Silobreaker Update 2021年12月02日
インターネット上でトレンドとなっている脅威アクター、マルウェアのランキングです。
Silobreaker の API を使用して作成しています。このページに関する説明はこちらをご覧ください。
Threat Actor
| Name | Move | Volume 1d | Volume 7d | Volume 30d |
|---|---|---|---|---|
| Donot Team |  |
3 | 3 | 3 |
| Pinoy Grayhats | |
1 | 1 | 1 |
| FIN10 | |
1 | 1 | 1 |
| Lalartu |  |
4 | 5 | 5 |
| APT40 |  |
6 | 6 | 11 |
Malware
| Name | Move | Volume 1d | Volume 7d | Volume 30d |
|---|---|---|---|---|
| PolyglotDuke Malware | |
2 | 2 | 2 |
| EwDoor | |
8 | 12 | 12 |
| Crackonosh | |
3 | 3 | 6 |
| SpyEye Trojan | |
2 | 2 | 3 |
| Yanluowang Ransomware |  |
5 | 14 | 14 |
Related documents
- ThreatActor:Donot Team
- APTs Leverage New RTF Phishing Tactic
- Published by Duo Decipher – RSS (2021-12-01 22:00:00)
- Entities:
- AttackType:RTF Template Injection, Keyphrase:Research, AttackType:Phishing, Incident:Attack, Keyphrase:Leverage
- ThreatActor:Pinoy Grayhats
- Bong Go’s website hacked
- Published by Daily Tribune Philippines (2021-12-01 09:00:00)
- Entities:
- ThreatActor:Pinoy Grayhats, Keyphrase:Revel, AttackType:Website Defacement, Keyphrase:Hacker Group, Keyphrase:Computer Hacker
- ThreatActor:FIN10
- CarePartners agrees to settle proposed cyberattack class action for up to $3.4 million, but don’t party just yet
- Published by DataBreaches.net (2021-12-02 01:42:32)
- Entities:
- Domain:DataBreaches.net, Keyphrase:Breach, Keyphrase:Computer Hacker, Keyphrase:Class Action, Organization:CBC News
- ThreatActor:Lalartu
- BleepinComputer – As described by a report by @McAfee and @John_Fokker, Lalartu is a ransomware affiliate who originally worked with… https://t.co/A9BnnKOoD3
- Published by BleepinComputer – Twitter (2021-12-01 08:33:06)
- Entities:
- Malware:GandCrab Ransomware, Malware:REvil Ransomware, ThreatActor:Lalartu, Username:@John_Fokker, Subdomain:www.mcafee.com
- ThreatActor:APT40
- TA423, Gamaredon, and DoNoT & RTF Template Injection
- Published by Red Sky Alliance – X-Industry – RSS (2021-12-02 05:55:08)
- Entities:
- AttackType:RTF Template Injection, ThreatActor:APT40, ThreatActor:Gamaredon Group, Company:Proofpoint Inc, Incident:Attack
- Malware:PolyglotDuke Malware
- virusbtn – Security researcher @0xthreatintel writes about techniques that can be used for the unpacking of the APT29 Polyglot… https://t.co/1juGQueMQZ
- Published by virusbtn – Twitter (2021-12-01 23:09:02)
- Entities:
- Malware:PolyglotDuke Malware, ThreatActor:APT29, Username:@virusbtn, Keyphrase:Security Researcher, UrlFull:https://0xthreatintel.medium.com/unpacking-of-apt29-polyglotduke-6b3544ccd637
- Malware:EwDoor
- EwDoor僵尸网络,正在攻击美国AT&T用户 – The EwDoor botnet is attacking US AT&T users – Chinese reporting – discovered that an attacker was attacking Edgewater Networks equipment through the CVE-2017-6079 vulnerability
- Published by Reddit – BlueTeamSec – RSS (2021-12-01 23:32:20)
- Entities:
- Malware:EwDoor, Vulnerability:CVE-2017-6079, Company:Edgewater Networks Inc, Incident:Attack, Company:AT&T Inc
- Malware:Crackonosh
- CoinHelper Research | Avast
- Published by Avast Blog (2021-12-01 21:08:08)
- Entities:
- Company:Avast Software, Keyphrase:Research, Malware:Crackonosh, Keyphrase:Cracked, Subdomain:blog.avast.com
- Malware:SpyEye Trojan
- Founder of bulletproof hosting provider used by malware gangs gets 5 years in prison
- Published by The Record by Recorded Future (2021-12-02 03:06:55)
- Entities:
- Keyphrase:Bulletproof Hosting, Keyphrase:Malware, Keyphrase:Hosting Provider, Keyphrase:Prison, Keyphrase:Cybercrime
- Malware:Yanluowang Ransomware
- Yanluowang: Further Insights on New Ransomware Threat
- Published by Reddit – BlueTeamSec – RSS (2021-12-01 18:37:17)
- Entities:
- Malware:Yanluowang Ransomware, Keyphrase:Ransomware, Keyphrase:Threat
