Advanced Persistent Threat

0001-01-01

An Advanced Persistent Threat (APT) is a sophisticated and sustained cyberattack in which an intruder dwells within a computer system for a sustained period of time, carrying out malicious actions.

APTs are often attributed to state-sponsored intelligence services and organized crime.

Links to this note

attribution-steffens2020
Linux Persistence: Processes
Main Index
toroiseandthemalwahare-pwc2023
dumpinglsasslikeits2019-reid2024
linenoise-phrack71-2024
unveiling wolfsbane-sperka2024
hackingteamwriteup-fisher2016
borges2021
sshbackdors-dumont2018
linuxapts-great2020
falseflags-kaspersky2017
turlasat-kaspersky2015
Venomous Bear
securelist-penquins_moonlit_maze2017
APT groups focusing on Linux due to improvements in email filtering and Windows EDR
APT28
Barium
ComRAT
Darknet Diaries
Diicot
Equation Group
Evasive Panda
FIN7
Gelsemium
Main Index - A
Microsoft ATA
SeaTurtle
SecureList
The Lamberts
Turla
WolfsBane Hider rootkit

Advanced Persistent Threat

0001-01-01

Links to this note

Recent Posts

Linux Persistence: Modular Software

2025-04-17 DFIR CTF persistence linux persistence apache asterisk

Linux Persistence: Web Shells

2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP

Linux Persistence: Rootkits

2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking

Linux Persistence: Processes

2025-04-11 DFIR persistence processes linux persistence processes

Defanging Linux LKM Rootkits With cleanup_module()

2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit