APT Archives - Unit 42

Protect Against Russia-Ukraine Cyber Activity

ロシアのAPT29ハッカーがオンラインストレージサービスのDropBoxとGoogle Driveを悪用

2,022

people reacted

ロシアのAPT29ハッカーがオンラインストレージサービスのDropBoxとGoogle Driveを悪用

By Mike Harbison and Peter Renals
7月 26, 2022 at 1:34 AM

0

5 min. read

A conceptual image representing threat groups, used to represent a discussion of threat group naming systems.

1,515

people reacted

Unit 42の脅威グループの命名方法の更新

By Ryan Olson
7月 21, 2022 at 10:41 PM

0

< 1 min. read

GALLIUM、新ツールPingPullで通信・政府・金融業種へ標的を拡大

3,295

people reacted

GALLIUM、新ツールPingPullで通信・政府・金融業種へ標的を拡大

By Unit 42
6月 13, 2022 at 3:00 AM

0

3 min. read

A conceptual image representing cybercrime, such as the SockDetour backdoor being tracked by Unit 42 in conjunction with the TiltedTemple campaign.

3,422

people reacted

SockDetour: 米国防衛関連企業をひそかに狙うファイルレス・ソケットレスのバックドア

By Unit 42
2月 24, 2022 at 6:00 AM

0

2 min. read

A bear trap accompanied by symbols associated with Russia and Ukraine come together to form a conceptual image for Russia's Gamaredon, aka Primitive Bear, an APT targeting Ukraine.

4,651

people reacted

[2022-02-16更新] ウクライナを標的に活動を強めるロシアGamaredon (別名Primitive Bear)APTグループ

By Unit 42
2月 4, 2022 at 1:02 AM

0

4 min. read

A conceptual image representing DNS security, such as the strategically aged domain detection system discussed here.

4,747

people reacted

戦略的熟成ドメインの検出: DNSトラフィックの傾向から捕捉するAPT攻撃

By Zhanhao Chen, Daiping Liu, Wanjin Li and Jielong Xu
12月 29, 2021 at 6:00 AM

1

2 min. read

A conceptual image symbolizing cybercrime and the use of backdoors, such as the activity we observed in an APT's TiltedTemple Campaign against ManageEngine ServiceDesk Plus, as discussed here.

6,926

people reacted

APT攻撃グループ ManageEngine への攻撃をさらに拡大 ServiceDesk Plus も攻撃の対象に

By Robert Falcone and Peter Renals
12月 2, 2021 at 6:00 AM

0

2 min. read

A conceptual image representing cybercrime, such as the use of the NGLite backdoor described here and the KdcSponge credential-stealing tool.

8,285

people reacted

ManageEngine ADSelfService Plusに対する標的型攻撃キャンペーンで防衛関連企業など機密情報を扱う産業分野が被害を受けたことが判明

By Jeff White, Peter Renals and Robert Falcone
11月 7, 2021 at 11:58 PM

0

5 min. read

3,308

people reacted

脅威に関する情報: イラン関連サイバー攻撃オペレーション

By Unit 42
1月 13, 2020 at 10:07 PM

0

< 1 min. read