Skip to content

Instantly share code, notes, and snippets.

@nicdev

nicdev/advisories.json

Created September 21, 2018 10:48
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save nicdev/0f49187da3e5194b09df1e3911ef2457 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save nicdev/0f49187da3e5194b09df1e3911ef2457 to your computer and use it in GitHub Desktop.
Download ZIP
[RFI] GET /collections/advisories
Raw
advisories.json
[
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--5d4d8ba4-d111-74d4-9f45-e7326430a209",
"collectionTitle": "HMRC Tax Refund Scam via Phishing Campaign",
"collectionWikiContent": "",
"collectionId": "5d4d8ba4d11174d49f45e7326430a209",
"owner": "",
"tags": [
"advisory",
"x-industry:all",
"phishing",
"email",
"xftas",
"campaign",
"x-risk:35"
],
"tlp": "",
"created": "2018-09-20T10:34:49.248Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--d8012270-6728-e2cf-5def-2cc8b955fc57",
"collectionTitle": "Kodi Add-ons Containing Malware Mine Cryptocurrency",
"collectionWikiContent": "",
"collectionId": "d80122706728e2cf5def2cc8b955fc57",
"owner": "",
"tags": [
"xftas",
"cryptomining",
"advisory",
"campaign",
"malware"
],
"tlp": "",
"created": "2018-09-19T13:39:35.685Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--bea90727-02f8-af3c-5aea-d3c92edaf0a6",
"collectionTitle": "New Modular Downloaders Fingerprint Systems - Part 3: COBINT",
"collectionWikiContent": "",
"collectionId": "bea9072702f8af3c5aead3c92edaf0a6",
"owner": "",
"tags": [
"x-risk:30",
"advisory",
"malware",
"xftas",
"phishing"
],
"tlp": "",
"created": "2018-09-19T13:32:27.608Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--edb9b874-6a68-5b53-346e-d10b6460d36b",
"collectionTitle": "Turla: In and out of its unique Outlook backdoor",
"collectionWikiContent": "",
"collectionId": "edb9b8746a685b53346ed10b6460d36b",
"owner": "",
"tags": [
"advisory",
"apt",
"x-location:east-eur",
"malware",
"campaign",
"backdoor",
"xftas",
"x-industry:all",
"x-risk:32"
],
"tlp": "",
"created": "2018-09-19T13:31:31.970Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--a6ddc252-2f83-4e9d-396c-d4036ff88b55",
"collectionTitle": "Domestic Kitten Surveillance Campaign",
"collectionWikiContent": "",
"collectionId": "a6ddc2522f834e9d396cd4036ff88b55",
"owner": "",
"tags": [
"xftas",
"advisory",
"campaign",
"threat-activity",
"spyware"
],
"tlp": "",
"created": "2018-09-19T11:24:15.547Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--f895cb30-5fd7-d9f3-0360-03730ac8e77d",
"collectionTitle": "PyLocky Ransomware",
"collectionWikiContent": "",
"collectionId": "f895cb305fd7d9f3036003730ac8e77d",
"owner": "",
"tags": [
"malware",
"ransomware",
"xftas",
"advisory",
"spam"
],
"tlp": "",
"created": "2018-09-14T12:54:54.326Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--78b496f6-5de9-8217-d0be-eb64025e234f",
"collectionTitle": "LuckyMouse Signs Malicious NDISProxy Driver with Certificate of Chinese IT Company",
"collectionWikiContent": "",
"collectionId": "78b496f65de98217d0beeb64025e234f",
"owner": "",
"tags": [
"advisory",
"xftas",
"threat-actor",
"x-risk:37",
"malware"
],
"tlp": "",
"created": "2018-09-14T11:45:10.065Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--6bcf4610-86fb-509b-d596-cb1aab210ac6",
"collectionTitle": "Fallout Exploit Kit Delivers Multiple Families of Malware",
"collectionWikiContent": "",
"collectionId": "6bcf461086fb509bd596cb1aab210ac6",
"owner": "",
"tags": [
"malware",
"xftas",
"malvertising",
"campaign",
"advisory"
],
"tlp": "",
"created": "2018-09-13T22:34:48.536Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--f6071c66-7a57-7bca-86b6-2cb82b15e1f5",
"collectionTitle": "CVE-2018-5002 and CHAINSHOT Malware",
"collectionWikiContent": "",
"collectionId": "f6071c667a577bca86b62cb82b15e1f5",
"owner": "",
"tags": [
"spearphish",
"advisory",
"xftas",
"malware",
"campaign"
],
"tlp": "",
"created": "2018-09-13T22:34:23.628Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--a2a6346a-56ee-4ad1-bd44-2bab8751d7f2",
"collectionTitle": "Rocke: The Champion of Monero Miners",
"collectionWikiContent": "",
"collectionId": "a2a6346a56ee4ad1bd442bab8751d7f2",
"owner": "",
"tags": [
"cryptomining",
"advisory",
"vulnerability",
"malware",
"xftas"
],
"tlp": "",
"created": "2018-09-13T15:24:24.303Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--0fa6578f-adc8-aa09-ed22-05adf9fc2423",
"collectionTitle": "Middle Eastern Government Targeted By OilRig Group",
"collectionWikiContent": "",
"collectionId": "0fa6578fadc8aa09ed2205adf9fc2423",
"owner": "",
"tags": [
"xftas",
"spearphish",
"trojan",
"advisory",
"campaign"
],
"tlp": "",
"created": "2018-09-13T12:36:52.170Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--cbb0ba41-28f8-3a23-918e-0db08d8148cd",
"collectionTitle": "The Urpage Connection to Bahamut, Confucius and Patchwork",
"collectionWikiContent": "",
"collectionId": "cbb0ba4128f83a23918e0db08d8148cd",
"owner": "",
"tags": [
"campaign",
"malware",
"x-risk:42",
"advisory",
"xftas"
],
"tlp": "",
"created": "2018-09-13T12:28:02.176Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--60680123-dc6d-1b2e-c405-dce666cab376",
"collectionTitle": "A Chronology of GandCrab v4.x",
"collectionWikiContent": "",
"collectionId": "60680123dc6d1b2ec405dce666cab376",
"owner": "",
"tags": [
"malware",
"advisory",
"ransomware",
"xftas",
"x-risk:37"
],
"tlp": "",
"created": "2018-09-12T12:49:06.177Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--e0a0de17-8cbc-2be3-55e6-92c34bc077cf",
"collectionTitle": "Spam Campaign Infects Users in Japan with BEBLOH and URSNIF Malware",
"collectionWikiContent": "",
"collectionId": "e0a0de178cbc2be355e692c34bc077cf",
"owner": "",
"tags": [
"malware",
"phishing",
"advisory",
"xftas",
"campaign"
],
"tlp": "",
"created": "2018-09-12T02:00:03.895Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--204ff79a-037c-cd3f-6e2e-f31df1bc96f1",
"collectionTitle": "Android/HiddenMiner.A!tr Sample Analyzed",
"collectionWikiContent": "",
"collectionId": "204ff79a037ccd3f6e2ef31df1bc96f1",
"owner": "",
"tags": [
"coinminer",
"malware",
"monero",
"xftas",
"advisory"
],
"tlp": "",
"created": "2018-09-11T12:59:31.327Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--744da350-1a98-a080-0796-064cda0174c6",
"collectionTitle": "Yet Another Monero Miner",
"collectionWikiContent": "",
"collectionId": "744da3501a98a0800796064cda0174c6",
"owner": "",
"tags": [
"malware",
"advisory",
"xftas",
"monero"
],
"tlp": "",
"created": "2018-09-11T01:27:41.075Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--20ce93bf-9659-3699-ce8e-d0e70124cc62",
"collectionTitle": "Recent Geodo Malware Campaigns Feature Heavily Obfuscated Macros",
"collectionWikiContent": "",
"collectionId": "20ce93bf96593699ce8ed0e70124cc62",
"owner": "",
"tags": [
"malware",
"bankingtrojan",
"advisory",
"xftas",
"phishing"
],
"tlp": "",
"created": "2018-09-10T16:37:55.731Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--14c1c15b-4f95-7880-268c-94aad0f9b25f",
"collectionTitle": "Hakai Variant",
"collectionWikiContent": "",
"collectionId": "14c1c15b4f957880268c94aad0f9b25f",
"owner": "",
"tags": [
"vulnerability",
"x-risk:33",
"malware",
"advisory",
"xftas"
],
"tlp": "",
"created": "2018-09-07T14:37:40.520Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--4dc75868-68cc-fd8e-d461-04d6b1cf5fb3",
"collectionTitle": "PowerPool malware exploits ALPC LPE zero-day vulnerability",
"collectionWikiContent": "",
"collectionId": "4dc7586868ccfd8ed46104d6b1cf5fb3",
"owner": "",
"tags": [
"xftas",
"malware",
"advisory",
"phishing",
"0-day"
],
"tlp": "",
"created": "2018-09-07T13:38:13.085Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--d7e9e794-56e1-1f34-417d-55689093d71d",
"collectionTitle": "Email Campaign Delivers HERMES Ransomware via a Password Protected Word Document",
"collectionWikiContent": "",
"collectionId": "d7e9e79456e11f34417d55689093d71d",
"owner": "",
"tags": [
"ransomware",
"incident",
"advisory",
"xftas",
"campaign"
],
"tlp": "",
"created": "2018-09-07T06:07:07.889Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--0c8339c8-2902-2b09-1c45-fb99ced667e2",
"collectionTitle": "Hiddad Malware Found within Applications in Google Play Store",
"collectionWikiContent": "",
"collectionId": "0c8339c829022b091c45fb99ced667e2",
"owner": "",
"tags": [
"advisory",
"malware",
"threat-actor",
"android",
"xftas"
],
"tlp": "",
"created": "2018-09-07T05:04:57.002Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--28ac960d-7d49-05ef-85de-a64929870937",
"collectionTitle": "WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins",
"collectionWikiContent": "",
"collectionId": "28ac960d7d4905ef85dea64929870937",
"owner": "",
"tags": [
"advisory",
"xftas",
"vulnerability",
"wordpress",
"malware"
],
"tlp": "",
"created": "2018-09-06T14:12:53.104Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--d22fc5e8-43c7-4e57-d0a7-9e8a288334bb",
"collectionTitle": "Cobalt Group - JavaScript backdoor, CobInt/COOLPANTS",
"collectionWikiContent": "",
"collectionId": "d22fc5e843c74e57d0a79e8a288334bb",
"owner": "",
"tags": [
"threat-actor",
"advisory",
"malware",
"phishing",
"xftas"
],
"tlp": "",
"created": "2018-09-06T14:10:33.160Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--0ea9647a-b5ab-6e92-210f-280e01a5ad89",
"collectionTitle": "CeidPageLock: A Chinese RootKit",
"collectionWikiContent": "",
"collectionId": "0ea9647ab5ab6e92210f280e01a5ad89",
"owner": "",
"tags": [
"advisory",
"malware",
"browserhijacker",
"xftas"
],
"tlp": "",
"created": "2018-08-31T13:07:00.723Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--a51089ed-2001-791e-5f3a-ed7a70d1d3a3",
"collectionTitle": "Malicious Emails Targeting the Banking Industry",
"collectionWikiContent": "",
"collectionId": "a51089ed2001791e5f3aed7a70d1d3a3",
"owner": "",
"tags": [
"advisory",
"threat-actor",
"xftas",
"phishing",
"malware"
],
"tlp": "",
"created": "2018-08-31T13:06:35.096Z",
"modified": "2018-09-21T10:28:04.253Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--4bdbb7ef-f519-6b24-ce49-81abcffec11e",
"collectionTitle": "COBALT DICKENS Targets Universities",
"collectionWikiContent": "",
"collectionId": "4bdbb7eff5196b24ce4981abcffec11e",
"owner": "",
"tags": [
"informationstealer",
"phishing",
"xftas",
"advisory",
"threat-actor"
],
"tlp": "",
"created": "2018-08-30T13:03:04.845Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--212e2efb-b3b9-cbaa-299e-4487f0984764",
"collectionTitle": "AdvisorsBot",
"collectionWikiContent": "",
"collectionId": "212e2efbb3b9cbaa299e4487f0984764",
"owner": "",
"tags": [
"xftas",
"phishing",
"advisory",
"malware",
"informationstealer"
],
"tlp": "",
"created": "2018-08-30T13:02:45.538Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--3fe9319b-dc76-e20c-3123-e2695fb658f1",
"collectionTitle": "Foudre Malware",
"collectionWikiContent": "",
"collectionId": "3fe9319bdc76e20c3123e2695fb658f1",
"owner": "",
"tags": [
"malware",
"advisory",
"xftas"
],
"tlp": "",
"created": "2018-08-30T01:01:56.203Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--db6c886a-d287-ae67-ac8b-b2e7624fac8c",
"collectionTitle": "Picking Apart Remcos Botnet-In-A-Box",
"collectionWikiContent": "",
"collectionId": "db6c886ad287ae67ac8bb2e7624fac8c",
"owner": "",
"tags": [
"xftas",
"advisory",
"trojan",
"phishing",
"malware"
],
"tlp": "",
"created": "2018-08-29T12:55:26.930Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--9e0601e6-2303-4af4-cec0-182dc074dd49",
"collectionTitle": "Operation AppleJeus: Lazarus hits cryptocurrency exchange with fake installer and macOS malware",
"collectionWikiContent": "",
"collectionId": "9e0601e623034af4cec0182dc074dd49",
"owner": "",
"tags": [
"macos",
"threat-actor",
"malware",
"advisory",
"xftas"
],
"tlp": "",
"created": "2018-08-28T12:51:05.684Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--bb8eeb4d-431b-24c6-df33-ff07c076a950",
"collectionTitle": "Belt and Road Initiative Linked to Cyber Espionage Activity",
"collectionWikiContent": "",
"collectionId": "bb8eeb4d431b24c6df33ff07c076a950",
"owner": "",
"tags": [
"xftas",
"espionage",
"advisory",
"threat-actor",
"incident"
],
"tlp": "",
"created": "2018-08-27T14:26:43.390Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--329ad04c-1119-94e4-c6c1-c62d3e50a670",
"collectionTitle": "Trickbot Evolves",
"collectionWikiContent": "",
"collectionId": "329ad04c111994e4c6c1c62d3e50a670",
"owner": "",
"tags": [
"advisory",
"malware",
"incident",
"xftas",
"email"
],
"tlp": "",
"created": "2018-08-27T03:05:01.739Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--93beb94a-f3f3-d426-b58d-a0a51e9255ef",
"collectionTitle": "Ryuk Ransomware",
"collectionWikiContent": "",
"collectionId": "93beb94af3f3d426b58da0a51e9255ef",
"owner": "",
"tags": [
"ransomware",
"malware",
"xftas",
"advisory",
"incident"
],
"tlp": "",
"created": "2018-08-24T13:43:08.304Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--09bdd573-31ba-ee1f-5140-874b371d8b47",
"collectionTitle": "CVE-2018-11776 - Apache Struts Critical Remote Code Vulnerability",
"collectionWikiContent": "",
"collectionId": "09bdd57331baee1f5140874b371d8b47",
"owner": "",
"tags": [
"advisory",
"xftas",
"vulnerability"
],
"tlp": "",
"created": "2018-08-23T16:45:34.663Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--69508b09-6e6d-2f3b-fb09-4dbd4e70c967",
"collectionTitle": "Dark Tequila Añejo",
"collectionWikiContent": "",
"collectionId": "69508b096e6d2f3bfb094dbd4e70c967",
"owner": "",
"tags": [
"bankingtrojan",
"advisory",
"malware",
"xftas",
"informationstealer"
],
"tlp": "",
"created": "2018-08-22T13:29:03.710Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--d4dfe3e7-b349-9f09-a49a-dc59c6137e4b",
"collectionTitle": "Strontium, Fancy Bear, APT28 Microsoft Domain Takeover",
"collectionWikiContent": "",
"collectionId": "d4dfe3e7b3499f09a49adc59c6137e4b",
"owner": "",
"tags": [
"threat-actor",
"malware",
"advisory",
"phishing",
"xftas"
],
"tlp": "",
"created": "2018-08-22T13:26:54.336Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--c06db88e-897f-45a3-80e0-a40a1399d4a3",
"collectionTitle": "Marap - Downloader Malware",
"collectionWikiContent": "",
"collectionId": "c06db88e897f45a380e0a40a1399d4a3",
"owner": "",
"tags": [
"phishing",
"spam",
"xftas",
"malware",
"advisory"
],
"tlp": "",
"created": "2018-08-22T13:25:54.100Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--c17ba3bb-5a47-20ac-eded-fe334220e099",
"collectionTitle": "Android Malware That Combines A Banking Trojan, Keylogger, And Ransomware In One Package",
"collectionWikiContent": "",
"collectionId": "c17ba3bb5a4720acededfe334220e099",
"owner": "",
"tags": [
"ransomware",
"xftas",
"advisory",
"trojan",
"malware"
],
"tlp": "",
"created": "2018-08-22T12:35:25.787Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--c3f857d1-5fbd-173d-333a-8c58e402befe",
"collectionTitle": "Dark Hotel APT group leveraging CVE-2018-8373 vulnerability",
"collectionWikiContent": "",
"collectionId": "c3f857d15fbd173d333a8c58e402befe",
"owner": "",
"tags": [
"advisory",
"vulnerability",
"malware",
"xftas",
"threat-actor"
],
"tlp": "",
"created": "2018-08-21T14:09:46.058Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--a08b7625-dcbb-4bb8-52ba-15652f7fb393",
"collectionTitle": "Necurs Targeting Banks with PUB File that Drops FlawedAmmyy",
"collectionWikiContent": "",
"collectionId": "a08b7625dcbb4bb852ba15652f7fb393",
"owner": "",
"tags": [
"xftas",
"malware",
"advisory",
"phishing",
"botnet"
],
"tlp": "",
"created": "2018-08-21T14:07:32.122Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--f853c5bf-026b-a4a0-cd50-d6845cb9d501",
"collectionTitle": "Ramnit’s Network of Proxy Servers",
"collectionWikiContent": "",
"collectionId": "f853c5bf026ba4a0cd50d6845cb9d501",
"owner": "",
"tags": [
"advisory",
"malware",
"xftas",
"botnet",
"proxy"
],
"tlp": "",
"created": "2018-08-20T12:50:42.349Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--3c8503f6-eb1e-77a2-3158-1d2d0d48bd07",
"collectionTitle": "VBEtaly: An Italian Ursnif MalSpam Campaign",
"collectionWikiContent": "",
"collectionId": "3c8503f6eb1e77a231581d2d0d48bd07",
"owner": "",
"tags": [
"advisory",
"malware",
"malspam",
"xftas",
"trojan"
],
"tlp": "",
"created": "2018-08-20T12:49:48.720Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--bb06e44b-664f-06d6-e80b-4d34438c67e4",
"collectionTitle": "KeyPass Ransomware",
"collectionWikiContent": "",
"collectionId": "bb06e44b664f06d6e80b4d34438c67e4",
"owner": "",
"tags": [
"malware",
"xftas",
"advisory",
"ransomware"
],
"tlp": "",
"created": "2018-08-20T12:49:05.934Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--435a6737-52c5-8e36-0dba-bbb9b9c88a07",
"collectionTitle": "BackSwap Trojan Now Targets Spanish Banks",
"collectionWikiContent": "",
"collectionId": "435a673752c58e360dbabbb9b9c88a07",
"owner": "",
"tags": [
"advisory",
"trusteer",
"malware",
"xftas",
"bankingtrojan"
],
"tlp": "",
"created": "2018-08-17T12:52:48.718Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--36eaae69-2fe2-2eb3-d3c1-05422e8856d5",
"collectionTitle": "Ransomware as a Service: Princess Evolution Looking for Affiliates",
"collectionWikiContent": "",
"collectionId": "36eaae692fe22eb3d3c105422e8856d5",
"owner": "",
"tags": [
"malware",
"xftas",
"advisory",
"ransomware"
],
"tlp": "",
"created": "2018-08-17T12:39:30.775Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--a0eff235-0b4c-41a8-a245-61043099c57f",
"collectionTitle": "Revamped Ramnit Variants Target Banks in the UK",
"collectionWikiContent": "",
"collectionId": "a0eff2350b4c41a8a24561043099c57f",
"owner": "",
"tags": [
"advisory",
"trusteer",
"campaign",
"malware",
"xftas"
],
"tlp": "",
