to the Server Behind the Proxy: Mapping FinFisher's Continuing Proliferation](https://app.box.com/s/46ab2f2m26oaqu7r2kflfig8ni686gcl)
* Oct 07 - [Hacker Group Creates Network of Fake LinkedIn Profiles](https://app.box.com/s/w32vcrjpq3fj0fg0t8c5gwmy0olwnmnd)
* Sep 17 - [THE DUKES: 7 years of Russian cyberespionage](https://app.box.com/s/ipsg0t3krs811gesknvxrdsqhsknbydj)
* Sep 08 - [Carbanak is packing new guns](https://app.box.com/s/h1dn7d6ptcpwjbcfj468fy5201ev4bbz)
* Aug 10 - [Darkhotel's attacks in 2015 ](https://app.box.com/s/fu1lu7lza8h4znv76a5dqlrjubapxw92)
* Aug 05 - [Threat Group-3390 Targets Organizations For Cyberespionage](https://app.box.com/s/6j0fm3yepzf11engl7t213zltahujorc)
* Aug 04 - [RSA Research Terracotta VPN: Enabler Of Advanced Threat Anonymity](https://app.box.com/s/cx1sjzb1q7slnjho5n1n0iuc7y9om2ll)
* Aug 03 - [Cyber war in perspective: Russian aggression against Ukraine](https://app.box.com/s/tnk1sw3cv0k0semcc9o275tjm5iliz45)
* Jul 31 - [Operation Potao Express: Analysis Of A Cyber-Espionage Toolkit](https://app.box.com/s/hji6y2fi3nwqbd8mtx6kiy6yckizwq2w)
* Jul 28 - [The Black Vine Cyberespionage Group](https://app.box.com/s/0ahidgtzecyx94hgvxoai9kmu5r6yw49)
* Jul 27 - [Hammertoss: Stealthy Tactics Define A Russian Cyber Threat Group](https://app.box.com/s/xqp6s3fb8w65f6mkm1zc89ftrl8lyfw7)
* Jul 22 - [Duke APT Group's Latest Tools: Cloud Services And Linux Support](https://app.box.com/s/4oehib8xu2boak3hd72sh1f9ka9gwwh7)
* Jul 20 - [China Hacks The Peace Palace: All Your Eez's Are Belong To Us](https://app.box.com/s/yso9235awisw1dmjh8dyqpi5r9nokzcx)
* Jul 20 - [Watering Hole Attack On Aerospace Firm Exploits CVE-2015-5122 To Install Isspace Backdoor](https://app.box.com/s/8izjpumhif40wt5jzbe6yej6j1sewt0b)
* Jul 14 - [Tracking Minidionis: Cozycar's New Ride Is Related To Seaduke](https://app.box.com/s/s29hmikrmmik5v7eumpb4tipkdlyqhjl)
* Jul 13 - ["Forkmeiamfamous": Seaduke, Latest Weapon In The Duke Armory](https://app.box.com/s/kse3c1yd5gqku9e2nfmsny7gp99zlgu4)
* Jul 09 - [Butterfly: Corporate Spies Out For Financial Gain](https://app.box.com/s/e8hbsm0zsrjryz3suwvutn1zjfpugwak)
* Jul 08 - [Wild Neutron _ Economic Espionage Threat Actor Returns With New Tricks](https://app.box.com/s/anoc1ews8p5jil4pewlafksf3d4oym5x)
* Jun 30 - [Dino: The Latest Spying Malware From An Allegedly French Espionage Group Analyzed](https://app.box.com/s/wavmm2zrlt4n1jri8byn31b9fb1wo35i)
* Jun 24 - [Unfin4Ished Business](https://app.box.com/s/7ep6vyqosrj2b26t6udv30jjdevkpv6f)
* Jun 22 - [Games Are Over: Winnti Is Now Targeting Pharmaceutical Companies](https://app.box.com/s/f090ea4pi40hoaxe6otzfw7yl65ylw6y)
* Jun 16 - [Operation Lotusblossom](https://app.box.com/s/xhn6ru62qqom1kuxoe3mxnqrtb1sqw2q)
* Jun 15 - [Target Attacks Against Tibetan And Hong Kong Groups Exploiting CVE-2014-4114 ](https://app.box.com/s/ma7v20ug1ij6dv1bxmb2qn69hgnr5nck)
* Jun 15 - [The Naikon APT: Tracking Down Geo-Political Intelligence Across APAC, One Nation At A Time](https://app.box.com/s/zuyuhxayshyuaypjoxfm0nu8d5tivqih)
* Jun 11 - [The Duqu 2.0 Technical Details](https://app.box.com/s/9bejel60h3doxinwxdfyhig5nsqz05ga)
* Jun 10 - [Duqu 2.0: Reemergence of an aggressive cyberespionage threat](https://app.box.com/s/amixilnvbz29s9122fe9hfg00srndw70)
* Jun 10 - [Duqu 2.0: A Comparison To Duqu ](https://app.box.com/s/yfoqrf6r0i0ih38pl0bmtud3ke0e6vhf)
* Jun 04 - [Blue Termite (Internet Watch)](https://app.box.com/s/0qhbl4o5adpf8fhdun7kp6cfz4ql3rdj)
* Jun 03 - [An Iranian Cyber-Attack Campaign Against Targets In The Middle East](https://app.box.com/s/mf27ius5sdlorh8nl4h4fr643g2i9orb)
* May 29 - [Oceanlotus](https://app.box.com/s/fapwtkrudntz5po7c4u34l54j0vys9po)
* May 28 - [Grabit And The Rats](https://app.box.com/s/x7jlktifxatv3oam1altle8km1xwju7b)
* May 27 - [Analysis On APT-To-Be Attack That Focusing On China's Government Agency](https://app.box.com/s/zeacvn2ae7aunrlsfjm8kbt4nbf6yn0z)
* May 26 - [Dissecting Linux/Moose: The Analysis Of A Linux Router-Based Worm Hungry For Social Networks](https://app.box.com/s/38tsu5p4cc9kevuiiaxrptw3wrgksguk)
* May 21 - [The Msnmm Campaigns: The Earliest Naikon APT Campaigns](https://app.box.com/s/nbtyzfb5j5x9d2qznmj3bzcpa2e8kezj)
* May 19 - [Operation Oil Tanker: The Phantom Menace](https://app.box.com/s/xrwk7gqk44dp89fioubewttrw8a88im1)
