Mimikatz
Techniques Used |
||||
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| Enterprise | T1134 | .005 | Access Token Manipulation: SID-History Injection |
Mimikatz's |
| Enterprise | T1547 | .005 | Boot or Logon Autostart Execution: Security Support Provider |
The Mimikatz credential dumper contains an implementation of an SSP.(Citation: Deply Mimikatz) |
| Enterprise | T1555 | .003 | Credentials from Password Stores: Credentials from Web Browsers |
Mimikatz performs credential dumping to obtain account and password information useful in gaining access to additional systems and enterprise network resources. It contains functionality to acquire information about credentials in many ways, including from DPAPI.(Citation: Deply Mimikatz)(Citation: GitHub Mimikatz lsadump Module)(Citation: Directory Services Internals DPAPI Backup Keys Oct 2015)(Citation: NCSC Joint Report Public Tools) |
| .004 | Credentials from Password Stores: Windows Credential Manager |
Mimikatz contains functionality to acquire credentials from the Windows Credential Manager.(Citation: Delpy Mimikatz Crendential Manager) |
||
| Enterprise | T1003 | .001 | OS Credential Dumping: LSASS Memory |
Mimikatz performs credential dumping to obtain account and password information useful in gaining access to additional systems and enterprise network resources. It contains functionality to acquire information about credentials in many ways, including from the LSASS Memory.(Citation: Deply Mimikatz)(Citation: GitHub Mimikatz lsadump Module)(Citation: Directory Services Internals DPAPI Backup Keys Oct 2015)(Citation: NCSC Joint Report Public Tools) |
| .002 | OS Credential Dumping: Security Account Manager |
Mimikatz performs credential dumping to obtain account and password information useful in gaining access to additional systems and enterprise network resources. It contains functionality to acquire information about credentials in many ways, including from the SAM table.(Citation: Deply Mimikatz)(Citation: GitHub Mimikatz lsadump Module)(Citation: Directory Services Internals DPAPI Backup Keys Oct 2015)(Citation: NCSC Joint Report Public Tools) |
||
| .004 | OS Credential Dumping: LSA Secrets |
Mimikatz performs credential dumping to obtain account and password information useful in gaining access to additional systems and enterprise network resources. It contains functionality to acquire information about credentials in many ways, including from the LSA.(Citation: Deply Mimikatz)(Citation: GitHub Mimikatz lsadump Module)(Citation: Directory Services Internals DPAPI Backup Keys Oct 2015)(Citation: NCSC Joint Report Public Tools) |
||
| .006 | OS Credential Dumping: DCSync |
Mimikatz performs credential dumping to obtain account and password information useful in gaining access to additional systems and enterprise network resources. It contains functionality to acquire information about credentials in many ways, including from DCSync/NetSync.(Citation: Deply Mimikatz)(Citation: GitHub Mimikatz lsadump Module)(Citation: Directory Services Internals DPAPI Backup Keys Oct 2015)(Citation: NCSC Joint Report Public Tools)(Citation: Cobalt Strike Manual 4.3 November 2020) |
||
| Enterprise | T1558 | .001 | Steal or Forge Kerberos Tickets: Golden Ticket |
Mimikatz's kerberos module can create golden tickets.(Citation: GitHub Mimikatz kerberos Module)(Citation: Cobalt Strike Manual 4.3 November 2020) |
