Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years

Event ID 1515 UUID abfb5a93-e695-4ee9-bc10-541290bcd663  Creator org CUDESO Owner org LUNCHBOX Creator user admin@admin.test Protected Event (experimental)   Event is in unprotected mode. Tags tlp:whitex    Date 2022-06-21 Threat Level High Analysis Completed Distribution All communities    Published Yes 2022-08-17 17:21:04 #Attributes 245 (0 Objects) First recorded change 2022-06-21 19:14:48 Last change 2022-06-21 19:24:59 Modification map Sightings 0 (0) – … Read more

OSINT – Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine

Event ID 1250 UUID 3410ad13-ef34-48c9-bc6f-b1b111a30e06  Creator org CIRCL Owner org LUNCHBOX Creator user admin@admin.test Protected Event (experimental)   Event is in unprotected mode. Tags type:OSINTx osint:lifetime=”perpetual”x tlp:whitex    Date 2022-06-23 Threat Level Medium Analysis Completed Distribution All communities    Published Yes 2022-08-17 17:18:47 #Attributes 101 (10 Objects) First recorded change 2022-06-23 13:08:58 Last change 2022-06-23 13:24:07 Modification map Sightings 0 (0) – … Read more

Back in Black: Unlocking a LockBit 3.0 Ransomware Attack

Event ID 1525 UUID 095c4227-2a9e-45da-9268-cec186be53b1  Creator org CUDESO Owner org LUNCHBOX Creator user admin@admin.test Protected Event (experimental)   Event is in unprotected mode. Tags tlp:whitex    Date 2022-08-21 Threat Level High Analysis Completed Distribution All communities    Published Yes 2022-08-23 08:13:20 #Attributes 14 (1 Object) First recorded change 2022-08-21 17:55:30 Last change 2022-08-21 18:03:12 Modification map Sightings 0 (0) – … Read more

THREAT ANALYSIS REPORT: Ragnar Locker Ransomware Targeting the Energy Sector

Event ID 1532 UUID 8dbeaaac-a671-4a02-8dab-5eec2a1c935b  Creator org CUDESO Owner org LUNCHBOX Creator user admin@admin.test Protected Event (experimental)   Event is in unprotected mode. Tags misp:tool=”misp-scraper”x osint:source-type=”blog-post”x misp:event-type=”collection”x workflow:state=”complete”x tlp:whitex    Date 2022-09-12 Threat Level Medium Analysis Completed Distribution All communities    Published Yes 2022-09-21 19:38:18 #Attributes 47 (1 Object) First recorded change 2022-09-12 12:14:46 Last change 2022-09-12 14:08:17 Modification map Sightings 0 (0) – … Read more

ThreatFox Mirai CobaltStrike Raccoon IcedID IOCs for 2022-10-02

ThreatFox is a free platform from abuse.ch with the goal of sharing indicators of compromise (IOCs) associated with malware with the infosec community, AV vendors and threat intelligence providers. Event ID 4011 UUID c247795b-f71a-493e-8f1d-60facce9f31f  Creator org abuse.ch Owner org LUNCHBOX Creator user admin@admin.test Protected Event (experimental)   Event is in unprotected mode. Tags type:OSINTx tlp:whitex    Date 2022-10-02 … Read more