"created": "2018-08-16T04:45:29.124Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--080928a7-c239-edd3-ccd7-d8593ed71084",
"collectionTitle": "TrickBot Campaigns Target North American and European Banks",
"collectionWikiContent": "",
"collectionId": "080928a7c239edd3ccd7d8593ed71084",
"owner": "",
"tags": [
"advisory",
"trusteer",
"xftas",
"campaign",
"malware"
],
"tlp": "",
"created": "2018-08-14T21:43:26.252Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--b18c9002-f859-7f27-48c2-cbd7ca099bd6",
"collectionTitle": "GandCrab Ransomware Versions 4.0 through 4.2",
"collectionWikiContent": "",
"collectionId": "b18c9002f8597f2748c2cbd7ca099bd6",
"owner": "",
"tags": [
"xftas",
"ransomware",
"advisory"
],
"tlp": "",
"created": "2018-08-10T13:07:17.627Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--e7638369-2890-e013-8b7b-abcaec7f38c8",
"collectionTitle": "Malware Analysis Report AR18-221A: HIDDEN COBRA Trojan - KEYMARBLE",
"collectionWikiContent": "",
"collectionId": "e76383692890e0138b7babcaec7f38c8",
"owner": "",
"tags": [
"xftas",
"malware",
"advisory"
],
"tlp": "",
"created": "2018-08-10T11:53:08.016Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--41a756de-cff8-86e0-979b-6bb1653258f8",
"collectionTitle": "Bisonal Malware Used in Attacks Against Russia and South Korea",
"collectionWikiContent": "",
"collectionId": "41a756decff886e0979b6bb1653258f8",
"owner": "",
"tags": [
"malware",
"advisory",
"phishing",
"campaign"
],
"tlp": "",
"created": "2018-08-10T11:46:05.831Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--3d67029a-0c5e-01b6-e301-0340e2b28914",
"collectionTitle": "A Malvertising Campaign, Wordpress and Rig",
"collectionWikiContent": "",
"collectionId": "3d67029a0c5e01b6e3010340e2b28914",
"owner": "",
"tags": [
"campaign",
"advisory",
"vulnerability",
"malware"
],
"tlp": "",
"created": "2018-08-09T11:58:07.977Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--2bf7afd9-941c-8549-0766-b22a9f18ccb8",
"collectionTitle": "Google Play Apps Infected With Malicious Windows Executables",
"collectionWikiContent": "",
"collectionId": "2bf7afd9941c85490766b22a9f18ccb8",
"owner": "",
"tags": [
"xftas",
"malware",
"advisory"
],
"tlp": "",
"created": "2018-08-09T11:30:01.501Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--2c571527-56bb-1d8c-6c4c-a7236baf952b",
"collectionTitle": "CactusTorch Infects Victims By Abusing .NET",
"collectionWikiContent": "",
"collectionId": "2c57152756bb1d8c6c4ca7236baf952b",
"owner": "",
"tags": [
"fileless",
"xftas",
"malware",
"advisory"
],
"tlp": "",
"created": "2018-08-06T13:11:24.725Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--788ff67a-ec87-c948-a2ea-8c73e0bec373",
"collectionTitle": "Leafminer Spying on Middle Eastern Regions",
"collectionWikiContent": "",
"collectionId": "788ff67aec87c948a2ea8c73e0bec373",
"owner": "",
"tags": [
"espionage",
"advisory",
"xftas",
"malware"
],
"tlp": "",
"created": "2018-08-03T13:09:49.142Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--907f3c50-b450-f18e-f794-04d61d6351e8",
"collectionTitle": "Emotet - The Trojan That Keeps On Surfacing",
"collectionWikiContent": "",
"collectionId": "907f3c50b450f18ef79404d61d6351e8",
"owner": "",
"tags": [
"trojan",
"advisory",
"malware",
"spam",
"xftas"
],
"tlp": "",
"created": "2018-08-02T13:54:32.748Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--de61facf-071a-b8db-220c-2dfae16a5ea8",
"collectionTitle": "Calisto Trojan Targets macOS",
"collectionWikiContent": "",
"collectionId": "de61facf071ab8db220c2dfae16a5ea8",
"owner": "",
"tags": [
"backdoor",
"trojan",
"xftas",
"advisory",
"malware"
],
"tlp": "",
"created": "2018-07-30T12:53:45.138Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--8edc9de5-2ca4-d830-49a1-e1db9e21d9c3",
"collectionTitle": "Hide 'N Seek - IoT Style",
"collectionWikiContent": "",
"collectionId": "8edc9de52ca4d83049a1e1db9e21d9c3",
"owner": "",
"tags": [
"malware",
"botnet",
"advisory",
"iot",
"xftas"
],
"tlp": "",
"created": "2018-07-27T13:07:03.956Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--6a74436c-565f-a19f-6c93-3fbdf2ce2e03",
"collectionTitle": "Searching for APT28 - Operation Roman Holiday",
"collectionWikiContent": "",
"collectionId": "6a74436c565fa19f6c933fbdf2ce2e03",
"owner": "",
"tags": [
"malware",
"apt28",
"xftas",
"advisory",
"campaign"
],
"tlp": "",
"created": "2018-07-26T13:38:58.866Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--90750445-20d7-936b-f2ef-ee4dc06ee2ab",
"collectionTitle": "Gozi v 3 Campaigns Target Banks in Japan",
"collectionWikiContent": "",
"collectionId": "9075044520d7936bf2efee4dc06ee2ab",
"owner": "",
"tags": [
"xftas",
"campaign",
"trusteer",
"advisory",
"malware"
],
"tlp": "",
"created": "2018-07-25T23:36:14.613Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--1bde5e63-c0cd-238a-bd37-82207663db93",
"collectionTitle": "Mirai Activity",
"collectionWikiContent": "",
"collectionId": "1bde5e63c0cd238abd3782207663db93",
"owner": "",
"tags": [
"advisory",
"malware",
"bot",
"iot",
"xftas"
],
"tlp": "",
"created": "2018-07-25T14:09:28.213Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--994e36a9-f714-77b3-7717-50eccbbb1c0f",
"collectionTitle": "New Andariel Reconnaissance Tactics Hint At Next Targets",
"collectionWikiContent": "",
"collectionId": "994e36a9f71477b3771750eccbbb1c0f",
"owner": "",
"tags": [
"campaign",
"advisory",
"xftas",
"threat-actor"
],
"tlp": "",
"created": "2018-07-24T15:40:07.189Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--cb8d4550-85bf-91c7-1526-5fcbb58b5f3a",
"collectionTitle": "Social Media Abused By Blackgear Campaign For Command and Control",
"collectionWikiContent": "",
"collectionId": "cb8d455085bf91c715265fcbb58b5f3a",
"owner": "",
"tags": [
"xftas",
"malware",
"advisory",
"campaign",
"spam"
],
"tlp": "",
"created": "2018-07-24T12:56:02.881Z",
"modified": "2018-09-21T10:28:04.254Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--84ddeda0-f9bf-bb17-bd96-3a4e1b4fff1b",
"collectionTitle": "ZombieBoy",
"collectionWikiContent": "",
"collectionId": "84ddeda0f9bfbb17bd963a4e1b4fff1b",
"owner": "",
"tags": [
"advisory",
"malware",
"xftas",
"coinminer",
"cryptocurrency"
],
"tlp": "",
"created": "2018-07-24T10:27:50.988Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--758f6297-e8ac-d734-f520-40be6eb97884",
"collectionTitle": "Hussarini – Targeted Cyber Attack in the Philippines",
"collectionWikiContent": "",
"collectionId": "758f6297e8acd734f52040be6eb97884",
"owner": "",
"tags": [
"advisory",
"malware",
"xftas",
"trojan",
"campaign"
],
"tlp": "",
"created": "2018-07-19T12:45:52.618Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--7e7953f9-ab2b-49b0-56a3-05180cc68163",
"collectionTitle": "Magniber ransomware improves, expands within Asia",
"collectionWikiContent": "",
"collectionId": "7e7953f9ab2b49b056a305180cc68163",
"owner": "",
"tags": [
"advisory",
"malware",
"exploit-kit",
"ransomware",
"xftas"
],
"tlp": "",
"created": "2018-07-19T12:44:33.715Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--45429b0d-1c2a-9a2c-3b34-4b86a2000da9",
"collectionTitle": "Avoid the Vermin RAThole",
"collectionWikiContent": "",
"collectionId": "45429b0d1c2a9a2c3b344b86a2000da9",
"owner": "",
"tags": [
"advisory",
"phishing",
"malware",
"xftas",
"socialengineering"
],
"tlp": "",
"created": "2018-07-19T12:38:34.823Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--3a01ec13-19bd-c26a-9992-63fd7e13a5e9",
"collectionTitle": "Big Bang Attacks In the Middle East",
"collectionWikiContent": "",
"collectionId": "3a01ec1319bdc26a999263fd7e13a5e9",
"owner": "",
"tags": [
"malware",
"campaign",
"xftas",
"advisory",
"phishing"
],
"tlp": "",
"created": "2018-07-18T13:01:43.142Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--3e443bb5-912b-ebf9-d532-b96faaf52cba",
"collectionTitle": "Plead Malware Misuses Taiwanese Code-Signing Certificates",
"collectionWikiContent": "",
"collectionId": "3e443bb5912bebf9d532b96faaf52cba",
"owner": "",
"tags": [
"malware",
"threat-actor",
"advisory",
"xftas",
"backdoor"
],
"tlp": "",
"created": "2018-07-17T12:40:26.058Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--4b26df54-adaa-9481-8df5-454d52be255f",
"collectionTitle": "New Tactics Seen In Smoke Loader \ufffc",
"collectionWikiContent": "",
"collectionId": "4b26df54adaa94818df5454d52be255f",
"owner": "",
"tags": [
"downloader",
"advisory",
"malware",
"xftas"
],
"tlp": "",
"created": "2018-07-16T13:28:29.580Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--7bef196b-141f-fe91-d9a5-6604e9ac891e",
"collectionTitle": "RANCOR: Targeted Attacks in South East Asia Using PLAINTEE and DDKONG Malware Families",
"collectionWikiContent": "",
"collectionId": "7bef196b141ffe91d9a56604e9ac891e",
"owner": "",
"tags": [
"malware",
"campaign",
"advisory",
"xftas"
],
"tlp": "",
"created": "2018-07-16T12:09:29.756Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--9fcfbfd3-90d8-a7f4-5763-cb7738bc1ed7",