| .002 | Steal or Forge Kerberos Tickets: Silver Ticket |
Mimikatz's kerberos module can create silver tickets.(Citation: GitHub Mimikatz kerberos Module) |
||
| Enterprise | T1552 | .004 | Unsecured Credentials: Private Keys |
Mimikatz's |
| Enterprise | T1550 | .002 | Use Alternate Authentication Material: Pass the Hash |
Mimikatz's |
| .003 | Use Alternate Authentication Material: Pass the Ticket |
Mimikatz’s |
||
Groups That Use This Software |
||
| ID | Name | References |
|---|---|---|
| G0050 | APT32 |
(Citation: Cybereason Oceanlotus May 2017) (Citation: FireEye APT32 May 2017) (Citation: Cybereason Cobalt Kitty 2017) |
| G0016 | APT29 |
(Citation: F-Secure The Dukes) (Citation: Microsoft 365 Defender Solorigate) (Citation: CrowdStrike StellarParticle January 2022) |
| G1006 | Earth Lusca |
(Citation: TrendMicro EarthLusca 2022) |
| G0046 | FIN7 |
(Citation: CrowdStrike Carbon Spider August 2021) |
| G0079 | DarkHydrus |
(Citation: Unit 42 DarkHydrus July 2018) (Citation: Unit 42 Playbook Dec 2017) |
| G0118 | UNC2452 |
(Citation: Microsoft 365 Defender Solorigate) |
| G0092 | TA505 |
(Citation: NCC Group TA505) |
| G1030 | Agrius |
(Citation: Unit42 Agrius 2023) |
| G0060 | BRONZE BUTLER |
(Citation: Secureworks BRONZE BUTLER Oct 2017) (Citation: Symantec Tick Apr 2016) (Citation: Trend Micro Tick November 2019) |
|
(Citation: FoxIT Wocao December 2019) |
||
| G0034 | Sandworm Team |
(Citation: Dragos Crashoverride 2018) |
| G0064 | APT33 |
(Citation: Symantec Elfin Mar 2019) |
| G1024 | Akira |
(Citation: Arctic Wolf Akira 2023) |
| G0131 | Tonto Team |
(Citation: Kaspersky CactusPete Aug 2020) |
| G0087 | APT39 |
(Citation: Symantec Chafer February 2018) (Citation: BitDefender Chafer May 2020) (Citation: FireEye APT39 Jan 2019) (Citation: Dark Reading APT39 JAN 2019) |
| G0108 | Blue Mockingbird |
(Citation: RedCanary Mockingbird May 2020) |
| G0080 | Cobalt Group |
(Citation: PTSecurity Cobalt Group Aug 2017) (Citation: PTSecurity Cobalt Dec 2016) (Citation: Group IB Cobalt Aug 2017) |
| G0027 | Threat Group-3390 |
(Citation: Talent-Jump Clambling February 2020) (Citation: SecureWorks BRONZE UNION June 2017) (Citation: Profero APT27 December 2020) (Citation: Trend Micro DRBControl February 2020) (Citation: Nccgroup Emissary Panda May 2018) |
| G0004 | Ke3chang |
(Citation: Microsoft NICKEL December 2021) (Citation: NCC Group APT15 Alive and Strong) |
| G0045 | menuPass |
(Citation: PWC Cloud Hopper Technical Annex April 2017) |
| G1023 | APT5 |
(Citation: Mandiant Pulse Secure Update May 2021) |
| G0088 | TEMP.Veles |
(Citation: FireEye TRITON 2019) |
| G0007 | APT28 |
(Citation: Kaspersky Sofacy) |
| G0006 | APT1 |
(Citation: Mandiant APT1) |
| G1016 | FIN13 |
(Citation: Mandiant FIN13 Aug 2022) |
| G0059 | Magic Hound |
(Citation: FireEye APT35 2018) |
| G0086 | Stolen Pencil |
(Citation: Netscout Stolen Pencil Dec 2018) |
|
(Citation: CISA Iran Albanian Attacks September 2022) (Citation: Microsoft Albanian Government Attacks September 2022) |
||
| G1015 | Scattered Spider |
(Citation: CISA Scattered Spider Advisory November 2023) (Citation: MSTIC Octo Tempest Operations October 2023) |
|
(Citation: FireEye TRITON 2019) |
||
| G0076 | Thrip |
(Citation: Symantec Thrip June 2018) |
| G0116 | Operation Wocao |
(Citation: FoxIT Wocao December 2019) |
|
(Citation: Costa AvosLocker May 2022) (Citation: Cisco Talos Avos Jun 2022) |
||
|
(Citation: CrowdStrike StellarParticle January 2022) (Citation: Microsoft 365 Defender Solorigate) |
