ipconfig
Groups That Use This Software |
||
ID | Name | References |
---|---|---|
G0093 | GALLIUM |
(Citation: Cybereason Soft Cell June 2019) |
G0006 | APT1 |
(Citation: Mandiant APT1) |
G1017 | Volt Typhoon |
(Citation: Joint Cybersecurity Advisory Volt Typhoon June 2023) |
G0050 | APT32 |
(Citation: Cybereason Cobalt Kitty 2017) |
G0096 | APT41 |
(Citation: Group IB APT 41 June 2021) |
G0049 | OilRig |
(Citation: Palo Alto OilRig May 2016) |
(Citation: Bitdefender FunnyDream Campaign November 2020) |
||
G0059 | Magic Hound |
(Citation: DFIR Report APT35 ProxyShell March 2022) (Citation: DFIR Phosphorus November 2021) |
G0071 | Orangeworm |
(Citation: Symantec Orangeworm April 2018) |
G1001 | HEXANE |
(Citation: ClearSky Siamesekitten August 2021) (Citation: Zscaler Lyceum DnsSystem June 2022) |
G0027 | Threat Group-3390 |
(Citation: SecureWorks BRONZE UNION June 2017) |
G0016 | APT29 |
(Citation: CISA SoreFang July 2016) |
G0018 | admin@338 |
(Citation: FireEye admin@338) |
G0004 | Ke3chang |
(Citation: Mandiant Operation Ke3chang November 2014) (Citation: NCC Group APT15 Alive and Strong) |
References
- Microsoft. (n.d.). Ipconfig. Retrieved April 17, 2016.
- Cybereason Nocturnus. (2019, June 25). Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers. Retrieved July 18, 2019.
- Mandiant. (n.d.). APT1 Exposing One of China’s Cyber Espionage Units. Retrieved July 18, 2016.
- NSA et al. (2023, May 24). People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection. Retrieved July 27, 2023.
- Dahan, A. (2017). Operation Cobalt Kitty. Retrieved December 27, 2018.
- Rostovcev, N. (2021, June 10). Big airline heist APT41 likely behind a third-party attack on Air India. Retrieved August 26, 2021.
- Falcone, R. and Lee, B.. (2016, May 26). The OilRig Campaign: Attacks on Saudi Arabian Organizations Deliver Helminth Backdoor. Retrieved May 3, 2017.
- Vrabie, V. (2020, November). Dissecting a Chinese APT Targeting South Eastern Asian Government Institutions. Retrieved September 19, 2022.
- DFIR Report. (2021, November 15). Exchange Exploit Leads to Domain Wide Ransomware. Retrieved January 5, 2023.
- DFIR Report. (2022, March 21). APT35 Automates Initial Access Using ProxyShell. Retrieved May 25, 2022.
- Symantec Security Response Attack Investigation Team. (2018, April 23). New Orangeworm attack group targets the healthcare sector in the U.S., Europe, and Asia. Retrieved May 8, 2018.
- ClearSky Cyber Security . (2021, August). New Iranian Espionage Campaign By “Siamesekitten” - Lyceum. Retrieved June 6, 2022.
- Shivtarkar, N. and Kumar, A. (2022, June 9). Lyceum .NET DNS Backdoor. Retrieved June 23, 2022.
- Counter Threat Unit Research Team. (2017, June 27). BRONZE UNION Cyberespionage Persists Despite Disclosures. Retrieved July 13, 2017.
- CISA. (2020, July 16). MAR-10296782-1.v1 – SOREFANG. Retrieved September 29, 2020.
- FireEye Threat Intelligence. (2015, December 1). China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets. Retrieved December 4, 2015.
- Villeneuve, N., Bennett, J. T., Moran, N., Haq, T., Scott, M., & Geers, K. (2014). OPERATION “KE3CHANG”: Targeted Attacks Against Ministries of Foreign Affairs. Retrieved November 12, 2014.
- Smallridge, R. (2018, March 10). APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS. Retrieved April 4, 2018.
Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.