"collectionTitle": "Exploit Kit Activity Slow, But Not Gone",
"collectionWikiContent": "",
"collectionId": "9fcfbfd390d8a7f45763cb7738bc1ed7",
"owner": "",
"tags": [
"advisory",
"ransomware",
"xftas",
"exploit-kit",
"malware"
],
"tlp": "",
"created": "2018-07-13T12:54:59.397Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--705dc412-16b0-4c9b-dc55-fe75476fb18f",
"collectionTitle": "Tick Group Using USB Drives In Air-Gapped Attacks",
"collectionWikiContent": "",
"collectionId": "705dc41216b04c9bdc55fe75476fb18f",
"owner": "",
"tags": [
"threat-group",
"espionage",
"advisory",
"xftas",
"malware"
],
"tlp": "",
"created": "2018-07-12T14:04:12.299Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--9c431605-8c7a-4c50-931d-135e62d55d89",
"collectionTitle": "Petya (NotPetya) Ransomware Campaign",
"collectionWikiContent": "",
"collectionId": "9c4316058c7a4c50931d135e62d55d89",
"owner": "",
"tags": [
"xftas",
"incident",
"ransomware",
"x-force",
"advisory"
],
"tlp": "",
"created": "2018-07-12T13:29:29.121Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--82b7d07c-4b09-8c6f-cb6e-a850af8564ba",
"collectionTitle": "New Encrypted Downloader - GZipDe",
"collectionWikiContent": "",
"collectionId": "82b7d07c4b098c6fcb6ea850af8564ba",
"owner": "",
"tags": [
"xftas",
"advisory",
"backdoor",
"malware"
],
"tlp": "",
"created": "2018-07-12T12:59:31.318Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--b8d1b241-554c-71ce-a5e7-adef0c8f0ef6",
"collectionTitle": "Threat-Group Magecart Targets Ticketmaster",
"collectionWikiContent": "",
"collectionId": "b8d1b241554c71cea5e7adef0c8f0ef6",
"owner": "",
"tags": [
"advisory",
"breach",
"threat-group",
"xftas"
],
"tlp": "",
"created": "2018-07-11T12:58:13.094Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--5ae492bb-b552-3d11-d0b1-638f63eaee40",
"collectionTitle": "Japan and Korea Victims of FakeSpy Malware",
"collectionWikiContent": "",
"collectionId": "5ae492bbb5523d11d0b1638f63eaee40",
"owner": "",
"tags": [
"xftas",
"advisory",
"sms",
"android",
"malware"
],
"tlp": "",
"created": "2018-07-06T12:38:28.040Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--4d8a5f67-e8da-2e98-df25-707e34407716",
"collectionTitle": "The New Face of Necurs: Noteworthy Changes to Necurs’ Behaviors",
"collectionWikiContent": "",
"collectionId": "4d8a5f67e8da2e98df25707e34407716",
"owner": "",
"tags": [
"malware",
"xftas",
"botnet",
"advisory",
"phishing"
],
"tlp": "",
"created": "2018-07-05T14:42:20.430Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--a9feda5f-5c2f-d1ef-ed6a-9ece34716e63",
"collectionTitle": "Malicious Documents from Lazarus Group Targeting South Korea",
"collectionWikiContent": "",
"collectionId": "a9feda5f5c2fd1efed6a9ece34716e63",
"owner": "",
"tags": [
"trojan",
"xftas",
"malware",
"campaign",
"advisory"
],
"tlp": "",
"created": "2018-07-05T13:05:11.071Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--36084708-4c89-5ed5-be6c-0d90a6448e33",
"collectionTitle": "TrickBot Campaigns Target North American and European Banks",
"collectionWikiContent": "",
"collectionId": "360847084c895ed5be6c0d90a6448e33",
"owner": "",
"tags": [
"xftas",
"trusteer",
"advisory",
"campaign"
],
"tlp": "",
"created": "2018-07-05T03:45:53.721Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--42c20077-d7b0-f9e5-a553-3e53e21c5b61",
"collectionTitle": "First Quarter Phishing Results",
"collectionWikiContent": "",
"collectionId": "42c20077d7b0f9e5a5533e53e21c5b61",
"owner": "",
"tags": [
"xftas",
"advisory",
"phishing"
],
"tlp": "",
"created": "2018-07-03T12:05:14.971Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--4ac0b8ce-b094-78be-a508-8b6dfc171295",
"collectionTitle": "Android Malware HeroRat Abuses Telegram For Communication",
"collectionWikiContent": "",
"collectionId": "4ac0b8ceb09478bea5088b6dfc171295",
"owner": "",
"tags": [
"xftas",
"android",
"advisory",
"malware"
],
"tlp": "",
"created": "2018-07-03T12:01:51.899Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--5a957461-b03b-6759-e2ac-0426ce3f76dd",
"collectionTitle": "Kardon Loader",
"collectionWikiContent": "",
"collectionId": "5a957461b03b6759e2ac0426ce3f76dd",
"owner": "",
"tags": [
"xftas",
"malware",
"downloader",
"advisory"
],
"tlp": "",
"created": "2018-06-28T13:22:59.128Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--1e3a71f8-f9f0-a72e-8c17-e322f1e5824e",
"collectionTitle": "APT15 - Repurposing Old Tools",
"collectionWikiContent": "",
"collectionId": "1e3a71f8f9f0a72e8c17e322f1e5824e",
"owner": "",
"tags": [
"advisory",
"apt15",
"campaign",
"malware",
"xftas"
],
"tlp": "",
"created": "2018-06-27T16:31:27.680Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--ddfa3245-5735-dadf-10e8-9dca1c178a54",
"collectionTitle": "Olympic Destroyer is still alive",
"collectionWikiContent": "",
"collectionId": "ddfa32455735dadf10e89dca1c178a54",
"owner": "",
"tags": [
"malware",
"campaign",
"advisory",
"xftas",
"olympicdestroyer"
],
"tlp": "",
"created": "2018-06-26T13:25:03.568Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--a1b076e9-b125-677b-71d4-9beb880364a3",
"collectionTitle": "VPNFilter Exploiting Endpoints and New Devices",
"collectionWikiContent": "",
"collectionId": "a1b076e9b125677b71d49beb880364a3",
"owner": "",
"tags": [
"incident",
"malware",
"campaign",
"advisory",
"xftas"
],
"tlp": "",
"created": "2018-06-06T13:50:37.696Z",
"modified": "2018-09-21T10:28:04.255Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--cc3e6b17-5c72-c02b-e552-53f690a0577f",
"collectionTitle": "When Encryption EFails",
"collectionWikiContent": "",
"collectionId": "cc3e6b175c72c02be55253f690a0577f",
"owner": "",
"tags": [
"incident",
"advisory",
"vulnerability",
"xftas"
],
"tlp": "",
"created": "2018-05-15T17:43:43.299Z",
"modified": "2018-09-21T10:28:04.256Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--b5feb100-feef-de52-e5e6-11d89059bf17",
"collectionTitle": "Unpatched CVE-2017-11882 Leads to Remcos RAT Variant",
"collectionWikiContent": "",
"collectionId": "b5feb100feefde52e5e611d89059bf17",
"owner": "",
"tags": [
"advisory",
"campaign",
"rat",
"malware",
"xftas"
],
"tlp": "",
"created": "2018-05-11T12:52:17.088Z",
"modified": "2018-09-21T10:28:04.256Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--252c030b-9ca5-e544-340b-50fbc6c2d847",
"collectionTitle": "SynAck Ransomware and Process Doppelgänging",
"collectionWikiContent": "",
"collectionId": "252c030b9ca5e544340b50fbc6c2d847",
"owner": "",
"tags": [
"ransomware",
"xftas",
"advisory",
"malware"
],
"tlp": "",
"created": "2018-05-10T12:43:22.834Z",
"modified": "2018-09-21T10:28:04.256Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--79e9972b-9d88-8293-af01-f79d8b64556d",
"collectionTitle": "Operation GhostSecret Havesting Data Globally",
"collectionWikiContent": "",
"collectionId": "79e9972b9d888293af01f79d8b64556d",
"owner": "",
"tags": [
"incident",
"advisory",
"malware",
"xftas",
"threat-group"
],
"tlp": "",
"created": "2018-05-01T19:19:08.877Z",
"modified": "2018-09-21T10:28:04.256Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--cf0214e8-7d68-ac6e-ff27-eb6714ac65d3",
"collectionTitle": "Examining Sednit and Zebrocy",
"collectionWikiContent": "",
"collectionId": "cf0214e87d68ac6eff27eb6714ac65d3",
"owner": "",
"tags": [
"treat-group",
"malware",
"advisory",
"campaign",
"xftas"
],
"tlp": "",
"created": "2018-04-27T12:51:25.563Z",
"modified": "2018-09-21T10:28:04.256Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--0547cbc8-eb2d-c52c-344b-5da2b7c4063f",
"collectionTitle": "Muhstik Botnet Actively Exploiting CVE-2018-7600",
"collectionWikiContent": "",
"collectionId": "0547cbc8eb2dc52c344b5da2b7c4063f",
"owner": "",
"tags": [
"xftas",
"advisory",
"malware",
"botnet",
"vulnerability"
],
"tlp": "",
"created": "2018-04-25T13:35:06.712Z",
"modified": "2018-09-21T10:28:04.256Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--643d3535-4f6e-8bbb-4744-95d454e6c1dc",
"collectionTitle": "Threat-Group Orangeworm Targets Healthcare Industry",
"collectionWikiContent": "",
"collectionId": "643d35354f6e8bbb474495d454e6c1dc",
"owner": "",
"tags": [
"malware",
"xftas",
"threat-actor",
"incident",
"advisory"
],
"tlp": "",
"created": "2018-04-25T12:25:21.380Z",
"modified": "2018-09-21T10:28:04.256Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--4c07cd36-8e67-cc98-f3fa-f225f75549b1",
"collectionTitle": "New Lazarus Group Financial Tactics",
"collectionWikiContent": "",
"collectionId": "4c07cd368e67cc98f3faf225f75549b1",
"owner": "",
"tags": [
"advisory",
"xftas",
"malware",
"phishing",
"incident"
],
"tlp": "",
"created": "2018-04-18T01:49:56.359Z",
"modified": "2018-09-21T10:28:04.256Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--378da1cd-99f4-0ef4-8c68-421b7d836084",
"collectionTitle": "Banking Trojan IcedID Teams Up With Ursnif/Dreambot",
"collectionWikiContent": "",
"collectionId": "378da1cd99f40ef48c68421b7d836084",
"owner": "",
"tags": [
"advisory",
"trojan",
"xftas",
"x-force",
"incident"
],
"tlp": "",
"created": "2018-04-12T21:10:53.334Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--26ebed27-6070-f2bc-04d5-27046d54fb2f",
"collectionTitle": "Sofacy aka APT28, Fancy Bear, Tsar Team Activity.",
"collectionWikiContent": "",
"collectionId": "26ebed276070f2bc04d527046d54fb2f",
"owner": "",
"tags": [
"xftas",
"advisory",
"campaign",
"malware",
"sofacy"
],
"tlp": "",
"created": "2018-03-27T16:15:14.490Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--4d496fa8-22c5-bb7c-d345-f12625f490ee",
"collectionTitle": "World Leader in Spam Traffic - Necurs Botnet",
"collectionWikiContent": "",
"collectionId": "4d496fa822c5bb7cd345f12625f490ee",
"owner": "",
"tags": [
"incident",
"xftas",
"botnet",
"campaign",
"advisory"
],
"tlp": "",
"created": "2018-03-21T01:59:59.655Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--4fb56e51-6416-c5eb-ca49-a2f0babb7f56",
"collectionTitle": "Ryzenfall",
"collectionWikiContent": "",
"collectionId": "4fb56e516416c5ebca49a2f0babb7f56",
"owner": "",
"tags": [
"xftas",
"vulnerability",
"advisory",
"incident"
],
"tlp": "",
"created": "2018-03-21T01:23:58.001Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--702327db-3f58-c569-daa5-7ab7a21e1ba9",
"collectionTitle": "Donot Team Targets South Asia With Modular Malware Framework",
"collectionWikiContent": "",
"collectionId": "702327db3f58c569daa57ab7a21e1ba9",
"owner": "",
"tags": [
"incident",
"campaign",
"malware",
"advisory",
"xftas"
],
"tlp": "",
"created": "2018-03-16T12:36:49.070Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--dd0b60a5-e090-dbf6-5df8-be77673c182e",
"collectionTitle": "Hidden Cobra Targets Turkish Financial Sector With Bankshot Malware",
"collectionWikiContent": "",
"collectionId": "dd0b60a5e090dbf65df8be77673c182e",
"owner": "",
"tags": [
"malware",
"advisory",
"xftas",
"campaign",
"phishing"
],
"tlp": "",
"created": "2018-03-13T14:24:23.422Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--f8f272d0-1569-b771-91fd-a3ea1b8292d4",
"collectionTitle": "Dark Cloud Botnet Distributing Gozi ISFB",
"collectionWikiContent": "",
"collectionId": "f8f272d01569b77191fda3ea1b8292d4",
"owner": "",
"tags": [
"campaign",
"advisory",
"malware",
"incident",
"xftas"
],
"tlp": "",
"created": "2018-03-12T13:08:20.518Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--7a463c24-f933-09fc-8d79-709940497166",
"collectionTitle": "From Ransomware to Mining - Rig Exploit Kit",
"collectionWikiContent": "",
"collectionId": "7a463c24f93309fc8d79709940497166",
"owner": "",
"tags": [
"xftas",
"campaign",
"exploit-kit",
"incident",
"advisory"
],
"tlp": "",
"created": "2018-03-01T13:29:10.543Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--336ed192-d0ce-4c11-e42f-28cddba6b41e",
"collectionTitle": "ThreeDollars Will Get You an OopsIE",
"collectionWikiContent": "",
"collectionId": "336ed192d0ce4c11e42f28cddba6b41e",
"owner": "",
"tags": [
"xftas",
"advisory",
"campaign",
"incident",
"trojan"
],
"tlp": "",
"created": "2018-02-26T13:47:44.903Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--dc96e8bd-ff75-73ef-b87d-43d7584c1fbc",
"collectionTitle": "Fear The Reaper - North Korean Group APT37",
"collectionWikiContent": "",
"collectionId": "dc96e8bdff7573efb87d43d7584c1fbc",
"owner": "",
"tags": [
"advisory",
"threat-group",
"malware",
"xftas",
"spearphishing"
],
"tlp": "",
"created": "2018-02-22T16:56:00.281Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--da4453df-09ef-34fa-1f11-b79674f26966",
"collectionTitle": "IBM X-Force IRIS Uncovers Active Business Email Compromise Campaign Targeting Fortune 500 Companies",
"collectionWikiContent": "",
"collectionId": "da4453df09ef34fa1f11b79674f26966",
"owner": "",
"tags": [
"incident",
"phishing",
"secintel",
"xftas",
"advisory"
],
"tlp": "",
"created": "2018-02-22T02:58:48.736Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--15aa3da1-4c5f-4105-52e7-6721cf840da9",
"collectionTitle": "CouchDB Vulnerabilities Exploited to Install Monero Miners",
"collectionWikiContent": "",
"collectionId": "15aa3da14c5f410552e76721cf840da9",
"owner": "",
"tags": [
"xftas",
"vulnerability",
"malware",
"advisory"
],
"tlp": "",
"created": "2018-02-19T14:58:30.490Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--270adc8e-125e-5d69-645c-5095d044a674",
"collectionTitle": "Ukrainian Bitcoin Phishing Ring - COINHOARDER",
"collectionWikiContent": "",
"collectionId": "270adc8e125e5d69645c5095d044a674",
"owner": "",
"tags": [
"advisory",
"xftas",
"bitcoin",
"incident",
"phishing"
],
"tlp": "",
"created": "2018-02-16T03:56:32.861Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--93e42182-e9eb-8974-9571-7365152450d0",
"collectionTitle": "Lazarus Group Returns With New Targets",
"collectionWikiContent": "",
"collectionId": "93e42182e9eb897495717365152450d0",
"owner": "",
"tags": [
"advisory",
"xftas",
"campaign",
"phishing",
"incident"
],
"tlp": "",
"created": "2018-02-15T13:31:52.748Z",
"modified": "2018-09-21T10:28:04.257Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--02ef8edc-4878-415c-6e6e-2fb7d760c391",
"collectionTitle": "Olympic Destroyer",
"collectionWikiContent": "",
"collectionId": "02ef8edc4878415c6e6e2fb7d760c391",
"owner": "",
"tags": [
"xftas",
"threat-actor",
"advisory",
"campaign",
"malware"
],
"tlp": "",
"created": "2018-02-12T20:05:01.051Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--643391dc-0da3-ebd1-68f4-9904ddd02c0d",
"collectionTitle": "LuminosityLink Apparently Dead",
"collectionWikiContent": "",
"collectionId": "643391dc0da3ebd168f49904ddd02c0d",
"owner": "",
"tags": [
"rat",
"advisory",
"incident",
"xftas",
"malware"
],
"tlp": "",
"created": "2018-02-12T05:30:55.350Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--332b945b-fc32-1da1-5c1a-be1f932a2321",
"collectionTitle": "Gold Dragon - Attacks Against the Organizations Involved in the Pyeongchang Olympics",
"collectionWikiContent": "",
"collectionId": "332b945bfc321da15c1abe1f932a2321",
"owner": "",
"tags": [
"xftas",
"phishing",
"advisory",
"campaign",
"malware"
],
"tlp": "",
"created": "2018-02-09T14:28:38.199Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--cfe72560-6019-bea8-8feb-05e78faa6e88",
"collectionTitle": "Middle East Under Attack By TopHat Campaign",
"collectionWikiContent": "",
"collectionId": "cfe725606019bea88feb05e78faa6e88",
"owner": "",
"tags": [
"xftas",
"advisory",
"incident",
"malware",
"campaign"
],
"tlp": "",
"created": "2018-02-08T01:24:09.834Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--12749a9d-bc20-e2f4-0b3a-e99c43416d8c",
"collectionTitle": "East Asia Organizations Victims of Comnie Attack",
"collectionWikiContent": "",
"collectionId": "12749a9dbc20e2f40b3ae99c43416d8c",
"owner": "",
"tags": [
"advisory",
"campaign",
"malware",
"xftas",
"incident"
],
"tlp": "",
"created": "2018-02-05T00:19:35.131Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--ccc17ac0-62d8-fc1c-f50f-cd0079b005e5",
"collectionTitle": "Ukraine Targeted by VERMIN and Quasar RAT",
"collectionWikiContent": "",
"collectionId": "ccc17ac062d8fc1cf50fcd0079b005e5",
"owner": "",
"tags": [
"xftas",
"incident",
"advisory",
"campaign",
"malware"
],
"tlp": "",
"created": "2018-02-04T23:47:14.260Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--3d7e9934-dd1f-b402-d1b1-7da0e69a6642",
"collectionTitle": "Malvertising Campaign Delivers Cryptocurrency Miners",
"collectionWikiContent": "",
"collectionId": "3d7e9934dd1fb402d1b17da0e69a6642",
"owner": "",
"tags": [
"malvertising",
"incident",
"cryptocurrency",
"advisory",
"xftas"
],
"tlp": "",
"created": "2018-01-29T02:40:57.770Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--ed114a1a-2664-7a17-f1c1-6982776f8da5",
"collectionTitle": "Dark Caracal - Espionage Campaign Discovered",
"collectionWikiContent": "",
"collectionId": "ed114a1a26647a17f1c16982776f8da5",
"owner": "",
"tags": [
"campaign",
"xftas",
"advisory",
"incident",
"malware"
],
"tlp": "",
"created": "2018-01-23T15:41:54.044Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--35e470b8-d874-58eb-f417-2455e28f828f",
"collectionTitle": "X-Force 2017 Data Breach Review",
"collectionWikiContent": "",
"collectionId": "35e470b8d87458ebf4172455e28f828f",
"owner": "",
"tags": [
"x-force",
"cryptocurrency",
"incident",
"breach",
"advisory"
],
"tlp": "",
"created": "2018-01-18T17:23:16.197Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--56f67178-bb9f-6b85-cc0d-b3c323243c8d",
"collectionTitle": "Group 123's 2016 to 2018 Campaigns Against South Korea",
"collectionWikiContent": "",
"collectionId": "56f67178bb9f6b85cc0db3c323243c8d",
"owner": "",
"tags": [
"xftas",
"incident",
"spearphish",
"threat-actor",
"advisory"
],
"tlp": "",
"created": "2018-01-18T15:47:59.430Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--ee0e5cd8-5fb6-1e48-555f-cdd445aa68eb",
"collectionTitle": "Smoke Loader Malware Disguised As Spectre / Meltdown Patch",
"collectionWikiContent": "",
"collectionId": "ee0e5cd85fb61e48555fcdd445aa68eb",
"owner": "",
"tags": [
"advisory",
"incident",
"xftas",
"phishing",
"malware"
],
"tlp": "",
"created": "2018-01-16T17:08:06.839Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--c422fb7c-4f08-a679-812c-f1190db15441",
"collectionTitle": "Central Processor Unit (CPU) Architectural Design Flaws",
"collectionWikiContent": "",
"collectionId": "c422fb7c4f08a679812cf1190db15441",
"owner": "",
"tags": [
"xftas",
"vulnerability",
"advisory",
"privilege-escalation"
],
"tlp": "",
"created": "2018-01-16T14:26:04.791Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--69d72341-95f0-6858-e5e6-a6dfddb45755",
"collectionTitle": "Cryptominer RubyMiner Targets Web Servers",
"collectionWikiContent": "",
"collectionId": "69d7234195f06858e5e6a6dfddb45755",
"owner": "",
"tags": [
"cryptocurrency",
"xftas",
"incident",
"monero",
"advisory"
],
"tlp": "",
"created": "2018-01-16T14:02:22.349Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--ae7bce61-b366-6346-a963-3b6973793ee8",
"collectionTitle": "Pyeongchang Olympics Target of Spear-Phishing Campaign",
"collectionWikiContent": "",
"collectionId": "ae7bce61b3666346a9633b6973793ee8",
"owner": "",
"tags": [
"incident",
"advisory",
"xftas",
"campaign",
"spear-phishing"
],
"tlp": "",
"created": "2018-01-12T14:20:09.035Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--747810a1-5f5b-565e-eda9-05c5c35a99c9",
"collectionTitle": "Malicious Crypto Mining Software On Morfix",
"collectionWikiContent": "",
"collectionId": "747810a15f5b565eeda905c5c35a99c9",
"owner": "",
"tags": [
"cryptocurrency",
"x-force",
"xftas",
"advisory",
"malware"
],
"tlp": "",
"created": "2017-12-29T14:01:30.241Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--6bf3458a-bf56-a10a-4e2b-ae477bf970e0",
"collectionTitle": "Hackers Can Modify Legitimate Apps Using Janus Vulnerability",
"collectionWikiContent": "",
"collectionId": "6bf3458abf56a10a4e2bae477bf970e0",
"owner": "",
"tags": [
"malware",
"advisory",
"xftas",
"vulnerability",
"android"
],
"tlp": "",
"created": "2017-12-29T04:08:58.588Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--15ada2e4-3dd4-494e-2ef0-ccb5337ac5c3",
"collectionTitle": "VenusLocker Switches Tactics From Ransomware to Monero Mining",
"collectionWikiContent": "",
"collectionId": "15ada2e43dd4494e2ef0ccb5337ac5c3",
"owner": "",
"tags": [
"malware",
"xftas",
"phishing",
"coinminer",
"advisory"
],
"tlp": "",
"created": "2017-12-27T22:35:32.548Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--884daf4a-0d2c-674f-4d2e-9714508afde1",
"collectionTitle": "GnatSpy Mobile Malware Family",
"collectionWikiContent": "",
"collectionId": "884daf4a0d2c674f4d2e9714508afde1",
"owner": "",
"tags": [
"threat-actor",
"malware",
"xftas",
"incident",
"advisory"
],
"tlp": "",
"created": "2017-12-27T20:55:17.068Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--ad4798b9-0161-c166-8f33-21b09a68f533",
"collectionTitle": "TRITON - New ICS Attack Framework",
"collectionWikiContent": "",
"collectionId": "ad4798b90161c1668f3321b09a68f533",
"owner": "",
"tags": [
"x-force",
"malware",
"threat-research",
"xftas",
"advisory"
],
"tlp": "",
"created": "2017-12-19T03:08:36.860Z",
"modified": "2018-09-21T10:28:04.258Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--76d21f04-7b57-e9b3-a571-54991f41df49",
"collectionTitle": "CVE-2017-11882 Exploited in the Wild in the Middle East",
"collectionWikiContent": "",
"collectionId": "76d21f047b57e9b3a57154991f41df49",
"owner": "",
"tags": [
"xftas",
"advisory",
"vulnerability",
"incident",
"malware"
],
"tlp": "",
"created": "2017-12-11T04:41:34.090Z",
"modified": "2018-09-21T10:28:04.259Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--e989f4e6-dc57-bbcc-12d6-d88d7b9ff386",
"collectionTitle": "Recam Redux Spread Via Malicious Word Document",
"collectionWikiContent": "",
"collectionId": "e989f4e6dc57bbcc12d6d88d7b9ff386",
"owner": "",
"tags": [
"keylogger",
"malware",
"xftas",
"advisory"
],
"tlp": "",
"created": "2017-12-07T21:05:00.141Z",
"modified": "2018-09-21T10:28:04.259Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--16ab81a6-7ff9-34a2-ad7f-9a66942cb9dc",
"collectionTitle": "XFTAS-VU-2017 Critical Intel Vulnerabilities (INTEL-SA-00086)",
"collectionWikiContent": "",
"collectionId": "16ab81a67ff934a2ad7f9a66942cb9dc",
"owner": "",
"tags": [
"x-force",
"advisory",
"xftas",
"vulnerability"
],
"tlp": "",
"created": "2017-12-07T15:56:11.226Z",
"modified": "2018-09-21T10:28:04.259Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--97d2ebca-5828-64f2-8929-79439bbc1bcf",
"collectionTitle": "Global Disruption of Gamarue",
"collectionWikiContent": "",
"collectionId": "97d2ebca582864f2892979439bbc1bcf",
"owner": "",
"tags": [
"incident",
"malware",
"botnet",
"advisory",
"xftas"
],
"tlp": "",
"created": "2017-12-06T04:24:01.324Z",
"modified": "2018-09-21T10:28:04.259Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--d49e53a7-a512-efed-0841-17f0543fb5c2",
"collectionTitle": "XFTAS-MA-2017-00002 - Reaper IoT Botnet (IoT_Reaper aka IoTroop)",
"collectionWikiContent": "",
"collectionId": "d49e53a7a512efed084117f0543fb5c2",
"owner": "",
"tags": [
"x-force",
"malware",
"advisory",
"botnet",
"xftas"
],
"tlp": "",
"created": "2017-12-04T23:04:16.799Z",
"modified": "2018-09-21T10:28:04.259Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--39f92874-2993-9b39-f5d7-50cd20f039e9",
"collectionTitle": "URSNIF Spam Mail Malicious Macro Evasion Tactics",
"collectionWikiContent": "",
"collectionId": "39f9287429939b39f5d750cd20f039e9",
"owner": "",
"tags": [
"xftas",
"malware",
"x-force",
"campaign",
"advisory"
],
"tlp": "",
"created": "2017-11-30T17:07:22.611Z",
"modified": "2018-09-21T10:28:04.259Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--d0603932-7a92-11cd-9143-8c8e46d8b453",
"collectionTitle": "UBoatRAT Targeting Companies in East Asia",
"collectionWikiContent": "",
"collectionId": "d06039327a9211cd91438c8e46d8b453",
"owner": "",
"tags": [
"xftas",
"threat-actor",
"advisory",
"malware",
"campaign"
],
"tlp": "",
"created": "2017-11-30T13:06:23.485Z",
"modified": "2018-09-21T10:28:04.259Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--3dc718a1-adfb-d938-8ecc-b0da2c40369e",
"collectionTitle": "New Variant of ROKRAT Discovered",
"collectionWikiContent": "",
"collectionId": "3dc718a1adfbd9388eccb0da2c40369e",
"owner": "",
"tags": [
"campaign",
"advisory",
"threat-actor",
"xftas",
"malware"
],
"tlp": "",
"created": "2017-11-29T19:11:49.590Z",
"modified": "2018-09-21T10:28:04.259Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--21724521-4fcb-da7f-1c01-e51c17c09c81",
"collectionTitle": "Apple macOS High Sierra Root Login Bypass",
"collectionWikiContent": "",
"collectionId": "217245214fcbda7f1c01e51c17c09c81",
"owner": "",
"tags": [
"vulnerability",
"advisory",
"xftas"
],
"tlp": "",
"created": "2017-11-29T18:35:09.268Z",
"modified": "2018-09-21T10:28:04.259Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--4e4993a5-a4b6-f9dd-c544-7bfb1c4cb467",
"collectionTitle": "New Mirai Variant Scanning Ports 23 and 2323",
"collectionWikiContent": "",
"collectionId": "4e4993a5a4b6f9ddc5447bfb1c4cb467",
"owner": "",
"tags": [
"campaign",
"botnet",
"xftas",
"advisory",
"incident"
],
"tlp": "",
"created": "2017-11-28T05:30:51.296Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--315ac3bb-80e5-c762-3ed8-3801c9b1a004",
"collectionTitle": "Virtual Coin Miners Using Steganography",
"collectionWikiContent": "",
"collectionId": "315ac3bb80e5c7623ed83801c9b1a004",
"owner": "",
"tags": [
"incident",
"advisory",
"xftas",
"x-force",
"malware"
],
"tlp": "",
"created": "2017-11-14T14:58:49.836Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--92f1aa27-b69d-ba51-b83b-20ced2aa3abf",
"collectionTitle": "XFTAS-MA-2017-00003 - Ordinypt Ransomware Wipes Disk Instead",
"collectionWikiContent": "",
"collectionId": "92f1aa27b69dba51b83b20ced2aa3abf",
"owner": "",
"tags": [
"wipeware",
"malware",
"x-force",
"xftas",
"advisory"
],
"tlp": "",
"created": "2017-11-13T04:07:19.837Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--3380d390-00d3-12e1-cd46-2d9ee7accb4f",
"collectionTitle": "WikiLeaks Vault 8 Leak",
"collectionWikiContent": "",
"collectionId": "3380d39000d312e1cd462d9ee7accb4f",
"owner": "",
"tags": [
"advisory",
"x-force",
"threat-research",
"xftas",
"exploit-kit"
],
"tlp": "",
"created": "2017-11-10T20:51:36.573Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--5a5f6ff2-1f98-0a3d-3dee-9cbcbba02a30",
"collectionTitle": "WikiLeaks Vault 7 Leak",
"collectionWikiContent": "",
"collectionId": "5a5f6ff21f980a3d3dee9cbcbba02a30",
"owner": "",
"tags": [
"advisory",
"threat-research",
"xftas",
"x-force"
],
"tlp": "",
"created": "2017-11-10T18:36:57.400Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--93a8ab7c-5f5f-7d17-3b63-7d6a295772eb",
"collectionTitle": "XFTAS-SI-2017-00003 - RedBaldKnight (Bronze Butler) Steganography Utilization",
"collectionWikiContent": "",
"collectionId": "93a8ab7c5f5f7d173b637d6a295772eb",
"owner": "",
"tags": [
"xftas",
"incident",
"x-force",
"advisory"
],
"tlp": "",
"created": "2017-11-10T13:51:39.122Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--42553a29-d877-dc31-8cec-cb7efd13711e",
"collectionTitle": "XFTAS-SI-2017-00002 - Gaza Cybergang 2017 Activity",
"collectionWikiContent": "",
"collectionId": "42553a29d877dc318ceccb7efd13711e",
"owner": "",
"tags": [
"advisory",
"incident",
"x-force"
],
"tlp": "",
"created": "2017-10-31T17:44:18.549Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--51367349-265e-a41c-75bc-90ebb4c7cf45",
"collectionTitle": "XFTAS-MA-2017-00001 - Sage 2.2 Ransomware Variant",
"collectionWikiContent": "",
"collectionId": "51367349265ea41c75bc90ebb4c7cf45",
"owner": "",
"tags": [
"ransomware",
"x-force",
"malware",
"xftas",
"advisory"
],
"tlp": "",
"created": "2017-10-30T20:13:33.013Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--eb5a5e66-8622-c301-0b7f-fce1575a9553",
"collectionTitle": "Coin Miner Mobile Malware",
"collectionWikiContent": "",
"collectionId": "eb5a5e668622c3010b7ffce1575a9553",
"owner": "",
"tags": [
"xftas",
"malware",
"vulnerability",
"x-force",
"advisory"
],
"tlp": "",
"created": "2017-10-30T17:47:29.698Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--51701e9c-25aa-af7e-02b1-9fa6d63ccc80",
"collectionTitle": "XFTAS-SI-2017-00001 - Bad Rabbit",
"collectionWikiContent": "",
"collectionId": "51701e9c25aaaf7e02b19fa6d63ccc80",
"owner": "",
"tags": [
"malware",
"advisory",
"x-force",
"incident",
"xftas"
],
"tlp": "",
"created": "2017-10-30T03:21:13.114Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--396ecb68-8062-5d6e-58dd-7636b7c8e8fd",
"collectionTitle": "WiFi KRACK - Key Reinstallation AttaCKs",
"collectionWikiContent": "",
"collectionId": "396ecb6880625d6e58dd7636b7c8e8fd",
"owner": "",
"tags": [
"wpa2",
"x-force",
"advisory",
"vulnerability",
"xftas"
],
"tlp": "",
"created": "2017-10-19T13:54:20.796Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--59608f35-312a-6585-3c4b-9913dc7fe8f5",
"collectionTitle": "Taiwan Far Eastern International Bank (FEIB) Heist - Lazarus Tools and Ransomware",
"collectionWikiContent": "",
"collectionId": "59608f35312a65853c4b9913dc7fe8f5",
"owner": "",
"tags": [
"advisory",
"incident",
"xftas",
"x-force",
"malware"
],
"tlp": "",
"created": "2017-10-18T19:10:51.268Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--9ffcf4ce-159e-932c-fe59-7695c1f44fe8",
"collectionTitle": "BlackOasis APT - Adobe Flash Player Exploited in the Wild",
"collectionWikiContent": "",
"collectionId": "9ffcf4ce159e932cfe597695c1f44fe8",
"owner": "",
"tags": [
"advisory",
"vulnerability",
"x-force",
"xftas",
"malware"
],
"tlp": "",
"created": "2017-10-16T23:52:22.779Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--6b109043-e6df-d31a-aa69-b65f02b33c13",
"collectionTitle": "Service of Ukraine Warns of Possible Large-scale Cyber-Attack",
"collectionWikiContent": "",
"collectionId": "6b109043e6dfd31aaa69b65f02b33c13",
"owner": "",
"tags": [
"incident",
"advisory",
"campaign",
"xftas",
"threat-actor"
],
"tlp": "",
"created": "2017-10-13T17:32:22.639Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--9a8a1668-1cb2-94d4-a020-186001e798de",
"collectionTitle": "Botnet Based LFI Attack",
"collectionWikiContent": "",
"collectionId": "9a8a16681cb294d4a020186001e798de",
"owner": "",
"tags": [
"threat-research",
"x-force",
"botnet",
"advisory",
"xftas"
],
"tlp": "",
"created": "2017-10-12T20:36:18.680Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--7fec242c-222a-d83d-72ce-2ccfb3b6a322",
"collectionTitle": "Malvertising Campaign Uses RIG EK to Drop Quant Loader to Download FormBook",
"collectionWikiContent": "",
"collectionId": "7fec242c222ad83d72ce2ccfb3b6a322",
"owner": "",
"tags": [
"malware",
"xftas",
"advisory",
"x-force",
"malvertising"
],
"tlp": "",
"created": "2017-10-12T18:30:18.213Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--416f5f08-b86a-df90-c71f-44457548b155",
"collectionTitle": "Phishing Campaign - Phish for the Future",
"collectionWikiContent": "",
"collectionId": "416f5f08b86adf90c71f44457548b155",
"owner": "",
"tags": [
"phishing",
"x-force",
"xftas",
"campaign",
"advisory"
],
"tlp": "",
"created": "2017-09-29T12:52:10.128Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--86c04322-5f16-a9b3-d86a-82dcb9cbce24",
"collectionTitle": "Locky / FakeGlobe SPAM Campaign",
"collectionWikiContent": "",
"collectionId": "86c043225f16a9b3d86a82dcb9cbce24",
"owner": "",
"tags": [
"advisory",
"spam",
"campaign",
"xftas",
"malware"
],
"tlp": "",
"created": "2017-09-19T19:13:24.898Z",
"modified": "2018-09-21T10:28:04.260Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--8884515e-be72-5abb-8637-d2cb1dbd6d28",
"collectionTitle": "Aggressive Distributed Reconnaissance For D-Link Products",
"collectionWikiContent": "",
"collectionId": "8884515ebe725abb8637d2cb1dbd6d28",
"owner": "",
"tags": [
"vulnerability",
"xftas",
"threat-research",
"campaign",
"advisory"
],
"tlp": "",
"created": "2017-09-01T18:46:40.952Z",
"modified": "2018-09-21T10:28:04.261Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--f11f8600-52a1-2391-efb4-42722d9f7e3d",
"collectionTitle": "Perl Shellbot Command Injection Attack",
"collectionWikiContent": "",
"collectionId": "f11f860052a12391efb442722d9f7e3d",
"owner": "",
"tags": [
"botnet",
"malware",
"advisory",
"threat-research",
"xftas"
],
"tlp": "",
"created": "2017-08-01T19:56:32.555Z",
"modified": "2018-09-21T10:28:04.261Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--23c3278e-5ee2-9bc5-a439-636d34321357",
"collectionTitle": "JAFF - Ransomware",
"collectionWikiContent": "",
"collectionId": "23c3278e5ee29bc5a439636d34321357",
"owner": "",
"tags": [
"advisory",
"ransomware",
"xftas",
"x-force"
],
"tlp": "",
"created": "2017-06-14T17:17:00.680Z",
"modified": "2018-09-21T10:28:04.262Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--b8ef8c44-b3cd-a24d-258d-0770ae5fcc2e",
"collectionTitle": "Shadow Brokers Dump",
"collectionWikiContent": "",
"collectionId": "b8ef8c44b3cda24d258d0770ae5fcc2e",
"owner": "",
"tags": [
"exploit-kit",
"x-force",
"advisory",
"xftas",
"malware"
],
"tlp": "",
"created": "2017-06-13T17:34:10.637Z",
"modified": "2018-09-21T10:28:04.262Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--b19e0450-8fca-2f2c-6fe6-70f5f24517d9",
"collectionTitle": "Opicarus2017 - Anonymous Attack against Finance Targets",
"collectionWikiContent": "",
"collectionId": "b19e04508fca2f2c6fe670f5f24517d9",
"owner": "",
"tags": [
"general",
"xftas",
"threat-actor",
"x-force",
"advisory"
],
"tlp": "",
"created": "2017-06-12T15:59:28.508Z",
"modified": "2018-09-21T10:28:04.262Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--761b1c0d-e442-9b81-5f22-06e5ceafcfed",
"collectionTitle": "Fireball Attack Campaign",
"collectionWikiContent": "",
"collectionId": "761b1c0de4429b815f2206e5ceafcfed",
"owner": "",
"tags": [
"xftas",
"campaign",
"malware",
"advisory",
"incident"
],
"tlp": "",
"created": "2017-06-07T11:23:24.254Z",
"modified": "2018-09-21T10:28:04.262Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--1b9b3b35-a218-1dff-d303-2eceb87176a3",
"collectionTitle": "Eternalrocks Worm a.k.a. MicroBotMassiveNet",
"collectionWikiContent": "",
"collectionId": "1b9b3b35a2181dffd3032eceb87176a3",
"owner": "",
"tags": [
"x-force",
"xftas",
"malware",
"botnet",
"advisory"
],
"tlp": "",
"created": "2017-05-23T13:57:17.434Z",
"modified": "2018-09-21T10:28:04.263Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--7e8131a2-83d5-0a0f-13d4-3ae5f1d0058b",
"collectionTitle": "Mirai Botnet Loader Campaign",
"collectionWikiContent": "",
"collectionId": "7e8131a283d50a0f13d43ae5f1d0058b",
"owner": "",
"tags": [
"botnet",
"advisory",
"threat-research",
"malware",
"xftas"
],
"tlp": "",
"created": "2017-04-04T13:59:00.562Z",
"modified": "2018-09-21T10:28:04.263Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--adc572fb-5f58-7f21-5969-8fc38a26a2ca",
"collectionTitle": "Apache Struts 2 Attack Campaign",
"collectionWikiContent": "",
"collectionId": "adc572fb5f587f2159698fc38a26a2ca",
"owner": "",
"tags": [
"vulnerability",
"xftas",
"advisory",
"campaign",
"threat-research"
],
"tlp": "",
"created": "2017-04-03T17:20:01.230Z",
"modified": "2018-09-21T10:28:04.263Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--804a1116-b60a-eec0-2497-e8fb0f1896b9",
"collectionTitle": "TP-Link C2 and C20i vulnerable to command injection",
"collectionWikiContent": "",
"collectionId": "804a1116b60aeec02497e8fb0f1896b9",
"owner": "",