||
| G1004 | LAPSUS$ |
(Citation: MSTIC DEV-0537 Mar 2022) |
|
(Citation: Mandiant APT41) |
||
| G1017 | Volt Typhoon |
(Citation: CISA AA24-038A PRC Critical Infrastructure February 2024) (Citation: Joint Cybersecurity Advisory Volt Typhoon June 2023) |
| G0135 | BackdoorDiplomacy |
(Citation: ESET BackdoorDiplomacy Jun 2021) |
| G0119 | Indrik Spider |
(Citation: Crowdstrike Indrik November 2018) (Citation: Mandiant_UNC2165) |
| G0093 | GALLIUM |
(Citation: Cybereason Soft Cell June 2019) (Citation: Microsoft GALLIUM December 2019) |
|
(Citation: FireEye TRITON 2018) |
||
| G0069 | MuddyWater |
(Citation: Unit 42 MuddyWater Nov 2017) (Citation: TrendMicro POWERSTATS V3 June 2019) |
| G0077 | Leafminer |
(Citation: Symantec Leafminer July 2018) |
| G0096 | APT41 |
(Citation: Group IB APT 41 June 2021) (Citation: FireEye APT41 Aug 2019) |
| G0032 | Lazarus Group |
(Citation: Lazarus KillDisk) |
| G0003 | Cleaver |
(Citation: Cylance Cleaver) |
| G0082 | APT38 |
(Citation: FireEye APT38 Oct 2018) |
| G0010 | Turla |
(Citation: ESET Turla Mosquito May 2018) (Citation: Symantec Waterbug Jun 2019) |
| G0114 | Chimera |
(Citation: Cycraft Chimera April 2020) (Citation: NCC Group Chimera January 2021) |
| G0102 | Wizard Spider |
(Citation: FireEye KEGTAP SINGLEMALT October 2020) (Citation: DHS/CISA Ransomware Targeting Healthcare October 2020) |
| G0008 | Carbanak |
(Citation: Kaspersky Carbanak) |
| G0011 | PittyTiger |
(Citation: Bizeul 2014) |
| G1001 | HEXANE |
(Citation: Kaspersky Lyceum October 2021) |
| G0035 | Dragonfly |
(Citation: Secureworks IRON LIBERTY July 2019) |
| G0049 | OilRig |
(Citation: FireEye APT34 Webinar Dec 2017) (Citation: FireEye APT35 2018) (Citation: Unit42 OilRig Playbook 2023) |
| G0094 | Kimsuky |
(Citation: Netscout Stolen Pencil Dec 2018) (Citation: KISA Operation Muzabi) (Citation: Mandiant APT43 March 2024) |
| G1040 | Play |
(Citation: Trend Micro Ransomware Spotlight Play July 2023) |
| G0037 | FIN6 |
(Citation: Security Intelligence More Eggs Aug 2019) |
| G0107 | Whitefly |
(Citation: Symantec Whitefly March 2019) |
References
- Kálnai, P., Cherepanov A. (2018, April 03). Lazarus KillDisks Central American casino. Retrieved May 17, 2018.
- Dantzig, M. v., Schamper, E. (2019, December 19). Operation Wocao: Shining a light on one of China’s hidden hacking groups. Retrieved October 8, 2020.
- Microsoft 365 Defender Team. (2020, December 28). Using Microsoft 365 Defender to protect against Solorigate. Retrieved January 7, 2021.
- ASERT team. (2018, December 5). STOLEN PENCIL Campaign Targets Academia. Retrieved February 5, 2019.
- Deply, B. (n.d.). Mimikatz. Retrieved September 29, 2015.
- Metcalf, S. (2015, November 13). Unofficial Guide to Mimikatz & Command Reference. Retrieved December 23, 2015.
- Deply, B., Le Toux, V. (2016, June 5). module ~ lsadump. Retrieved August 7, 2017.
- Grafnetter, M. (2015, October 26). Retrieving DPAPI Backup Keys from Active Directory. Retrieved December 19, 2017.
- The Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), CERT New Zealand, the UK National Cyber Security Centre (UK NCSC) and the US National Cybersecurity and Communications Integration Center (NCCIC). (2018, October 11). Joint report on publicly available hacking tools. Retrieved March 11, 2019.
- Strategic Cyber LLC. (2020, November 5). Cobalt Strike: Advanced Threat Tactics for Penetration Testers. Retrieved April 13, 2021.
