Silobreaker Update 2021年08月31日

インターネット上でトレンドとなっている脅威アクター、マルウェアのランキングです。
Silobreaker の API を使用して作成しています。このページに関する説明はこちらをご覧ください。

Name	Move	Volume 1d	Volume 7d	Volume 30d
UNC1878		1	1	1
CopyKittens		1	1	1
APT37		7	22	48
Magecart Group		4	5	21
Hive		4	25	57

Name	Move	Volume 1d	Volume 7d	Volume 30d
Magecart Malware		4	4	4
Fonix Ransomware		5	7	7
Ragnarok Ransomware		25	45	49
Asnarok Malware		7	11	11
Ziggy Ransomware		6	11	14

• ThreatActor:UNC1878
• Cobalt Strike, a Defender’s Guide
• Published by The DFIR Report – Blog (2021-08-30 08:36:36)
• Entities:
  • Software:Cobalt Strike,  AttackType:Trojan Horse,  Keyphrase:C2 Command & Control,  Malware:ETPRO TROJAN,  Malware:Cobalt Strike Beacon
• ThreatActor:CopyKittens
• Cobalt Strike, a Defender’s Guide
• Published by The DFIR Report – Blog (2021-08-30 08:36:36)
• Entities:
  • Software:Cobalt Strike,  AttackType:Trojan Horse,  Keyphrase:C2 Command & Control,  Malware:ETPRO TROJAN,  Malware:Cobalt Strike Beacon
• ThreatActor:APT37
• Konni RAT Targets Russian Users
• Published by Cyware (2021-08-31 06:50:00)
• Entities:
  • Malware:KONNI malware,  Country:Russia,  Keyphrase:Campaign,  Malware:Darkhotel Malware,  AttackType:Spear Phishing
• ThreatActor:Magecart Group
• An Overview of Magecart Attacks
• Published by Avast (2021-08-30 19:08:00)
• Entities:
  • ThreatActor:Magecart Group,  AttackType:Magecart Attack,  Keyphrase:Compromise,  Keyphrase:Ecommerce Site,  Incident:Attack
• ThreatActor:Hive
• Emerging Ransomware Groups: AvosLocker, Hive, HelloKitty, LockBit 2.0
• Published by Reddit – BlueTeamSec – RSS (2021-08-30 21:31:50)
• Entities:
  • Malware:AvosLocker Ransomware,  ThreatActor:Hive,  Malware:HelloKitty Ransomware,  Malware:LockBit Ransomware,  Keyphrase:Ransomware
• Malware:Magecart Malware
• An Overview of Magecart Attacks
• Published by Avast (2021-08-30 19:08:00)
• Entities:
  • ThreatActor:Magecart Group,  AttackType:Magecart Attack,  Keyphrase:Compromise,  Keyphrase:Ecommerce Site,  Incident:Attack
• Malware:Fonix Ransomware
• Citrix ADC Servers’ Ransomware Hacker Gang Calls It Quits, Releases Decryption Key
• Published by Benzinga.com (2021-08-31 04:13:00)
• Entities:
  • Software:Citrix Application Delivery Controller,  Keyphrase:Decryption,  Keyphrase:Ransomware,  Keyphrase:Servers,  Keyphrase:Hacker Group
• Malware:Ragnarok Ransomware
• Ragnarok ransomware gang shuts down and releases its decryption key
• Published by TechCrunch (2021-08-30 22:06:00)
• Entities:
  • Malware:Ragnarok Ransomware,  Keyphrase:Decryption,  Keyphrase:Ransomware,  Keyphrase:Release,  Software:Citrix Application Delivery Controller
• Malware:Asnarok Malware
• Daily Summary Cyberattacks 30 August
• Published by S21sec (2021-08-30 18:47:28)
• Entities:
  • Malware:BazarLoader,  Keyphrase:Ransomware,  Keyphrase:Malware,  Malware:LockFile Ransomware,  Keyphrase:Cyber Attack
• Malware:Ziggy Ransomware
• Citrix ADC Servers’ Ransomware Hacker Gang Calls It Quits, Releases Decryption Key
• Published by Benzinga.com (2021-08-31 04:13:00)
• Entities:
  • Software:Citrix Application Delivery Controller,  Keyphrase:Decryption,  Keyphrase:Ransomware,  Keyphrase:Servers,  Keyphrase:Hacker Group