"tags": [
"advisory",
"mss",
"x-force",
"vulnerability",
"xftas"
],
"tlp": "",
"created": "2017-03-22T16:05:18.299Z",
"modified": "2018-09-21T10:28:04.264Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--4377aaa7-58b2-7a6c-4561-81fa6e16dc91",
"collectionTitle": "Nexus 9 FIQ debugger privilege escalation",
"collectionWikiContent": "",
"collectionId": "4377aaa758b27a6c456181fa6e16dc91",
"owner": "",
"tags": [
"vulnerability",
"advisory"
],
"tlp": "",
"created": "2017-03-14T07:41:25.574Z",
"modified": "2018-09-21T10:28:04.264Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--26fdea1e-8cc6-9f52-a551-e8d451f80aa1",
"collectionTitle": "Dridex v4 - Major version upgrade released",
"collectionWikiContent": "",
"collectionId": "26fdea1e8cc69f52a551e8d451f80aa1",
"owner": "",
"tags": [
"dridex",
"advisory",
"malware",
"trojan",
"x-force"
],
"tlp": "",
"created": "2017-02-28T14:29:59.603Z",
"modified": "2018-09-21T10:28:04.264Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--eeed4eed-e51b-9a45-87f4-c7c816ad6e4e",
"collectionTitle": "Spear Phishing Attacks Preceding Shamoon Malware Breakouts",
"collectionWikiContent": "",
"collectionId": "eeed4eede51b9a4587f4c7c816ad6e4e",
"owner": "",
"tags": [
"shamoon",
"threat-actor",
"pupyrat",
"advisory",
"x-force"
],
"tlp": "",
"created": "2017-02-19T08:22:30.596Z",
"modified": "2018-09-21T10:28:04.264Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--1058ce3a-e3ca-0e01-a967-d19d92b8c116",
"collectionTitle": "Aggressive SQL Injection Attack",
"collectionWikiContent": "",
"collectionId": "1058ce3ae3ca0e01a967d19d92b8c116",
"owner": "",
"tags": [
"x-force",
"threat-research",
"incident",
"advisory",
"xftas"
],
"tlp": "",
"created": "2017-01-31T13:45:39.970Z",
"modified": "2018-09-21T10:28:04.264Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--342551c6-7e22-ea04-1f8f-bbc630358f19",
"collectionTitle": "Aggressive SQL Injection Activity",
"collectionWikiContent": "",
"collectionId": "342551c67e22ea041f8fbbc630358f19",
"owner": "",
"tags": [
"xftas",
"incident",
"x-force",
"threat-research",
"advisory"
],
"tlp": "",
"created": "2017-01-24T14:46:13.446Z",
"modified": "2018-09-21T10:28:04.264Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--38e7db09-736c-1419-8da2-3163cb9aa112",
"collectionTitle": "OnePlus 3 'fastboot oem selinux permissive' Vulnerability",
"collectionWikiContent": "",
"collectionId": "38e7db09736c14198da23163cb9aa112",
"owner": "",
"tags": [
"vulnerability",
"advisory"
],
"tlp": "",
"created": "2017-01-11T17:41:06.024Z",
"modified": "2018-09-21T10:28:04.264Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--5985d264-56a3-1dd4-d21a-7d6ee065bb1b",
"collectionTitle": "Attacking Nexus 6 & 6P Custom Bootmodes",
"collectionWikiContent": "",
"collectionId": "5985d26456a31dd4d21a7d6ee065bb1b",
"owner": "",
"tags": [
"advisory",
"vulnerability"
],
"tlp": "",
"created": "2017-01-05T17:52:09.282Z",
"modified": "2018-09-21T10:28:04.264Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--683df654-2291-c913-6388-d73f7038c5e5",
"collectionTitle": "Google Android Synaptics Touchscreen Heap Overflows",
"collectionWikiContent": "",
"collectionId": "683df6542291c9136388d73f7038c5e5",
"owner": "",
"tags": [
"advisory",
"vulnerability"
],
"tlp": "",
"created": "2016-12-13T20:50:02.792Z",
"modified": "2018-09-21T10:28:04.264Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--75bc0d26-351c-35b3-75b2-42f848cab507",
"collectionTitle": "GozNym Malware",
"collectionWikiContent": "",
"collectionId": "75bc0d26351c35b375b242f848cab507",
"owner": "",
"tags": [
"advisory",
"goznym",
"malware",
"cybercrime",
"x-force"
],
"tlp": "",
"created": "2016-11-30T08:56:55.183Z",
"modified": "2018-09-21T10:28:04.264Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--e7d49a8b-5beb-9eb1-fa09-080aa4c43aa7",
"collectionTitle": "2016 Shellshock Campaign #2",
"collectionWikiContent": "",
"collectionId": "e7d49a8b5beb9eb1fa09080aa4c43aa7",
"owner": "",
"tags": [
"campaign",
"vulnerability",
"advisory",
"x-force",
"xftas"
],
"tlp": "",
"created": "2016-10-13T13:17:44.222Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--c123bbfb-8ef3-c70a-0cd4-c0172d54b0d0",
"collectionTitle": "Google Nexus 6 f_usbnet Kernel Uninitialized Memory Leak Over USB",
"collectionWikiContent": "",
"collectionId": "c123bbfb8ef3c70a0cd4c0172d54b0d0",
"owner": "",
"tags": [
"vulnerability",
"advisory"
],
"tlp": "",
"created": "2016-10-05T16:08:09.346Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--5db34a05-73b5-0b8d-cc13-0d3bc951b160",
"collectionTitle": "Google Android NVIDIA kernel privilege escalation",
"collectionWikiContent": "",
"collectionId": "5db34a0573b50b8dcc130d3bc951b160",
"owner": "",
"tags": [
"advisory",
"vulnerability"
],
"tlp": "",
"created": "2016-09-20T09:14:34.747Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--33431022-7a10-65ee-7585-b37e4d3be0a3",
"collectionTitle": "Google Nexus 5X Bootloader Unauthorized Memory Dumping via USB",
"collectionWikiContent": "",
"collectionId": "334310227a1065ee7585b37e4d3be0a3",
"owner": "",
"tags": [
"vulnerability",
"advisory"
],
"tlp": "",
"created": "2016-09-01T14:46:55.255Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--aabb53f5-6644-710a-bdb1-47d9a0adb57b",
"collectionTitle": "Remote Code Execution in Xiaomi MIUI Analytics",
"collectionWikiContent": "",
"collectionId": "aabb53f56644710abdb147d9a0adb57b",
"owner": "",
"tags": [
"advisory",
"x-force",
"general"
],
"tlp": "",
"created": "2016-08-28T12:57:10.817Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--d3fc8d88-8c06-95eb-54c1-e439d8af37ca",
"collectionTitle": "ASLR info disclosure vulnerability in ActiveX controls",
"collectionWikiContent": "",
"collectionId": "d3fc8d888c0695eb54c1e439d8af37ca",
"owner": "",
"tags": [
"advisory",
"vulnerability"
],
"tlp": "",
"created": "2016-08-24T13:40:01.647Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--b1fcf13c-63ee-e11c-b351-d24cd0e65314",
"collectionTitle": "Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow vulnerability",
"collectionWikiContent": "",
"collectionId": "b1fcf13c63eee11cb351d24cd0e65314",
"owner": "",
"tags": [
"advisory",
"vulnerability"
],
"tlp": "",
"created": "2016-08-24T13:39:15.490Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--84353152-69d1-8c2e-4bbd-e2967ebcd69e",
"collectionTitle": "GNU glibc getaddrinfo Buffer Overflow CVE-2015-7547",
"collectionWikiContent": "",
"collectionId": "8435315269d18c2e4bbde2967ebcd69e",
"owner": "",
"tags": [
"advisory",
"vulnerability"
],
"tlp": "",
"created": "2016-08-24T13:38:34.971Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--736a7f02-705b-d908-6726-2493dca2a2b7",
"collectionTitle": "Microsoft Windows WinRT PDF Renderer Library PostScript Interpreter Remote Code Execution Vulnerability",
"collectionWikiContent": "",
"collectionId": "736a7f02705bd90867262493dca2a2b7",
"owner": "",
"tags": [
"advisory",
"vulnerability"
],
"tlp": "",
"created": "2016-08-24T13:37:20.789Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--b8964d4d-8617-8fde-4a13-615498b8dc09",
"collectionTitle": "ImageTragick Vulnerability",
"collectionWikiContent": "",
"collectionId": "b8964d4d86178fde4a13615498b8dc09",
"owner": "",
"tags": [
"vulnerability",
"advisory"
],
"tlp": "",
"created": "2016-08-24T13:19:11.656Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--77eebe7b-4eb9-f72e-48c3-09ca03e3d4e9",
"collectionTitle": "Symantec A/V Remote Code Execution Vulnerability (CVE-2016-2208)",
"collectionWikiContent": "",
"collectionId": "77eebe7b4eb9f72e48c309ca03e3d4e9",
"owner": "",
"tags": [
"x-force",
"advisory",
"vulnerability"
],
"tlp": "",
"created": "2016-08-24T13:17:42.667Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--fc653811-1480-b264-d5c8-2cd078401b24",
"collectionTitle": "Java Object Serialization vulnerability",
"collectionWikiContent": "",
"collectionId": "fc6538111480b264d5c82cd078401b24",
"owner": "",
"tags": [
"vulnerability",
"advisory"
],
"tlp": "",
"created": "2016-08-24T13:06:53.740Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--f055e638-c2f8-b57e-3c76-c9e7aaacab7e",
"collectionTitle": "Multiple Symantec A/V Vulnerabiities",
"collectionWikiContent": "",
"collectionId": "f055e638c2f8b57e3c76c9e7aaacab7e",
"owner": "",
"tags": [
"x-force",
"vulnerability",
"advisory"
],
"tlp": "",
"created": "2016-06-30T22:27:55.481Z",
"modified": "2018-09-21T10:28:04.265Z"
},
{
"type": "x-xfe-collection",
"id": "x-xfe-collection--eeede463-ee5c-2b57-402f-c86154411e65",
"collectionTitle": "Marcher Android Bot",
"collectionWikiContent": "",
"collectionId": "eeede463ee5c2b57402fc86154411e65",
"owner": "",
"tags": [
"marcher",
"advisory",
"x-force",
"mobile",
"malware"
],
"tlp": "",
"created": "2016-06-28T08:17:23.650Z",
"modified": "2018-09-21T10:28:04.265Z"
}
]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment