Sign up
Login
MALWARE
//
THREAT ACTORS
//
VULNERABILITIES
1433
Threat Actor Objects
22217
Documents talking Threat Actor
50
Active Sources
0
Updates so far today
Hot threats you should care about.
CVE-2023-46805
Fudmodule
Alphv
Moobot
APT29
2 updates this week.
300%
cozy bear
malware
phishing
midnight bli...
apt28
apt
state-sponso...
microsoft
nobelium
proxy
+258 other associations
APT29, also known as Midnight Blizzard and linked to Russia's Foreign Intelligence Service (SVR), is a notorious threat actor that has been implicated in several high-profile cyberattacks. The group has demonstrated sophisticated capabilities, exploiting vulnerabilities such as the WinRAR 0day flaw
Scattered Spider
2 updates this week.
14.29%
ransomware
phishing
shinyhunters
extortion
credentials
malware
exploit
cybercrime
esxi
alphv
+177 other associations
Scattered Spider, also known as Octo Tempest, 0ktapus, and UNC3944, is a notorious threat actor group involved in major data extortion campaigns. This cybercriminal group has been associated with high-profile attacks on organizations like Caesars Entertainment and MGM, often in collaboration with th
MuddyWater
2 updates this week.
166.7%
apt
backdoor
malware
phishing
rmm
mercury
oilrig
spearphishing
temp.zagros
static kitten
+99 other associations
MuddyWater is an Advanced Persistent Threat (APT) actor that first surfaced in 2017, primarily targeting countries in the Middle East, Europe, and the USA. The group uses a range of techniques for its cyber-espionage activities, including PowerShell for execution, HTTP for C2 communications, and mal
HEXANE
1 updates this week.
300%
oilrig
+0 other associations
Hexane is a threat actor originating from the Middle East and Africa (MEA) region, involved in malicious cyber activities with the intent of espionage. The group has been active since at least 2019, showing similarities to other activity groups like MAGNALLIUM and CHRYSENE. Hexane primarily targets
Everest
1 updates this week.
300%
ransomware
extortion
credentials
vulnerability
exploit
defacement
+37 other associations
Everest is a threat actor group known for its malicious activities, including ransomware attacks and unauthorized access to various organizations' networks. This Russian-speaking entity was first observed operating as an initial access broker in November 2021. The group has targeted a broad range of
NoName057
1 updates this week.
300%
ddos
hacktivist
russia
telegram
killnet
+3 other associations
NoName057 is a pro-Russian threat actor or hacking group that has been implicated in several major cyber attacks, particularly distributed denial of service (DDoS) attacks. In August 2023, NoName057 launched significant DDoS attacks against Czech banks and the Czech stock exchange. The hackers deman
Sandworm
1 updates this week.
300%
malware
apt
caddywiper
wiper
apt28
russia
ransomware
state-sponso...
industroyer
ukraine
+168 other associations
Sandworm, a threat actor linked to Russia, has been identified as the primary cyber attack unit supporting Russian military activities in Ukraine. This group is notorious for its sophisticated and disruptive cyber attacks, including the compromise of 11 Ukrainian telecommunications providers which c
Bluebravo
1 updates this week.
300%
graphicalpro...
malware
espionage
apt
phishing
nobelium
apt29
midnight bli...
cozy bear
backdoor
+24 other associations
BlueBravo, a threat actor linked to the Russia-based Advanced Persistent Threat (APT) group APT29, has been identified as a significant cyber threat. Also known by various other names such as SVR Group, Cozy Bear, Nobelium, Midnight Blizzard, and The Dukes, this entity is suspected of conducting sev