APT Archives - Unit 42

A pictorial representation of the threat actor group Playful Taurus showing an illustration of an orange bull’s head against the background of a blue night sky. Included is the constellation of Taurus.

1,187

people reacted

中国の持続的標的型攻撃グループPlayful Taurusによるイランでの活動

By Unit 42
January 18, 2023 at 11:19 PM

0

3 min. read

ロシアのAPT29ハッカーがオンラインストレージサービスのDropBoxとGoogle Driveを悪用

2,829

people reacted

ロシアのAPT29ハッカーがオンラインストレージサービスのDropBoxとGoogle Driveを悪用

By Mike Harbison and Peter Renals
July 26, 2022 at 1:34 AM

0

5 min. read

A conceptual image representing threat groups, used to represent a discussion of threat group naming systems.

2,075

people reacted

Unit 42の脅威グループの命名方法の更新

By Ryan Olson
July 21, 2022 at 10:41 PM

0

< 1 min. read

GALLIUM、新ツールPingPullで通信・政府・金融業種へ標的を拡大

3,947

people reacted

GALLIUM、新ツールPingPullで通信・政府・金融業種へ標的を拡大

By Unit 42
June 13, 2022 at 3:00 AM

0

3 min. read

A conceptual image representing cybercrime, such as the SockDetour backdoor being tracked by Unit 42 in conjunction with the TiltedTemple campaign.

3,924

people reacted

SockDetour: 米国防衛関連企業をひそかに狙うファイルレス・ソケットレスのバックドア

By Unit 42
February 24, 2022 at 6:00 AM

0

2 min. read

A bear trap accompanied by symbols associated with Russia and Ukraine come together to form a conceptual image for Russia's Gamaredon, aka Primitive Bear, an APT targeting Ukraine.

5,476

people reacted

[2022-12-01更新] ウクライナを標的に活動を強めるロシアGamaredon (別名Primitive Bear)APTグループ

By Unit 42
February 4, 2022 at 1:02 AM

0

4 min. read

A conceptual image representing DNS security, such as the strategically aged domain detection system discussed here.

5,300

people reacted

戦略的熟成ドメインの検出: DNSトラフィックの傾向から捕捉するAPT攻撃

By Zhanhao Chen, Daiping Liu, Wanjin Li and Jielong Xu
December 29, 2021 at 6:00 AM

1

2 min. read

A conceptual image symbolizing cybercrime and the use of backdoors, such as the activity we observed in an APT's TiltedTemple Campaign against ManageEngine ServiceDesk Plus, as discussed here.

7,281

people reacted

APT攻撃グループ ManageEngine への攻撃をさらに拡大 ServiceDesk Plus も攻撃の対象に

By Robert Falcone and Peter Renals
December 2, 2021 at 6:00 AM

0

2 min. read

A conceptual image representing cybercrime, such as the use of the NGLite backdoor described here and the KdcSponge credential-stealing tool.

9,916

people reacted

ManageEngine ADSelfService Plusに対する標的型攻撃キャンペーンで防衛関連企業など機密情報を扱う産業分野が被害を受けたことが判明

By Jeff White, Peter Renals and Robert Falcone
November 7, 2021 at 11:58 PM

0

5 min. read

3,563

people reacted

脅威に関する情報: イラン関連サイバー攻撃オペレーション

By Unit 42
January 13, 2020 at 10:07 PM

0

< 1 min. read