Common Information
| Type | Value |
|---|---|
| Value |
Winterflounder |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | Unit 42 threat researchers have recently observed a threat group distributing new, custom developed malware. We have labelled this threat group the Gamaredon Group and our research shows that the Gamaredon Group has been active since at least 2013. In the past, the Gamaredon Group has relied heavily on off-the-shelf tools. Our new research shows the Gamaredon Group have made a shift to custom-developed malware. We believe this shift indicates the Gamaredon Group have improved their technical capabilities. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-05-01 | 19 | Rewterz Threat Alert – GandCrab or .CRAB Ransomware – Active IOCs | ||
| Details | Website | 2023-05-01 | 9 | Rewterz Threat Alert – APT Group Gamaredon – Active IOCs | ||
| Details | Website | 2023-04-27 | 4 | Threat Actor Names Proliferate, Adding Confusion | ||
| Details | Website | 2023-04-25 | 5 | Rewterz Threat Alert – Shuckworm APT Group aka Armageddon – Active IOCs | ||
| Details | Website | 2023-04-24 | 0 | Crooks abuse Microsoft Windows driver to infect victims | ||
| Details | Website | 2023-04-22 | 89 | Bluepurple Pulse: week ending April 23rd | ||
| Details | Website | 2023-04-21 | 3 | This Week In Security: Spandex Tempest, Supply Chain Chain, And NTP | ||
| Details | Website | 2023-04-20 | 0 | Microsoft Will Name APTs Actors After Weather Events | ||
| Details | Website | 2023-04-19 | 14 | Amadey Malware Analysis Report | ||
| Details | Website | 2023-04-17 | 30 | Exposed Web Panel Reveals Gamaredon Group's Automated Spear Phishing Campaigns | ||
| Details | Website | 2023-04-14 | 9 | Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs | ||
| Details | Website | 2023-04-14 | 23 | Rewterz Threat Advisory – Multiple Jenkins Products Vulnerabilities | ||
| Details | Website | 2023-04-14 | 10 | Rewterz Threat Alert – Shuckworm APT Group aka Armageddon – Active IOCs | ||
| Details | Website | 2023-04-14 | 17 | Rewterz Threat Advisory – Multiple Juniper Junos OS: (Expat Software Component) Vulnerabilities | ||
| Details | Website | 2023-04-14 | 5 | Rewterz Threat Advisory – Multiple Palo Alto Networks Vulnerabilities | ||
| Details | Website | 2023-04-14 | 4 | Rewterz Threat Advisory – Multiple Microsoft Publisher Vulnerabilities | ||
| Details | Website | 2023-04-14 | 3 | Rewterz Threat Advisory – CVE-2023-24860 – Microsoft Defender Vulnerability | ||
| Details | Website | 2023-04-14 | 8 | Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs | ||
| Details | Website | 2023-03-13 | 3 | A Warning From Ukraine About Russian Hackers | ||
| Details | Website | 2023-03-09 | 5 | On the Frontline of the Global Cyber War: Overview of Major russia-backed APT Groups Targeting Ukraine and Sigma Rules to Proactively Defend Against Their TTPs - SOC Prime | ||
| Details | Website | 2023-03-02 | 199 | Russia/Ukraine Update - February 2023 | ||
| Details | Website | 2023-02-27 | 0 | 4 Trends To Expect From The Cyber Landscape In 2023 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security | ||
| Details | Website | 2023-02-24 | 6 | How Russia’s military invasion is shaping Ukraine’s cyber defense | ||
| Details | Website | 2023-02-14 | 35 | Russian APT “Gamaredon” Exploits Hoaxshell to Target Ukrainian Organizations | ||
| Details | Website | 2023-02-14 | 26 | Security Service of Ukraine and NATO Allies Potentially Targeted by Russian State-Sponsored Threat Actor |