* May 18 - [Cmstar Downloader: Lurid And Enfal's New Cousin](https://app.box.com/s/67esnb1ppzsgyo3mm5es3zs8khtf3rpe)
* May 14 - [Operation Tropic Trooper: Relying On Tried-And-Tested Flaws To Infiltrate Secret Keepers](https://app.box.com/s/h3xtomk798hufzzqxnhn2kjmvt6yrcxh)
* May 13 - [Cylance Spear Team: A Threat Actor Resurfaces](https://app.box.com/s/ma0qrrczbji4grvjbezpeugf3gru084x)
* May 10 - [APT28 Targets Financial Markets: Zero Day Hashes Released](https://app.box.com/s/g55oxdd3q63hyngbjm4fbipfct94wrye)
* May 07 - [Dissecting The Kraken](https://app.box.com/s/r5vy0kolgdxwwby2wjo523devdbt5leg)
* May 05 - [Targeted Attack on France's TV5Monde](https://app.box.com/s/ightjgw5rkaldfpfel7q9v6p3pcqhqat)
* Apr 27 - [Attacks Against Israeli & Palestinian Interests](https://app.box.com/s/aaai5lu6q5wy0wp25m34oh383wmtg54m)
* Apr 26 - [Operation Clandestine Wolf _ Adobe Flash Zero-Day In APT3 Phishing Campaign](https://app.box.com/s/vxnua4o5c8u12xl4r7e5zkndpw65wz0m)
* Apr 22 - [Cozyduke](https://app.box.com/s/wig4z9nwq6wjxf3i4aslu9qro14pgsbe)
* Apr 21 - [The Cozyduke APT](https://app.box.com/s/8vksggruwwqzg7a4y7xrsrysrje56pqn)
* Apr 20 - [Sofacy II_ Same Sofacy, Different Day](https://app.box.com/s/dm3fbeb7hl95ilno014ftskoc1vi7n1r)
* Apr 18 - [Operation Russiandoll: Adobe & Windows ZeroDay Exploits Likely leveraged By Russia's APT28](https://app.box.com/s/oj4sr8vifeb03qe51newafin81tu8poy)
* Apr 15 - [Hellsing Indicators Of Compromise](https://app.box.com/s/ralrn76f32axakdv2fdl4kwtxqxvwee8)
* Apr 15 - [The Chronicles Of The Hellsing APT: The Empire Strikes Back](https://app.box.com/s/ob16ltqxv6urff6z1ore9i6t4308cxy6)
* Apr 12 - [APT30 And The Mechanics Of A Long-Running Cyber Espionage Operation](https://app.box.com/s/5jjomo7k001inllirt5lj83lu92ath7d)
* Apr 08 - [RSA Incident Response: An APT Case Study](https://app.box.com/s/tjoi82cp4iq6xx561qcu3xjr2rmfgmo1)
* Apr 07 - [WINNTI Analysis](https://app.box.com/s/tv5rhy7awdq8ecfrugcrk1d4zcce3xnq)
* Mar 31 - [Volatile Cedar Threat Intelligence And Research](https://app.box.com/s/jgl1n5xvzu3kp7aoi3cd9r407kjfzjcc)
* Mar 19 - [Operation Woolen-Goldfish When Kittens Go Phishing](https://app.box.com/s/pqe4y802utfswg27g3jeyaup46zje5b0)
* Mar 11 - [Inside The Equationdrug Espionage Platform](https://app.box.com/s/vdy6lfmpvu6gzglsc3d7sade6tp9gi7e)
* Mar 10 - [Tibetan Uprising Day Malware Attacks](https://app.box.com/s/43vz10qmcubl6d3cCVEzh2ahb9rbmyyj)
* Feb 27 - [The Anthem Hack: All Roads Lead To China](https://app.box.com/s/7rzfjpwud8blv668j1kxa7qmhcadn6pr)
* Feb 25 - [Plugx Goes To The Registry (And India)](https://app.box.com/s/jfuf6eo3az72qrvh6ueke42ft9f23ztz)
* Feb 25 - [Southeast Asia: An Evolving Cyber Threat Landscape ](https://app.box.com/s/h8kx7u7euolv1d6kjup0bxoujjikcbil)
* Feb 24 - [Scanbox Ii](https://app.box.com/s/o83u5pekus9251w0cl5lo2m1k5u0u2vn)
* Feb 18 - [Shooting Elephants](https://app.box.com/s/qog0dtpldhebhlasl12z3j82e0uv8t26)
* Feb 17 - [The Desert Falcons Targeted Attacks](https://app.box.com/s/y45wyjrr4tnz2jlt93pk6giurxpg7ue7)
* Feb 16 - [Carbanak APT The Great Bank Robbery](https://app.box.com/s/p7qzcury97tuwk26694uutujwqmwqyhe)
* Feb 16 - [Equation Group: Questions And Answers](https://app.box.com/s/reidof9i3qnjdq4t0k49o392g8r98tbt)
* Feb 16 - [Operation Arid Viper: Bypassing The Iron Dome](https://app.box.com/s/uqh30535vxopnp0achnlcemu2034aa26)
* Feb 10 - [Global Threat Intel Report](https://app.box.com/s/xbbiyzpb3614bdaxuu3rs96n7f4ysppa)
* Feb 04 - [Pawn Storm Update: Ios Espionage App Found](https://app.box.com/s/9b7dfetwel6ywbcfai2wa0ja20cym721)
* Feb 02 - [Behind The Syrian Conflict's Digital Front Lines](https://app.box.com/s/qriikjn5436zpiyazh8ta7gbzbd04onf)
* Jan 29 - [Backdoor.Winnti Attackers Have A Skeleton In Their Closet?](https://app.box.com/s/89pqnoimwdkrmyhxwqj5pp17jtjm4lmc)
* Jan 29 - [Analysis Of A Recent Plugx Variant - P2P Plugx](https://app.box.com/s/outg1oalwwfvd86eopmgv2pskekzmr4t)
* Jan 22 - [An Analysis Of Regin's Hopscotch And Legspin](https://app.box.com/s/yezsypczjmt973gpcqfqh5yf9po4zr3c)
* Jan 22 - [Scarab Attackers Took Aim At Select Russian Targets Since 2012](https://app.box.com/s/pkoancu0b09aifvm2qfu6tdl8w0l5dqz)
* Jan 22 - [The Waterbug Attack Group](https://app.box.com/s/nrf432kfdk6kadkvbclgykekocn4pzzu)
* Jan 20 - [Reversing The Inception APT Malware](https://app.box.com/s/sctzfr6aoagpzb9aoajcodvn6we7e055)
* Jan 20 - [Analysis Of Project Cobra](https://app.box.com/s/vuxbnmnptzygbuxkqbaq90vgm35hpcdv)
* Jan 15 - [Evolution Of Sophisticated Spyware: From Agent.Btz To Comrat](https://app.box.com/s/gqksdtk0gogqzzzbg2w6b4y7fej6f26t)
* Jan 12 - [Insight In To A Strategic Web Compromise And Attack Campaign Against Hong Kong Infrastructure](https://app.box.com/s/9bt05cgrk8vbmylm5odno0k85s39kny0)
* Jan 12 - [Skeleton Key Malware Analysis](https://app.box.com/s/elb9hgj4rvcajilnlh67kpgoskjqjra0)
## 2014
* Dec 22 - [Anunak: Apt Against Financial Institutions](https://app.box.com/s/exmsfcvad1sjqtmvtzbiil9k52js62ir)
* Dec 21 - [Operation Poisoned Helmand](https://app.box.com/s/emf5ke7j5q12sku7vvvb0c1hbk70fygb)
* Dec 19 - [Alert (Ta14-353A) Targeted Destructive Malware](https://app.box.com/s/lldbbamo2r9d59jf9ztlif93d6o2p2uw)
* Dec 18 - [Malware Attack Targeting Syrian Isis Critics](https://app.box.com/s/bnq1jfzfmvflkui8zw06fkp9c0x5dgxq)
* Dec 17 - [Wiper Malware _ A Detection Deep Dive](https://app.box.com/s/efz1qmraxgqzenl5mzyeqtrh8kg1nktb)
* Dec 12 - [Bots, Machines, And The Matrix](https://app.box.com/s/91ckw3z2lh26ylhxbjbjirjuyv5oslul)
* Dec 12 - [Vinself Now With Steganography](https://app.box.com/s/uy1tzn58yjoarnrftgs9d8ieucwf4029)
* Dec 10 - [Cloud Atlas: Redoctober Apt Is Back In Style](https://app.box.com/s/pyjpzua55mu6j1my5jegdiiovmpx35yi)
* Dec 10 - [Vulnerability, Malicious Code Appeared In The Mbr Destruction Function Using Hangul File](https://app.box.com/s/q8gx5wedudaui491qn6i4d7dxsnmuyla)
* Dec 10 - [W32/Regin, Stage #1](https://app.box.com/s/358saagkwt3gqy6w62ed6xo33w175r0y)
* Dec 10 - [W64/Regin, Stage #1](https://app.box.com/s/2ifpyh8kjoxsvrj9dnqfxfrb2go1pu3a)
* Dec 09 - [The Inception Framework: Cloud-Hosted Apt](https://app.box.com/s/vny8b4ubmxo421amxtk8tvk4b9x1vz52)
* Dec 08 - [The 'Penquin' Turla](https://app.box.com/s/5gfajyyz8firhnttdo72j0iz6uo4eo6q)
* Dec 03 - [Operation Cleaver: The Notepad Files](https://app.box.com/s/vsret8sjx5qd6xaxzv0rxdw4pocdmjll)
* Dec 01 - [Hacking The Street? Fin4 Likely Playing The Market](https://app.box.com/s/56mtum85h5pznvw9r4x6yh5qivb7vgql)
* Nov 24 - [I Am Ironman: Deep Panda Uses Sakula Malware To Target Organizations In Multiple Sectors](https://app.box.com/s/4dfaheem1io3i71o51rf4lfo2ivotuol)
* Nov 24 - [The Regin Platform Nation-State Ownership Of Gsm Networks](https://app.box.com/s/q23ruuvmn5mgq1dc0w3kggl6ek1pn4nz)
* Nov 24 - [Secret Malware In European Union Attack Linked To U.S. And British Intelligence](https://app.box.com/s/qpegircfwykf835shpflarf87ah2438x)
* Nov 23 - [Regin: Top-Tier Espionage Tool Enables Stealthy Surveillance](https://app.box.com/s/at56dm7anwlk35y4cp4ung9qwgiz6bn1)
* Nov 21 - [Operation Double Tap](https://app.box.com/s/30f8215m5iow438k6gpjuxyvlsid7oom)
* Nov 20 - [Evil Bunny: Suspect #4](https://app.box.com/s/xvilsesi5qd2gh6so2g3tnric51ndv57)
* Nov 14 - [Derusbi (Server Variant) Analysis](https://app.box.com/s/t3h83k7pfdyzoi3hrhfl7k5o33sk1fwk)
* Nov 14 - [Onionduke: Apt Attacks Via The Tor Network - F-Secure Weblog : News From The Lab](https://app.box.com/s/vpr6m62odv8f7tz59xisqrba9khg4rhi)
* Nov 14 - [Roaming Tiger](https://app.box.com/s/1q4787ruef22tvkgc7h82j6ib6qpc8v0)
* Nov 13 - [Operation Cloudyomega: Ichitaro Zero-Day And Ongoing Cyberespionage Campaign Targeting Japan](https://app.box.com/s/61pv7a2qufqbm3dhargkrsqjjzgswxba)
* Nov 12 - [Korplug Military Targeted Attacks: Afghanistan & Tajikistan](https://app.box.com/s/jih94kv82ucn12fdne8tsijvwn06cf4p)
* Nov 11 - [The Uroburos Case: New Sophisticated Rat Identified](https://app.box.com/s/sg4cyodukt7edmmba6bfikuiu1jgzv59)
* Nov 10 - [The Darkhotel APT A Story of Unusual Hospitality v1.1](https://app.box.com/s/f6bmfscrmam0oq111f9u4bwiqu74bxyi)
* Nov 10 - [The Darkhotel Apt A Story Of Unusual Hospitality v1.0](https://app.box.com/s/rqk4up23y49pe1zalfmstkj4zb1dxbja)
* Nov 10 - [Darkhotel Indicators Of Compromise](https://app.box.com/s/r97cjt70ywsd7pnrstr7buqzxn5svfw1)
* Nov 03 - [Be2 Custom Plugins, Router Abuse, And Target Profiles](https://app.box.com/s/0aem5xn8owa5hpsjxuqbyloielln6oyh)
* Nov 03 - [Operation Poisoned Handover: Unveiling Ties Between Apt Activity In Hong Kong's Pro-Democracy Movement](https://app.box.com/s/4ld2qhui8rs1slmh76mzj9vaum353mk8)
* Oct 31 - [Operation Toohash How Targeted Attacks Work ](https://app.box.com/s/11ozmt3fr8pucuo08gnotg6ab22ka7pp)
* Oct 30 - [The Rotten Tomato Campaign](https://app.box.com/s/ngqr8jevmhlypff49eju70nhxzfy26bh)
* Oct 28 - [Apt28: A Window Into Russia's Cyber Espionage Operations](https://app.box.com/s/2e7s0j3cuuswoplyvaqdz4kdudvvr7x7)
* Oct 28 - [Threat Spotlight: Group 72, Opening The Zxshell](https://app.box.com/s/89uahki8m2ksfgc8pysjw6utcqjp4q9u)
* Oct 27 - [Full Disclosure Of Havex Trojans](https://app.box.com/s/v76ozenghvxl8cnk7rcdw4dxsnsffz2g)
* Oct 27 - [Micro-Targeted Malvertising Via Real-Time Ad Bidding](https://app.box.com/s/fy9ss400cv8irbkyrw7i72dc8xaf5xiv)
* Oct 27 - [Scanbox Framework: Who's Affected, And Who's Using It?](https://app.box.com/s/u273q9utje6wds8mtv17efskdu5oj8la)
* Oct 24 - [Operation SMN](https://app.box.com/s/tp6i8x92oxp2jjs1gajmimxsbgwb3hpa)
* Oct 24 - [Leouncia And Orcarat](https://app.box.com/s/737gsokqbgsi9d6yenyob3kgafl8mrc4)
* Oct 23 - [Modified Binaries Tor](https://app.box.com/s/nj7stspq3veln8iebra2f5u1203i86eg)
* Oct 23 - [Operation Pawn Storm Using Decoys To Evade Detection](https://app.box.com/s/t2flymgu0ct5s3z487oedaq8dycsge77)
* Oct 22 - [Tactical Intelligence Bulletin Sofacy Phishing](https://app.box.com/s/th78b3w9bhr1cpdtn9gmmm9v7j2vuq47)
* Oct 20 - [Orcarat - A Whale Of A Tale](https://app.box.com/s/r3qo159trv793oeqdgsv99swjsxzq8pw)
* Oct 14 - [Threat Spotlight: Group 72](https://app.box.com/s/mtk3zeae1823kz2hv3f7z6pgjgwxlkyl)
* Oct 14 - [Hikit Analysis](https://app.box.com/s/k1zaybbj4ickaq5u0flu9bpmtp8a1e5k)
* Oct 14 - [Russian Cyber Espionage Campaign - Sandworm Team](https://app.box.com/s/k0vbq8vx0z8qg3s4ycit1kc99cg5ay27)
* Oct 14 - [Zoxpng Analysis](https://app.box.com/s/8wxap100crzcd96a05ajsj9vodpjauau)
* Oct 09 - [Democracy In Hong Kong Under Attack](https://app.box.com/s/dvtxta3jtratjxlpr5rzwsqvqfetsn6z)
* Oct 03 - [New Indicators Of Compromise For Apt Group Nitro Uncovered](https://app.box.com/s/drb0p2idherjlxlwdqh0nharpt310s8u)
* Sep 26 - [Aided Frame, Aided Direction (Because It's A Redirect)](https://app.box.com/s/c0vmfv396d3lej8g37mxbhjgbjen1m21)
* Sep 26 - [Blackenergy & Quedagh: The Convergence Of Crimeware And Apt Attacks](https://app.box.com/s/ccj81xcg1xunuyjmnb3kt3ug77r16z7q)
* Sep 19 - [Recent Watering Hole Attacks Attributed To Apt Group Th3Bug Using Poison Ivy](https://app.box.com/s/4j0ajrkivoyxw0licxinxpkgrk1ep7b8)
* Sep 18 - [Cosmicduke Cosmu With A Twist Of Miniduke](https://app.box.com/s/b0mc62by5j96jg9l91t68mlq6roksbg2)
* Sep 10 - [Operation Quantum Entanglement](https://app.box.com/s/qvuhc7j8tle0a83z3iivsz3yz6aok3tv)
* Sep 08 - [Targeted Threat Index: Characterizing And Quantifying Politically-Motivated Targeted Malware](https://app.box.com/s/flstb1aalkoeq5f0g4baemo9g1bclrd2)
* Sep 08 - [When Governments Hack Opponents: A Look At Actors And Technology](https://app.box.com/s/idaqxp9usqbtbo80vhemh66shyvavagu)
* Sep 04 - [Analysis Of Chinese Mitm On Google](https://app.box.com/s/rpig9c10mj8wdri1ulftjxbabm543mxa)
* Sep 04 - [Forced To Adapt: Xslcmd Backdoor Now On Os X](https://app.box.com/s/fc2gc8m4ospivuhzjmj2vfc1l3sxc17j)
* Sep 03 - [Darwin's Favorite Apt Group](https://app.box.com/s/aj0b81yqt1fe6ufuklxuirvh8hawnnjb)
* Aug 29 - [Connecting The Dots: Syrian Malware Team Uses Blackworm For Attacks](https://app.box.com/s/5sir2hjd6rhi9a03nb5e4ykkx3s4l7d6)
* Aug 28 - [Scanbox: A Reconnaissance Framework Used With Watering Hole Attacks](https://app.box.com/s/vlbe0y40djeaadl2l4iqdm13cju3v3n6)
* Aug 27 - [Profiling An Enigma: The Mystery Of North Korea's Cyber Threat Landscape](https://app.box.com/s/a6c2ljuyf6kzgx853khmhmrxk4toal8x)
* Aug 27 - [Nettraveler Apt Gets A Makeover For 10Th Birthday](https://app.box.com/s/5p59z0cnoul885qx2hj1f85h00mk2ec5)
* Aug 20 - [El Machete](https://app.box.com/s/badlir1w3z6fowjb0xj9too0mf11ls4e)
* Aug 07 - [The Epic Turla Operation: Solving Some Of The Mysteries Of Snake/Uroboros](https://app.box.com/s/9rsegtgvnwe9n2lrk6ezxfv8mnpfhpk3)
* Aug 06 - [Operation Poisoned Hurricane](https://app.box.com/s/f74irgo6g47gr37urjypwcnetjj2ymie)
* Aug 05 - [Operation Arachnophobia Caught In The Spider's Web](https://app.box.com/s/d7pm2c1r4cx80tt1rctysd7452lo367v)
* Aug 04 - [Sidewinder Targeted Attack Against Android In The Golden Age Of Ad Libraries](https://app.box.com/s/qwg36lcvf9iaz3alks4w24btqcxmzlkq)
* Aug 04 - [Gholee Protective Edge Themed Spear Phishing Campaign](https://app.box.com/s/krnvva7fu9o6ywa81uwbpsasj4sz3y2n)
* Aug 01 - [Syrian Malware, The Ever-Evolving Threat](https://app.box.com/s/029unv6hijmzrq3xzevz58y4n4xneybz)
* Jul 31 - [Energetic Bear _ Crouching Yeti](https://app.box.com/s/z0apbug9w1ztt8ex0pe99sq0d2u9r3nu)
* Jul 31 - [Crouching Yeti: Appendixes](https://app.box.com/s/90zdh7pfbmon8mtea3okbc6s83ro28bx)
* Jul 20 - [Sayad (Flying Kitten) Infostealer: Is This The Work Of The Iranian Ajax Security Team?](https://app.box.com/s/hjjb0aysslxse1ehpyt5ny68lf8tyctg)
* Jul 11 - [The Eye Of The Tiger (Pitty Tiger)](https://app.box.com/s/54porxs30re847wc7ca1jk1hzbtvt0hv)
* Jul 10 - [Tr-25 Analysis - Turla / PNet / Snake/ Uroburos](https://app.box.com/s/54kvbxp9nc0xtme1omd1xpxcckwm945g)
* Jun 30 - [Dragonfly: Cyberespionage Attacks Against Energy Suppliers](https://app.box.com/s/edyb0yn2g8ozavlmxoh082l7z5o5v3yx)
* Jun 20 - [#9 Blitzanalysis: Embassy Of Greece Beijing - Compromise](https://app.box.com/s/j108s0yjga3w42lm7wifklqilr4l35ld)
* Jun 10 - [Snake In The Grass: Python-based Malware Used For Targeted Attacks](https://app.box.com/s/4n263mzodo4mb7jz1w3deidg9xuu2teh)
* Jun 10 - [Anatomy Of The Attack: Zombie Zero](https://app.box.com/s/r95pew4gb5gi1qw40l6s0jbzw5lfwqbm)
* Jun 09 - [Putter Panda](https://app.box.com/s/ugahgfd07evh7q0h8lnb00brew4ixvdk)
* Jun 06 - [Illuminating The Etumbot Apt Backdoor](https://app.box.com/s/h8c0ds5etxke111s38r7rs3ltmpf2mot)
* May 21 - [Rat In A Jar: A Phishing Campaign Using Unrecom](https://app.box.com/s/hhfmfv9itrx2mabe5m441a381zvc5jul)
* May 20 - [Miniduke Still Duking It Out](https://app.box.com/s/dnn3hp5nlwuiwxcqjc9kmsfiodcimi64)
* May 13 - [Cat Scratch Fever: Crowdstrike Tracks Newly Reported Iranian Actor As Flying Kitten](https://app.box.com/s/vr9chzv8t952gywbaom6r0p4bo4pub8r)
* May 13 - [Operation Saffron Rose](https://app.box.com/s/pnagcb7vgpqaxen71n2x557m05q7dazl)
* Apr 26 - [New Zero-Day Exploit Targeting Internet Explorer Versions 9 Through 11 Identified In Targeted Attacks](https://app.box.com/s/5epjx7i7fc3q8jh8o4exabquoar1s3ii)
* Mar 08 - [Suspected Russian Spyware Turla Targets Europe, United States](https://app.box.com/s/n9zt53c246ltmhhjkcfay9xq8mee09yo)
* Mar 07 - [Snake Campaign & Cyber Espionage Toolkit](https://app.box.com/s/xmeq5ajvmzux1appt1qvd8wme7k13o63)
* Mar 06 - [The Siesta Campaign: A New Cybercrime Operation Awakens](https://app.box.com/s/0rcadhypkl7fod418nv58uicnnljvnrh)
* Feb 28 - [Uroburos Highly Complex Espionage Software With Russian Roots](https://app.box.com/s/dokswmrkrxmipfmdpsvelnq18w4ypogw)
* Feb 25 - [The French Connection: French Aerospace-Focused CVE-2014-0322 Attack Shares Similarities with 2012 Capstone Turbine Activity](https://app.box.com/s/yh95vh5l17z2vcffwjvg3v05fzn0pzp1)
* Feb 23 - [Gathering In The Middle East, Operation Stteam](https://app.box.com/s/ine4z2lyf8ryqao789oc0als335iip8c)
* Feb 20 - [Mo' Shells Mo' Problems - Deep Panda Web Shells](https://app.box.com/s/pn1mtot3a2d2seuqx46unamdl7udlwq0)
* Feb 20 - [Operation Greedywonk: Multiple Economic And Foreign Policy Sites Compromised, Serving Up Flash Zero-Day Exploit](https://app.box.com/s/870bnpwyxqjqg9o0z4sl0e2mlkzar60q)
* Feb 19 - [The Monju Incident ](https://app.box.com/s/l6n25enqom0uydgxogybp82294nkf4dt)
* Feb 19 - [Xtremerat: Nuisance Or Threat?](https://app.box.com/s/s7kamaz3bmziz8vu1fvwz2e9m13xiysg)
* Feb 13 - [Operation Snowman: Deputydog Actor Compromises Us Veterans Of Foreign Wars Website](https://app.box.com/s/6uv4v8hpnfpka971qk0gd3j4mnm5x7mt)
* Feb 11 - [Unveiling Careto - The Masked Apt](https://app.box.com/s/aepgdq5vc2dxd2m9t0ab2v28rtwbhjua)
* Jan 31 - [Intruder File Report- Sneakernet Trojan](https://app.box.com/s/yvbehxsn3tknzogt74z9ryn7r7elwpmf)
* Jan 21 - [Emerging Threat Profile Shell_Crew ](https://app.box.com/s/xqldk5renv5ecihr7wyyazplrnezknmx)
* Jan 15 - [New Cdto: A Sneakernet Trojan Solution](https://app.box.com/s/63rg0wfr0ki2xvtt7ja1b7lmn7dspcdc)
* Jan 13 - [Targeted Attacks Against The Energy Sector](https://app.box.com/s/blcobivhvh1gwqh7qjtkrdpaggz2lmlr)
## 2013
* Dec 31 - [Energy At Risk: A Study Of It Security In The Energy And Natural Resources Industry](https://app.box.com/s/z7lwte5v91lz2rkfywd9s1grnqeuy1fk)
* Dec 20 - [Etso Apt Attacks Analysis ](https://app.box.com/s/n4vji662ern1bii9hhahvglujeobqmk0)
* Dec 11 - [Operation Ke3Chang Targeted Attacks Against Ministries Of Foreign Affairs](https://app.box.com/s/8w1uu9e2l7jwq40gtea7xem6ezg79ffu)
* Dec 02 - ["Njrat", The Saga Continues](https://app.box.com/s/6blnvkflzcded9jlthm7yt1zzki6eakz)
* Nov 11 - [Supply Chain Analysis: From Quartermaster To Sunshopfireeye](https://app.box.com/s/cpnh3qzju92xffn9qtlw45vceuleqh6d)
* Oct 24 - [Evasive Tactics: Terminator Rat](https://app.box.com/s/zesgiuff58vejn97rad0w9tt827cusg0)
* Oct 24 - [Fakem Rat: Malware Disguised As Windows Messenger And Yahoo! Messenger](https://app.box.com/s/otjh028wd3rfia4ysdtldj3whsd1i4y2)
* Sep 30 - [World War C: Understanding Nation-State Motives Behind Today's Advanced Cyber Attacks](https://app.box.com/s/dbgzho741wbtce2r5hppvocy6cwjbcbk)
* Sep 19 - [2Q Report On Targeted Attack Campaigns](https://app.box.com/s/bwgb7uhh6p4bdkyvlw94dpq19tq0fvbv)
* Sep 17 - [Hidden Lynx: Professional Hackers For Hire](https://app.box.com/s/m7yxjl7nljw2iltpbasm7t2dswhya6iv)
* Sep 13 - [Operation Deputydog: Zero-Day (Cve-2013-3893) Attack Against Japanese Targets](https://app.box.com/s/w4rzfbf0ziip0dt4smkwtraluv8o0z9g)
* Sep 11 - [The "Kimsuky" Operation: A North Korean Apt?](https://app.box.com/s/bel4s8xubunn5gxjvorgm7qg2v0e9kgt)
* Sep 10 - [Operation Ephemeral Hydra: Ie Zero-Day Linked To Deputydog Uses Diskless Method](https://app.box.com/s/qm0qqb7bpc0ut2c5n76zr5i0rdfhy5ts)
* Aug 23 - [Operation Molerats](https://app.box.com/s/96rwehp2pkoou5gnimrx3sfdymv0nkhv)
* Aug 21 - [Poison Ivy: Assessing Damage And Extracting Intelligence](https://app.box.com/s/7gw9d1cbuvygb3qamjytpgh9nbmk7cbw)
* Aug 19 - [Byebye Shell And The Targeting Of Pakistan](https://app.box.com/s/a4a59w1go5opcj607ssoh11oqnhozv0h)
* Aug 12 - [Survival Of The Fittest: New York Times Attackers Evolve Quickly](https://app.box.com/s/fkg2mxeqpb2ivx9neyz6bseopy1dfg5p)
* Aug 07 - [The Little Malware That Could: Detecting And Defeating The China Chopper Web Shell](https://app.box.com/s/yvk5tr8poletupw82biic0ucpvynvoyj)
* Aug 02 - [Where There Is Smoke, There Is Fire: South Asian Cyber Espionage Heats Up](https://app.box.com/s/s0c49bv6hitrhmcafk0phnnuer3e63v1)
* Aug 02 - [Surtr: Malware Family Targeting The Tibetan Community](https://app.box.com/s/m57wv4yn4wsa0j2bj6yuj23bzyrq5rg8)
* Aug 01 - [Inside Report _ Apt Attacks On Indian Cyber Space](https://app.box.com/s/a2zw9uye2hhofsc1me6yfj39u6gjalcq)
* Aug 01 - [Operation Hangover - Unveiling An Indian Cyberattack Infrastructure (Appendix)](https://app.box.com/s/2k6oduwj3aetbetxdjx6gjqcg7mrcvvj)
* Jul 31 - [Secrets Of The Comfoo Masters](https://app.box.com/s/70bcgwlwqpp43spjxnyk2f7h96lg0718)
* Jul 15 - [The Plugx Malware Revisited: Introducing Smoaler](https://app.box.com/s/dfdg420iygjtz1rmou2ps14zi25l7tfb)
* Jul 09 - [Dark Seoul Cyber Attack: Could It Be Worse? ](https://app.box.com/s/qw0kvewoi3uxy4g3xkc31ammxttbft5z)
* Jul 01 - [Hunting The Shadows: In Depth Analysis Of Escalated Apt Attacks](https://app.box.com/s/owi5dxkk3zx164lp90swu3weeyp805se)
* Jun 28 - [Njrat Uncovered](https://app.box.com/s/vdg51zbfvap52w60zj0is3l1dmyya0n4)
* Jun 21 - [A Call To Harm: New Malware Attacks Target The Syrian Opposition](https://app.box.com/s/hydmfjuajj44kezw77k9nwj5qormpp9y)
* Jun 18 - [Trojan.Apt.Seinup Hitting Asean](https://app.box.com/s/iap35ypb6u03wrzpmemy2z2ntf4k8wm0)
* Jun 07 - [Keyboy, Targeted Attacks Against Vietnam And India](https://app.box.com/s/f8p3dagvmdezcpgmnh04mgqz21viklpz)
* Jun 04 - [The Nettraveler (Aka Travnet) ](https://app.box.com/s/1qx5mkzkcvwq3eazh2ygxowfbbadofby)
* Jun 01 - [Crude Faux: An Analysis Of Cyber Conflict Within The Oil & Gas Industries](https://app.box.com/s/9dpb6yyvb4yedosa75fo1ibuo46oy35a)
* Jun 01 - [The Chinese Malware Complexes: The Maudi Surveillance Operation](https://app.box.com/s/v04cs4pueqq78rh8uasr39tsh36gtqra)
* May 30 - [Analysis Of A Stage 3 Miniduke Sample](https://app.box.com/s/c95me2uocwoothfnapxrcjwfmynue4ri)
* May 20 - [Operation Hangover |Executive Summary](https://app.box.com/s/d3q764or208vbbg26gtcasv5uxnkcij1)
* May 20 - [Operation Hangover - Unveiling An Indian Cyberattack Infrastructure](https://app.box.com/s/f5wyu7306nti3lbp58uesioijsl9zamm)
* May 03 - [Deep Panda](https://app.box.com/s/6po2pgedkjf4br5p7tm51go7p5g3z6g3)
