Bryan Lee

Bryan Lee

Dear Joohn: The Sofacy Group’s Global Campaign
December 12, 2018
Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
November 20, 2018
New KONNI Malware attacking Eurasia and Southeast Asia
September 27, 2018
OilRig Targets a Middle Eastern Government and Adds Evasion Techniques to OopsIE
September 4, 2018
New Threat Actor Group DarkHydrus Targets Middle East Government
July 27, 2018
OilRig Targets Technology Service Provider and Government Agency with QUADAGENT
July 25, 2018
Sofacy Group’s Parallel Attacks
June 6, 2018
Sofacy Attacks Multiple Government Entities
February 28, 2018
OopsIE! OilRig Uses ThreeDollars to Deliver New Trojan
February 23, 2018
OilRig Group Steps Up Attacks with New Delivery Documents and New Injector Trojan
October 9, 2017
Striking Oil: A Closer Look at Adversary Infrastructure
September 26, 2017
TwoFace Webshell: Persistent Access Point for Lateral Movement
July 31, 2017
OilRig Uses ISMDoor Variant; Possibly Linked to Greenbug Threat Group
July 27, 2017
Shamoon 2: Delivering Disttrack
March 27, 2017
Regional Malware Trends in Latin America: July – December 2016
March 14, 2017
Magic Hound Campaign Attacks Saudi Targets
February 15, 2017
Let It Ride: The Sofacy Group’s DealersChoice Attacks Continue
December 15, 2016
‘DealersChoice’ is Sofacy’s Flash Player Exploit Platform
October 17, 2016
Fresh Baked HOMEKit-made Cookles – With a DarkHotel Overlap
August 12, 2016
New Sofacy Attacks Against US Government Agency
June 14, 2016
The OilRig Campaign: Attacks on Saudi Arabian Organizations Deliver Helminth Backdoor
May 26, 2016
New Wekby Attacks Use DNS Requests As Command and Control Mechanism
May 24, 2016
Evolution of SamSa Malware Suggests New Ransomware Tactics In Play
March 24, 2016
Digital Quartermaster Scenario Demonstrated in Attacks Against the Mongolian Government
March 14, 2016
A Look Into Fysbis: Sofacy’s Linux Backdoor
February 12, 2016
Grid Security Is Top of Mind in 2016 – NERC CIP and the Ukrainian Grid Attack
February 5, 2016
New Attacks Linked to C0d0so0 Group
January 22, 2016
As Usual, Attackers Were Busy Over the Holiday Season
January 13, 2016
BBSRAT Attacks Targeting Russian Organizations Linked to Roaming Tiger
December 22, 2015
TDrop2 Attacks Suggest Dark Seoul Attackers Return
November 18, 2015
Connecting the Dots in Cyber Threat Campaigns, Part 2: Passive DNS
November 4, 2015
Understanding Global Application Usage and Threats to Enterprises
October 6, 2015
Retefe Banking Trojan Targets Sweden, Switzerland and Japan
August 20, 2015
Watering Hole Attack on Aerospace Firm Exploits CVE-2015-5122 to Install IsSpace Backdoor
July 20, 2015
APT Group UPS Targets US Government with Hacking Team Flash Exploit
July 10, 2015

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

© 2019 Palo Alto Networks, Inc. All rights reserved.