Sign up
Login
MALWARE
//
THREAT ACTORS
//
VULNERABILITIES
1431
Threat Actor Objects
21821
Documents talking Threat Actor
50
Active Sources
3
Updates so far today
Hot threats you should care about.
CVE-2023-46805
Fudmodule
Alphv
Moobot
Scattered Spider
3 updates this week.
-7.692%
ransomware
phishing
extortion
credentials
exploit
malware
esxi
alphv
cybercrime
ransom
+152 other associations
Scattered Spider, also known as Octo Tempest, 0ktapus, and UNC3944, is a notorious threat actor group involved in major data extortion campaigns. This cybercriminal group has been associated with high-profile attacks on organizations like Caesars Entertainment and MGM, often in collaboration with th
Shinyhunters
2 updates this week.
-27.27%
cybercrime
breachforums
extortion
scattered sp...
ransomware
google
ransom
exploit
phishing
salesforce
+20 other associations
ShinyHunters, a notorious threat actor group, has been involved in several significant data breaches, posing a serious cybersecurity concern for businesses worldwide. The group is known for its malicious activities targeting corporate entities, with the intent of stealing proprietary information. Be
Wannacryptor
1 updates this week.
300%
wannacry
exploit
eternalblue
malware
WannaCryptor, also known as WannaCry or Wanna Decryptor, is a threat actor that has been active since at least 2009. This group, which is aligned with North Korea, has been responsible for several high-profile cyber incidents. Notable among these are the Sony Pictures Entertainment hack in 2014, cyb
Muddled Libra
1 updates this week.
300%
scattered sp...
cybercrime
phishing
unc3944
ransomware
octo tempest
alphv
rmm
extortion
+35 other associations
Muddled Libra, a threat actor subgroup known for its sophisticated cyber-attack techniques, has recently been noted for its advanced exfiltration and discovery methods using AWS and Azure cloud services. The group has not claimed responsibility for any specific attacks, but their tactics align close
Sandworm
1 updates this week.
300%
malware
apt
caddywiper
wiper
apt28
russia
ransomware
state-sponso...
industroyer
ukraine
+165 other associations
Sandworm, a threat actor linked to Russia, has been identified as the primary cyber attack unit supporting Russian military activities in Ukraine. This group is notorious for its sophisticated and disruptive cyber attacks, including the compromise of 11 Ukrainian telecommunications providers which c
KillNet
1 updates this week.
300%
ddos
russia
telegram
denial-of-se...
denial of se...
killmilk
anonymous su...
ransomware
sudan
hacktivist
+90 other associations
Killnet is a threat actor or group with potential ties to the Russian government, known for its disruptive cyber-attacks. This group has been linked to several politically motivated attacks, including a significant assault on the Israeli government's website leading to its paralysis. Killnet has als
Kimsuky
1 updates this week.
100%
malware
apt
korean
phishing
thallium
apt43
andariel
velvet choll...
reconnaissance
reconshark
+160 other associations
Kimsuky is a threat actor group linked to North Korea, known for its malicious cyber activities with a particular focus on espionage. The group has been observed employing a variety of sophisticated tactics and techniques, including the use of malware such as TOGREASE, GREASE, and RandomQuery, which
APT41
1 updates this week.
300%
malware
backdoor
apt
winnti
shadowpad
barium
state-sponso...
espionage
zxshell
lancefly
+156 other associations
APT41, also known as Winnti, is a threat actor suspected to be originating from China, with its activities dating back to as early as 2012. It has targeted organizations in at least 14 countries and has been associated with the use of at least 46 different code families and tools. The group's activi