* Apr 17 - [The Mutter Backdoor: Operation Beebus with New Targets](https://app.box.com/s/zg8cx9of6h9kdol7wwvgz8lxkqlvyr2p)
* Apr 13 - [Winnti: More Than Just A Game](https://app.box.com/s/dlzp6f7hv9q3r0kreqvu8yyt36lzdbxw)
* Apr 03 - [A Closer Look At Miniduke](https://app.box.com/s/cfkwk5mocm6ckxmaiv8hfe73k2bl1u10)
* Apr 01 - [Trojan.Apt.Banechant: In-Memory Trojan That Observes For Multiple Mouse Clicks](https://app.box.com/s/5ycaruh0zf07h2jy9mpasgm1crninjwp)
* Mar 28 - [Analysis Of A Plugx Variant (Plugx Version 7.0)](https://app.box.com/s/90qhti3jwdmthbz7fd1l49n9y2cp8ffq)
* Mar 27 - [Apt1: Technical Backstage](https://app.box.com/s/x2jgr4j1bgfas2h2b4h09mam9nn4qwu3)
* Mar 20 - [Dissecting Operation Troy: Cyberespionage In South Korea](https://app.box.com/s/b91tgqhiw7zyivfnxe3sbrtzfgk6n08f)
* Mar 20 - [The Teamspy Story - Abusing Teamviewer In Cyberespionage Campaigns](https://app.box.com/s/742gtrl1fedxy8iqwjuqsiru1m8i0l2g)
* Mar 17 - [Safe A Targeted Threat](https://app.box.com/s/0yh8mn02v2wrehl9yaddrb8rjdzieeqb)
* Mar 13 - [You Only Click Twice: Finfisher's Global Proliferation](https://app.box.com/s/bdtw7jyfdcr9snnt14ye7ukb9oj2gmn9)
* Feb 27 - [Miniduke: Indicators ](https://app.box.com/s/d5npu14e4471j5mmpkgt1xwdnu90t43e)
* Feb 27 - [The Miniduke Mystery: Pdf 0-Day Government Spy Assembler 0X29A Micro Backdoor ](https://app.box.com/s/w3b1yh6agvwmocx8ftzjg8kyds0jodmk)
* Feb 26 - [Stuxnet 0.5: The Missing Link](https://app.box.com/s/jzbxpm7m7kakhubocrrerq0myig6befb)
* Feb 22 - [Comment Crew: Indicators Of Compromise](https://app.box.com/s/0leqi6xaid7v745y3kujcyi5vgvf73su)
* Feb 18 - [Apt1 Exposing One Of China's Cyber Espionage Units](https://app.box.com/s/t8w9gavaci6jye519zp13tjdicnd7xzu)
* Feb 12 - [Targeted Cyber Attacks: Examples And Challenges Ahead](https://app.box.com/s/vsy0oa0n3l2m2lx5oxpzj71zhbqkkgxq)
* Feb 03 - [Command And Control In The Fifth Domain](https://app.box.com/s/yfduvs6jw8w3ankhjkbi4ei5ykqho368)
* Feb 01 - [Operation Beebus](https://app.box.com/s/3bk8cfcjiwhh1gxlkmyslrmp85wm7ewd)
* Jan 18 - [Operation Red October](https://app.box.com/s/yzybkh6neofhi2wonyn7abjyn2hlfa8f)
* Jan 14 - [The Icefog Apt: A Tale Of Cloak And Three Daggers](https://app.box.com/s/ebjeefvfx58arny58fb9vv6up39f293w)
* Jan 14 - ["Red October" Diplomatic Cyber Attacks Investigation](https://app.box.com/s/m3hhm2et9h54sfojd33b6k7m76zoqdv1)
* Jan 14 - [The "Red October" Campaign - An Advanced Cyber Espionage Network Targeting Diplomatic And Government Agencies](https://app.box.com/s/ymcjx37fp0zyyjybcl80czcrpzctjfp9)
## 2012
* Nov 30 - [The Many Faces Of Gh0St Rat: Plotting The Connections Between Malware Attacks](https://app.box.com/s/aj7ebr1v0x9mf3psmxeififqijwmmacy)
* Nov 03 - [Systematic Cyber Attacks Against Israeli And Palestinian Targets Going On For A Year ](https://app.box.com/s/83uopvit3i46wmy3hxvw4g3rjhv8ax1s)
* Nov 01 - [Recovering From Shamoon](https://app.box.com/s/fjucrojt5ldxio2sbvsql7syv46l6p4g)
* Nov 01 - ["Wicked Rose" And The Ncph Hacking Group](https://app.box.com/s/0cp8nyd339dnbak96x2klgz1kxm36xd2)
* Oct 27 - [Trojan.Taidoor: Targeting Think Tanks](https://app.box.com/s/td8bl14go6icl9lhi9c4idkk82e83t2c)
* Sep 07 - [Iexpl0Re Rat](https://app.box.com/s/tdgkyqg7o511v8a29mc8ec28yxzw118j)
* Sep 06 - [The Elderwood Project](https://app.box.com/s/kbhzz24wt2t7kd92c2409uyqawj1jl0t)
* Aug 18 - [The Mirage Campaign](https://app.box.com/s/h9vlkkgq0yaat56muq6nei95nchysbay)
* Aug 12 - [The Voho Campaign: An In Depth Analysis ](https://app.box.com/s/g1nx7q1o451m0o8hmhbeg82igcflk6q5)
* Aug 09 - [Gauss: Abnormal Distribution](https://app.box.com/s/y0wmp82qdqivrx4x21nfj5miod1tjuf1)
* Jul 27 - [The 'Madi' Infostealers - A Detailed Analysis](https://app.box.com/s/h2rowevapfawgbkdpcinjgbci6iy71ml)
* Jul 25 - [From Bahrain With Love: Finfisher Spy Kit Exposed?](https://app.box.com/s/1y57tx3onyislwp9w9k0dqew874y11s9)
* Jul 10 - [Recent Observations In Tibet-Related Information Operations: Advanced Social Engineering For The Distribution Of Lurk Malware](https://app.box.com/s/njc3dvwkbx4i9y0s300r3k3ocrj1gmua)
* Jun 13 - [Pest Control: Taming The Rats](https://app.box.com/s/k6kyhjnok9n5vqtchm4u1luoluth0j1i)
* May 31 - [Skywiper (A.K.A. Flame A.K.A. Flamer): A Complex Malware For Targeted Attacks ](https://app.box.com/s/ebeqddqmxdjqttnqjr1xzi7agiqusrac)
