{ "id": "2730136d-f4f2-45af-8f07-469513416649", "created_at": "2026-04-06T00:11:41.881477Z", "updated_at": "2026-04-10T03:36:59.180187Z", "deleted_at": null, "sha1_hash": "9d0b7c12f147dbb3f31268b13dddfb8688be08d9", "title": "Blog | Arctic Wolf", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 2705499, "plain_text": "Blog | Arctic Wolf\r\nPublished: 2026-04-02 · Archived: 2026-04-05 17:53:29 UTC\r\nARCTIC WOLF BLOG\r\nAt RSAC 2026, Arctic Wolf set the agenda for the future of cybersecurity and AI. Throughout the week, we were\r\nat the center of the industry dialogue, shaping how the market is approaching agentic AI in cybersecurity and\r\nsetting clear...\r\nREAD MORE  →\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 1 of 16\n\nApril 2, 2026\r\nApril 2, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 2 of 16\n\nApril 2, 2026\r\nApril 1, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 3 of 16\n\nMarch 31, 2026\r\nMarch 31, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 4 of 16\n\nMarch 27, 2026\r\nMarch 26, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 5 of 16\n\nMarch 25, 2026\r\nMarch 25, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 6 of 16\n\nMarch 24, 2026\r\nMarch 24, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 7 of 16\n\nMarch 23, 2026\r\nMarch 23, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 8 of 16\n\nMarch 23, 2026\r\nMarch 23, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 9 of 16\n\nMarch 19, 2026\r\nMarch 18, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 10 of 16\n\nMarch 17, 2026\r\nMarch 13, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 11 of 16\n\nMarch 13, 2026\r\nMarch 13, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 12 of 16\n\nMarch 12, 2026\r\nMarch 11, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 13 of 16\n\nMarch 6, 2026\r\nMarch 6, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 14 of 16\n\nMarch 2, 2026\r\nMarch 2, 2026\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 15 of 16\n\nMarch 2, 2026\r\nFebruary 28, 2026\r\n⟵ Page1 Page2 Page3 … Page35 ⟶\r\nSource: https://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nhttps://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html\r\nPage 16 of 16", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA", "Malpedia" ], "references": [ "https://threatvector.cylance.com/en_us/home/inside-the-apt28-dll-backdoor-blitz.html" ], "report_names": [ "inside-the-apt28-dll-backdoor-blitz.html" ], "threat_actors": [ { "id": "730dfa6e-572d-473c-9267-ea1597d1a42b", "created_at": "2023-01-06T13:46:38.389985Z", "updated_at": "2026-04-10T02:00:02.954105Z", "deleted_at": null, "main_name": "APT28", "aliases": [ "Pawn Storm", "ATK5", "Fighting Ursa", "Blue Athena", "TA422", "T-APT-12", "APT-C-20", "UAC-0001", "IRON TWILIGHT", "SIG40", "UAC-0028", "Sofacy", "BlueDelta", "Fancy Bear", "GruesomeLarch", "Group 74", "ITG05", "FROZENLAKE", "Forest Blizzard", "FANCY BEAR", "Sednit", "SNAKEMACKEREL", "Tsar Team", "TG-4127", "STRONTIUM", "Grizzly Steppe", "G0007" ], "source_name": "MISPGALAXY:APT28", "tools": [], "source_id": "MISPGALAXY", "reports": null }, { "id": "e3767160-695d-4360-8b2e-d5274db3f7cd", "created_at": "2022-10-25T16:47:55.914348Z", "updated_at": "2026-04-10T02:00:03.610018Z", "deleted_at": null, "main_name": "IRON TWILIGHT", "aliases": [ "APT28 ", "ATK5 ", "Blue Athena ", "BlueDelta ", "FROZENLAKE ", "Fancy Bear ", "Fighting Ursa ", "Forest Blizzard ", "GRAPHITE ", "Group 74 ", "PawnStorm ", "STRONTIUM ", "Sednit ", "Snakemackerel ", "Sofacy ", "TA422 ", "TG-4127 ", "Tsar Team ", "UAC-0001 " ], "source_name": "Secureworks:IRON TWILIGHT", "tools": [ "Downdelph", "EVILTOSS", "SEDUPLOADER", "SHARPFRONT" ], "source_id": "Secureworks", "reports": null }, { "id": "ae320ed7-9a63-42ed-944b-44ada7313495", "created_at": "2022-10-25T15:50:23.671663Z", "updated_at": "2026-04-10T02:00:05.283292Z", "deleted_at": null, "main_name": "APT28", "aliases": [ "APT28", "IRON TWILIGHT", "SNAKEMACKEREL", "Group 74", "Sednit", "Sofacy", "Pawn Storm", "Fancy Bear", "STRONTIUM", "Tsar Team", "Threat Group-4127", "TG-4127", "Forest Blizzard", "FROZENLAKE", "GruesomeLarch" ], "source_name": "MITRE:APT28", "tools": [ "Wevtutil", "certutil", "Forfiles", "DealersChoice", "Mimikatz", "ADVSTORESHELL", "Komplex", "HIDEDRV", "JHUHUGIT", "Koadic", "Winexe", "cipher.exe", "XTunnel", "Drovorub", "CORESHELL", "OLDBAIT", "Downdelph", "XAgentOSX", "USBStealer", "Zebrocy", "reGeorg", "Fysbis", "LoJax" ], "source_id": "MITRE", "reports": null } ], "ts_created_at": 1775434301, "ts_updated_at": 1775792219, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/9d0b7c12f147dbb3f31268b13dddfb8688be08d9.pdf", "text": "https://archive.orkl.eu/9d0b7c12f147dbb3f31268b13dddfb8688be08d9.txt", "img": "https://archive.orkl.eu/9d0b7c12f147dbb3f31268b13dddfb8688be08d9.jpg" } }