- Carr, N.. (2017, May 14). Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations. Retrieved June 18, 2017.
- Dahan, A. (2017, May 24). OPERATION COBALT KITTY: A LARGE-SCALE APT IN ASIA CARRIED OUT BY THE OCEANLOTUS GROUP. Retrieved November 5, 2018.
- Dahan, A. (2017). Operation Cobalt Kitty. Retrieved December 27, 2018.
- F-Secure Labs. (2015, September 17). The Dukes: 7 years of Russian cyberespionage. Retrieved December 10, 2015.
- CrowdStrike. (2022, January 27). Early Bird Catches the Wormhole: Observations from the StellarParticle Campaign. Retrieved February 7, 2022.
- Chen, J., et al. (2022). Delving Deep: An Analysis of Earth Lusca’s Operations. Retrieved July 1, 2022.
- Loui, E. and Reynolds, J. (2021, August 30). CARBON SPIDER Embraces Big Game Hunting, Part 1. Retrieved September 20, 2021.
- Falcone, R., et al. (2018, July 27). New Threat Actor Group DarkHydrus Targets Middle East Government. Retrieved August 2, 2018.
- Unit 42. (2017, December 15). Unit 42 Playbook Viewer. Retrieved December 20, 2017.
- Terefos, A. (2020, November 18). TA505: A Brief History of Their Time. Retrieved July 14, 2022.
- Or Chechik, Tom Fakterman, Daniel Frank & Assaf Dahan. (2023, November 6). Agonizing Serpens (Aka Agrius) Targeting the Israeli Higher Education and Tech Sectors. Retrieved May 22, 2024.
- Counter Threat Unit Research Team. (2017, October 12). BRONZE BUTLER Targets Japanese Enterprises. Retrieved January 4, 2018.
- DiMaggio, J. (2016, April 28). Tick cyberespionage group zeros in on Japan. Retrieved July 16, 2018.
- Chen, J. et al. (2019, November). Operation ENDTRADE: TICK’s Multi-Stage Backdoors for Attacking Industries and Stealing Classified Data. Retrieved June 9, 2020.
- Dantzig, M. v., Schamper, E. (2019, December 19). Operation Wocao: Shining a light on one of China’s hidden hacking groups. Retrieved October 8, 2020.
- Joe Slowik. (2018, October 12). Anatomy of an Attack: Detecting and Defeating CRASHOVERRIDE. Retrieved December 18, 2020.
- Security Response attack Investigation Team. (2019, March 27). Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.. Retrieved April 10, 2019.
- Metcalf, S. (2015, August 7). Kerberos Golden Tickets are Now More Golden. Retrieved December 1, 2017.
- Steven Campbell, Akshay Suthar, & Connor Belfiorre. (2023, July 26). Conti and Akira: Chained Together. Retrieved February 20, 2024.
- Zykov, K. (2020, August 13). CactusPete APT group’s updated Bisonal backdoor. Retrieved May 5, 2021.
- Hawley et al. (2019, January 29). APT39: An Iranian Cyber Espionage Group Focused on Personal Information. Retrieved February 19, 2019.
- Higgins, K. (2019, January 30). Iran Ups its Traditional Cyber Espionage Tradecraft. Retrieved May 22, 2020.
- Rusu, B. (2020, May 21). Iranian Chafer APT Targeted Air Transportation and Government in Kuwait and Saudi Arabia. Retrieved May 22, 2020.
- Symantec. (2018, February 28). Chafer: Latest Attacks Reveal Heightened Ambitions. Retrieved May 22, 2020.
- Lambert, T. (2020, May 7). Introducing Blue Mockingbird. Retrieved May 26, 2020.
- Positive Technologies. (2017, August 16). Cobalt Strikes Back: An Evolving Multinational Threat to Finance. Retrieved September 5, 2018.
- Positive Technologies. (2016, December 16). Cobalt Snatch. Retrieved October 9, 2018.
- Matveeva, V. (2017, August 15). Secrets of Cobalt. Retrieved October 10, 2018.
- Chen, T. and Chen, Z. (2020, February 17). CLAMBLING - A New Backdoor Base On Dropbox. Retrieved November 12, 2021.
