Silobreaker Update 2021年11月30日
インターネット上でトレンドとなっている脅威アクター、マルウェアのランキングです。
Silobreaker の API を使用して作成しています。このページに関する説明はこちらをご覧ください。
Threat Actor
| Name | Move | Volume 1d | Volume 7d | Volume 30d |
|---|---|---|---|---|
| Silent Chollima |  |
1 | 1 | 1 |
| GhostEmperor |  |
1 | 1 | 2 |
| APT34 | |
1 | 1 | 2 |
| APT37 |  |
18 | 22 | 37 |
| ChamelGang | |
1 | 3 | 3 |
Malware
| Name | Move | Volume 1d | Volume 7d | Volume 30d |
|---|---|---|---|---|
| Sabbath Ransomware | |
4 | 4 | 4 |
| SpyAgent | |
3 | 3 | 3 |
| ERMAC Android Banking Trojan | |
3 | 3 | 3 |
| DarkComet |  |
6 | 6 | 8 |
| CronRAT | |
12 | 36 | 36 |
Related documents
- ThreatActor:Silent Chollima
- Nowhere to Hide: Detecting SILENT CHOLLIMA’s Custom Tooling
- Published by CrowdStrike blogs (2021-11-29 18:25:46)
- Entities:
- ThreatActor:Silent Chollima, Keyphrase:threat hunting, Keyphrase:Threat Actor, Keyphrase:Threat, Incident:Intrusion
- ThreatActor:GhostEmperor
- kaspersky – .@emm_david takes a look at how the threat landscape has shifted during Q3. Topics covered include:
✔️… https://t.co/DGZatjUuJy - Published by kaspersky – Twitter (2021-11-29 19:25:03)
- Entities:
- HashTag:#WildPressure, Username:@emm_david, ThreatActor:GhostEmperor, Vulnerability:CVE-2021-40444, Domain:Securelist.com
- ThreatActor:APT34
- hackerfantastic – @ModernThoth I’ve no reason to doubt the authenticity of the data based on the source and as it follows the US DoJ… https://t.co/wMK0avEQ2H
- Published by hackerfantastic – Twitter (2021-11-29 09:45:01)
- Entities:
- ThreatActor:APT34, GovernmentBody:Government of Iran, Keyphrase:PII Personally Identifiable Information, Username:@hackerfantastic, Keyphrase:Authenticity
- ThreatActor:APT37
- APT37 targets journalists with Chinotto multi-platform malware
- Published by MalwareTips.com (2021-11-30 00:07:58)
- Entities:
- Keyphrase:Chinotto, ThreatActor:APT37, Keyphrase:Journalist, Keyphrase:Malware, AttackType:Watering Hole Attack
- ThreatActor:ChamelGang
- CyberCrimeCon 2021: Top-tier Cybersecurity Gathering to Go Live on December 2
- Published by CISO MAG – Cyber Security Magazine (2021-11-29 14:30:27)
- Entities:
- Company:Group-IB, Keyphrase:Cyber Security, MusicBand:4 P.M., Keyphrase:December, Keyphrase:Cybercrime
- Malware:Sabbath Ransomware
- fr0s7_ – RT @780thC: @Mandiant observed two occasions where the ransomware operator provided its affiliates with pre-configured Cobalt Strike BEACON…
- Published by fr0s7_ – Twitter (2021-11-30 07:00:32)
- Entities:
- Malware:Sabbath Ransomware, Username:@fr0s7_, Username:@mandiant, Malware:Cobalt Strike Beacon, AttackType:Backdoor
- Malware:SpyAgent
- Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites
- Published by Trend Micro Research News Perspectives (2021-11-29 09:00:00)
- Entities:
- Keyphrase:Administrator, Keyphrase:Fake, Keyphrase:Campaign, Keyphrase:Cryptocurrency, Malware:SpyAgent
- Malware:ERMAC Android Banking Trojan
- More than 300,000 Play Store users infected with Android banking trojans
- Published by The Record by Recorded Future (2021-11-30 05:21:09)
- Entities:
- AttackType:Banking Trojan, Software:Google Play, Keyphrase:Malware, Company:ThreatFabric BV, Software:Google Android
- Malware:DarkComet
- Black Hat Europe 2021 Network Operations Center: London called, We answered
- Published by Security – Cisco Blog (2021-11-29 22:00:28)
- Entities:
- Company:Meraki, Company:Cisco Systems Inc, Keyphrase:Black Hat, Keyphrase:Conference, Keyphrase:Blackhat Europe
- Malware:CronRAT
- This stealthy malware hides behind an impossible date
- Published by FedCyber blog (2021-11-29 23:33:11)
- Entities:
- Keyphrase:RAT Remote Access Trojan, Malware:CronRAT, Keyphrase:Malware, Company:Sanguine Security BV, Keyphrase:Evading Detection
