Silobreaker Update 2021年04月09日
インターネット上でトレンドとなっている脅威アクター、マルウェアのランキングです。
Silobreaker の API を使用して作成しています。このページに関する説明はこちらをご覧ください。
Threat Actor
| Name | Move | Volume 1d | Volume 7d | Volume 30d |
|---|---|---|---|---|
| APT34 |  |
12 | 12 | 17 |
| Lab Dookhtegan |  |
2 | 2 | 4 |
| Cart Crasher |  |
4 | 4 | 12 |
| Popopret | |
3 | 3 | 8 |
| Energetic Bear | |
2 | 2 | 5 |
Malware
| Name | Move | Volume 1d | Volume 7d | Volume 30d |
|---|---|---|---|---|
| NukeSped |  |
3 | 3 | 3 |
| DNSpionage | |
3 | 3 | 3 |
| Karkoff | |
2 | 2 | 2 |
| TONEDEAF Backdoor | |
2 | 2 | 2 |
| Cring Ransomware | |
66 | 89 | 89 |
Related documents
- ThreatActor:APT34
- Iran’s APT34 Returns with an Updated Arsenal – Check Point Research
- Published by Reddit – BlueTeamSec – RSS (2021-04-08 23:35:12)
- Entities:
- ThreatActor:APT34, Company:Check Point Software Technologies Ltd, Country:Iran
- ThreatActor:Lab Dookhtegan
- Iran’s APT34 Returns with an Updated Arsenal
- Published by Check Point Research – RSS (2021-04-08 19:27:00)
- Entities:
- ThreatActor:APT34, AttackType:Backdoor, Domain:sarmsoftware.com, Keyphrase:C2 Command & Control, AttackType:DNS Tunneling
- ThreatActor:Cart Crasher
- Fraudulent purchase attempts value increased 69% in 2020
- Published by DataProtectionCenter – RSS (2021-04-08 13:00:00)
- Entities:
- Keyphrase:Fraud, Keyphrase:Internet Fraud, ThreatActor:Cart Crasher, Keyphrase:Stolen, Keyphrase:Payment Data
- ThreatActor:Popopret
- p0p0pr3t – @fr0gger_ Handy!
- Published by p0p0pr3t – Twitter (2021-04-08 17:28:00)
- Entities:
- Username:@p0p0pr3t, Username:@fr0gger_, ThreatActor:Popopret
- ThreatActor:Energetic Bear
- Cloud-native watering hole attack: Simple and potentially devastating
- Published by Help Net Security (2021-04-08 14:46:00)
- Entities:
- AttackType:Watering Hole Attack, Keyphrase:ICS Industrial Control Systems, Keyphrase:Attack, ThreatActor:Energetic Bear, Company:Twilio Inc
- Malware:NukeSped
- Previously Unknown Lazarus Backdoor ‘Vyveva’ Spotted in the Wild
- Published by TechNadu (2021-04-08 23:03:00)
- Entities:
- AttackType:Backdoor, Company:ESET, Keyphrase:Encryption, Malware:NukeSped, Keyphrase:North Korean APT
- Malware:DNSpionage
- Fake job listings help suspected Iranian hackers aim at targets in Lebanon
- Published by Cyberscoop – News (2021-04-08 23:43:49)
- Entities:
- ThreatActor:APT34, Keyphrase:Fake Job, Keyphrase:Computer Hacker, Keyphrase:Iranians, Company:Check Point Software Technologies Ltd
- Malware:Karkoff
- Iran’s APT34 Returns with an Updated Arsenal
- Published by Check Point Research – RSS (2021-04-08 19:27:00)
- Entities:
- ThreatActor:APT34, AttackType:Backdoor, Domain:sarmsoftware.com, Keyphrase:C2 Command & Control, AttackType:DNS Tunneling
- Malware:TONEDEAF Backdoor
- Iran’s APT34 Returns with an Updated Arsenal
- Published by Check Point Research – RSS (2021-04-08 19:27:00)
- Entities:
- ThreatActor:APT34, AttackType:Backdoor, Domain:sarmsoftware.com, Keyphrase:C2 Command & Control, AttackType:DNS Tunneling
- Malware:Cring Ransomware
- Unpatched vulnerable VPN servers hit by Cring ransomware
- Published by HackRead (2021-04-09 04:16:31)
- Entities:
- Malware:Cring Ransomware, Domain:Hackread.com, Company:Fortinet Inc, Company:Kaspersky Lab
