Common Information
| Type | Value |
|---|---|
| Value |
Grayling |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | Grayling activity was first observed in early 2023, when a number of victims were identified with distinctive malicious DLL side-loading activity. Grayling appears to target organisations in Asia, however one unknown organisation in the United States was also targeted. Industries targeted include Biomedical, Government and Information Technology. Grayling use a variety of tools during their attacks, including well known tools such as Cobalt Strike and Havoc and also some others. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-10-12 | 57 | Bluepurple Pulse: week ending October 15th | ||
| Details | Website | 2023-10-12 | 57 | Bluepurple Pulse: week ending October 15th | ||
| Details | Website | 2023-10-11 | 6 | Risky Biz News: Microsoft deprecates VBScript | ||
| Details | Website | 2023-10-10 | 57 | Grayling: Previously Unseen Threat Actor Targets Multiple Organizations in Taiwan | ||
| Details | Website | 2023-10-10 | 2 | New Grayling APT targets IT and biomedical sectors in Taiwan | ||
| Details | Website | 2023-10-10 | 1 | New 'Grayling' APT Targeting Organizations in Taiwan, US | ||
| Details | Website | 2023-10-09 | 90 | 安全事件周报 2023-10-09 第41周 | ||
| Details | Website | 2022-01-01 | 5 | Quasar RAT Employs DLL Sideloading to Stay Under the Radar |