Burning Umbrella: An Intelligence Report on the Winnti Umbrella and Associated State-Sponsored Attackers
We assess with high confidence that the Winnti umbrella is associated with the Chinese state... »
Tom "Hollywood" Hegel
Director of Threat Research
Analysis of Active Satori Botnet Infections
The Satori Botnet, a successor of Mirai, has continuously infected vulnerable devices since its launch late last year. There has recently been a flurry of of »
Large Scale IRCbot Infection Attempts
Attempts to gain control of public facing web servers with modified HTTP requests are very common, and can sometimes pose a danger to unpatched systems. With »
An Update on Winnti (LEAD/APT17)
In our recent post "Winnti Evolution - Going Open Source,” Nate Marx and I shared new details on the Winnti APT group and their continued targeting of online gaming organizations. The purpose of this follow-up post is to share some new information about the group and their continued activities. »
Turla Watering Hole Campaigns 2016/2017
A common TTP of the Turla APT group has been based around watering hole attacks. In late 2016, we began observing what is now called the »
Winnti (LEAD/APT17) Evolution - Going Open Source
This post was originally published on July 11, 2017, in the offical ProtectWise.com blog. We have since moved it to this 401TRG blog and backdated »
1
1