* May 22 - [Ixeshe An Apt Campaign](https://app.box.com/s/t74crjmu21ee2gpnnx56182bj74facvi)
* May 18 - [Have I Got Newsforyou: Analysis Of Flamer C&C Server](https://app.box.com/s/6ujt4gi1c962id9o4iviesurww2grbxi)
* Apr 16 - [New Version Of Osx.Sabpub & Confirmed Mac Apt Attacks](https://app.box.com/s/ew3h0mve5lf5x69ydjd1sm1r380rqy4k)
* Apr 03 - [The Luckycat Hackers](https://app.box.com/s/oiblu3lk6fsqnjqv6bx4ygkv7e14tcb8)
* Mar 26 - [Luckycat Redux: Inside An Apt Campaign With Multiple Targets In India And Japan](https://app.box.com/s/vun0x0rrek5l51djb8igbojb7v85sg3q)
* Mar 13 - [It'S Not The End Of The World: Darkcomet Misses By A Mile](https://app.box.com/s/akmz317h8dkapm52ksycf187rw2ylp21)
* Mar 12 - [Crouching Tiger, Hidden Dragon, Stolen Data](https://app.box.com/s/vk0oacayqkgrk3tp492h3ja9jnlktk7t)
* Feb 29 - [The Sin Digoo Affair](https://app.box.com/s/qj9849r6n72ktrc9q3n9107xduauffss)
* Jan 03 - [The Heartbeat Apt Campaign](https://app.box.com/s/4qfg9m8wrdgsdf7k3fwrz7zmg2tkfxno)
## 2011
* Dec 28 - [Stuxnet/Duqu: The Evolution Of Drivers](https://app.box.com/s/shakkou3wcgwfq5u83jncdit7cmmw151)
* Dec 08 - [Cyber-intruder sparks response, debate](https://app.box.com/s/ufro1ks1913zufz8n44883up7yttfs7d)
* Dec 08 - [Palebot Trojan Harvests Palestinian Online Credentials](https://app.box.com/s/73rhctcs0kj6s52eeqn509p44a368kuv)
* Oct 31 - [The Nitro Attacks: Stealing Secrets From The Chemical Industry](https://app.box.com/s/sp5gpgu0xpf0dsfxj269ptxyyzm0ohkf)
* Oct 26 - [Duqu Trojan Questions And Answers](https://app.box.com/s/ygyqokm0cxq56lut0v1u0i4u5vts9idc)
* Oct 12 - [Alleged Apt Intrusion Set: 1.Php Group](https://app.box.com/s/rqv5wirqhfc3zht1p2kouk8i0ymnmr92)
* Sep 11 - [Sk Hack By An Advanced Persistent Threat](https://app.box.com/s/c911g2eqxck6va9cdn9vync5628zrreb)
* Aug 22 - [The Lurid Downloader](https://app.box.com/s/7s9bvquu64vafpi14t8p6w2t6hwls1zi)
* Aug 04 - [Revealed: Operation Shady Rat](https://app.box.com/s/a086wzo5lwibw0dl7ri0kt7d0b51u299)
* Aug 03 - [Htran And The Advanced Persistent Threat](https://app.box.com/s/aqhzvj2a5vo91dgqjflh7nk4pm8aowon)
* Aug 02 - [Operation Shady Rat: Unprecedented Cyber-Espionage Campaign And Intellectual-Property Bonanza](https://app.box.com/s/k34la7wec8mf3gzxphkynem95en886d3)
* Jun 01 - [Advanced Persistent Threats: A Decade In Review](https://app.box.com/s/tl13bx0ek04liinz7btbc3f47jpvpbxj)
* Apr 20 - [Stuxnet Under The Microscope](https://app.box.com/s/2mmdr5vhhrjt2prszn167a0v58az9put)
* Feb 18 - [Night Dragon: Specific Protection Measures For Consideration ](https://app.box.com/s/grv4y3nziuxbsv4g16nyf4u1i1g1w0nm)
* Feb 10 - [Global Energy Cyberattacks: Night Dragon](https://app.box.com/s/o2tc88oihh4c67a0s8ygok9fwd66zp71)
* Feb 01 - [W32.Stuxnet Dossier](https://app.box.com/s/rpdy3pk00bmkhgmf1lsfuwt6edakh6k3)
## 2010
* Sep 03 - [The Msupdater Trojan And Ongoing Targeted Attacks ](https://app.box.com/s/gh8m5os2jewj2adleu2xqivj9qzf9ok8)
* Aug 24 - [Defense official discloses cyberattack](https://app.box.com/s/071o7zzbyj0z4ixl69iupwow0bo82jqj)
* Apr 06 - [Shadows In The Cloud: Investigating Cyber Espionage 2.0](https://app.box.com/s/mxffbrs4ju2yeoa47sbeym6n5zm1hnf3)
* Mar 14 - [In-Depth Analysis Of Hydraq: The Face Of Cyberwar Enemies Unfolds](https://app.box.com/s/44e7rbs177n5inhpm9si6gu3lm7fw6bj)
* Feb 24 - [How Can I Tell If I Was Infected By Aurora?](https://app.box.com/s/k0qidf9g1yfehi6pbdodmcxdqag5a9bv)
* Feb 10 - [Operation Aurora](https://app.box.com/s/fjb89qr1vnk2ox0vllj68ivadqgyz3an)
* Jan 27 - [Operation Aurora: Detect, Diagnose, Respond](https://app.box.com/s/j36zc0da9nz6q8wnv13slwxcnmiaykul)
* Jan 20 - [Combating Aurora](https://app.box.com/s/jhy5k76ox6z8sy6tdjnqqrlz5r2o29h8)
* Jan 13 - [The Command Structure Of The Aurora Botnet](https://app.box.com/s/6jeekvxflthmub9v26nybp5kqw9tjopj)
* Jan 01 - [Case Study: Operation Aurora](https://app.box.com/s/ni4xs2iuol4vskbc25vrxjih2w1ep7p6)
## 2009
* Mar 29 - [Tracking Ghostnet: Investigating A Cyber Espionage Network](https://app.box.com/s/8dq0gur02w8oh0z7ljjz5mh8l11cmrhh)
* Jan 18 - [Impact Of Alleged Russian Cyber Attack](https://app.box.com/s/4q3ws8a3ymx6y4ygsp4k4zm8gx0imsy0)
## 2008
* Nov 11 - [Russian Cyberwar On Georgia](https://app.box.com/s/ce4fr8p0mxv2pjcvh4pmma1q7oqc4vnc)
* Oct 01 - [How China Will Use Cyber Warfare](https://app.box.com/s/696xnzy1an3jbm3b212y5n8xieirbemd)