- Counter Threat Unit Research Team. (2017, June 27). BRONZE UNION Cyberespionage Persists Despite Disclosures. Retrieved July 13, 2017.
- Global Threat Center, Intelligence Team. (2020, December). APT27 Turns to Ransomware. Retrieved November 12, 2021.
- Lunghi, D. et al. (2020, February). Uncovering DRBControl. Retrieved November 12, 2021.
- Pantazopoulos, N., Henry T. (2018, May 18). Emissary Panda – A potential new malicious tool. Retrieved June 25, 2018.
- Smallridge, R. (2018, March 10). APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS. Retrieved April 4, 2018.
- MSTIC. (2021, December 6). NICKEL targeting government organizations across Latin America and Europe. Retrieved March 18, 2022.
- PwC and BAE Systems. (2017, April). Operation Cloud Hopper: Technical Annex. Retrieved April 13, 2017.
- Perez, D. et al. (2021, May 27). Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices. Retrieved February 5, 2024.
- Miller, S, et al. (2019, April 10). TRITON Actor TTP Profile, Custom Attack Tools, Detections, and ATT&CK Mapping. Retrieved April 16, 2019.
- Kaspersky Lab's Global Research and Analysis Team. (2015, December 4). Sofacy APT hits high profile targets with updated toolset. Retrieved December 10, 2015.
- Mandiant. (n.d.). APT1 Exposing One of China’s Cyber Espionage Units. Retrieved July 18, 2016.
- Ta, V., et al. (2022, August 8). FIN13: A Cybercriminal Threat Actor Focused on Mexico. Retrieved February 9, 2023.
- Mandiant. (2018). Mandiant M-Trends 2018. Retrieved July 9, 2018.
- Metcalf, S. (2015, January 19). Attackers Can Now Use Mimikatz to Implant Skeleton Key on Domain Controllers & BackDoor Your Active Directory Forest. Retrieved February 3, 2015.
- CISA. (2022, September 23). AA22-264A Iranian State Actors Conduct Cyber Operations Against the Government of Albania. Retrieved August 6, 2024.
- MSTIC. (2022, September 8). Microsoft investigates Iranian attacks against the Albanian government. Retrieved August 6, 2024.
- CISA. (2023, November 16). Cybersecurity Advisory: Scattered Spider (AA23-320A). Retrieved March 18, 2024.
- Microsoft. (2023, October 25). Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction. Retrieved March 18, 2024.
- Security Response Attack Investigation Team. (2018, June 19). Thrip: Espionage Group Hits Satellite, Telecoms, and Defense Companies. Retrieved July 10, 2018.
- Schroeder, W. (2015, September 22). Mimikatz and DCSync and ExtraSids, Oh My. Retrieved December 4, 2017.
- Costa, F. (2022, May 1). RaaS AvosLocker Incident Response Analysis. Retrieved January 11, 2023.
- Venere, G. Neal, C. (2022, June 21). Avos ransomware group expands with new attack arsenal. Retrieved January 11, 2023.
- Deply, B., Le Toux, V.. (2016, June 5). module ~ kerberos. Retrieved March 17, 2020.
- MSTIC, DART, M365 Defender. (2022, March 24). DEV-0537 Criminal Actor Targeting Organizations for Data Exfiltration and Destruction. Retrieved May 17, 2022.
- Rufus Brown, Van Ta, Douglas Bienstock, Geoff Ackerman, John Wolfram. (2022, March 8). Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments. Retrieved July 8, 2022.
- CISA et al.. (2024, February 7). PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure. Retrieved May 15, 2024.
- NSA et al. (2023, May 24). People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection. Retrieved July 27, 2023.
- Adam Burgher. (2021, June 10). BackdoorDiplomacy: Upgrading from Quarian to Turian. Retrieved September 1, 2021
- Frankoff, S., Hartley, B. (2018, November 14). Big Game Hunting: The Evolution of INDRIK SPIDER From Dridex Wire Fraud to BitPaymer Targeted Ransomware. Retrieved January 6, 2021.
- Mandiant Intelligence. (2022, June 2). To HADES and Back: UNC2165 Shifts to LOCKBIT to Evade Sanctions. Retrieved July 29, 2024.
- Cybereason Nocturnus. (2019, June 25). Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers. Retrieved July 18, 2019.
- MSTIC. (2019, December 12). GALLIUM: Targeting global telecom. Retrieved January 13, 2021.
- Miller, S. Reese, E. (2018, June 7). A Totally Tubular Treatise on TRITON and TriStation. Retrieved January 6, 2021.
- Lancaster, T.. (2017, November 14). Muddying the Water: Targeted Attacks in the Middle East. Retrieved March 15, 2018.
- Lunghi, D. and Horejsi, J.. (2019, June 10). MuddyWater Resurfaces, Uses Multi-Stage Backdoor POWERSTATS V3 and New Post-Exploitation Tools. Retrieved May 14, 2020.
- Symantec Security Response. (2018, July 25). Leafminer: New Espionage Campaigns Targeting Middle Eastern Regions. Retrieved August 28, 2018.
- Fraser, N., et al. (2019, August 7). Double DragonAPT41, a dual espionage and cyber crime operation APT41. Retrieved September 23, 2019.
- Rostovcev, N. (2021, June 10). Big airline heist APT41 likely behind a third-party attack on Air India. Retrieved August 26, 2021.
- Cylance. (2014, December). Operation Cleaver. Retrieved September 14, 2017.
- FireEye. (2018, October 03). APT38: Un-usual Suspects. Retrieved November 6, 2018.
- ESET Research. (2018, May 22). Turla Mosquito: A shift towards more generic tools. Retrieved July 3, 2018.
- Symantec DeepSight Adversary Intelligence Team. (2019, June 20). Waterbug: Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments. Retrieved July 8, 2019.
- Cycraft. (2020, April 15). APT Group Chimera - APT Operation Skeleton key Targets Taiwan Semiconductor Vendors. Retrieved August 24, 2020..
- Jansen, W . (2021, January 12). Abusing cloud services to fly under the radar. Retrieved September 12, 2024.
- Kimberly Goody, Jeremy Kennelly, Joshua Shilko, Steve Elovitz, Douglas Bienstock. (2020, October 28). Unhappy Hour Special: KEGTAP and SINGLEMALT With a Ransomware Chaser. Retrieved October 28, 2020.
- DHS/CISA. (2020, October 28). Ransomware Activity Targeting the Healthcare and Public Health Sector. Retrieved October 28, 2020.
- Kaspersky Lab's Global Research and Analysis Team. (2015, February). CARBANAK APT THE GREAT BANK ROBBERY. Retrieved August 23, 2018.
- Delpy, B. (2017, December 12). howto ~ credential manager saved credentials. Retrieved November 23, 2020.
- Bizeul, D., Fontarensky, I., Mouchoux, R., Perigaud, F., Pernet, C. (2014, July 11). Eye of the Tiger. Retrieved September 29, 2015.
- Kayal, A. et al. (2021, October). LYCEUM REBORN: COUNTERINTELLIGENCE IN THE MIDDLE EAST. Retrieved June 14, 2022.
- Secureworks. (2019, July 24). Resurgent Iron Liberty Targeting Energy Sector. Retrieved August 12, 2020.
- Davis, S. and Caban, D. (2017, December 19). APT34 - New Targeted Attack in the Middle East. Retrieved December 20, 2017.
- Unit42. (2016, May 1). Evasive Serpens Unit 42 Playbook Viewer. Retrieved February 6, 2023.
- KISA. (2021). Phishing Target Reconnaissance and Attack Resource Analysis Operation Muzabi. Retrieved March 8, 2024.
- Mandiant. (2024, March 14). APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations. Retrieved May 3, 2024.
- Trend Micro Research. (2023, July 21). Ransomware Spotlight: Play. Retrieved September 24, 2024.
- Villadsen, O.. (2019, August 29). More_eggs, Anyone? Threat Actor ITG08 Strikes Again. Retrieved September 16, 2019.
- Symantec. (2019, March 6). Whitefly: Espionage Group has Singapore in Its Sights. Retrieved May 26, 2020.
Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.