Sign up
Login
MALWARE
//
THREAT ACTORS
//
VULNERABILITIES
1430
Threat Actor Objects
21495
Documents talking Threat Actor
50
Active Sources
3
Updates so far today
Hot threats you should care about.
CVE-2023-46805
Fudmodule
Alphv
Moobot
Scattered Spider
6 updates this week.
60%
ransomware
phishing
alphv
exploit
credentials
malware
cybercrime
extortion
esxi
muddled libra
+134 other associations
Scattered Spider, also known as Octo Tempest, 0ktapus, and UNC3944, is a notorious threat actor group involved in major data extortion campaigns. This cybercriminal group has been associated with high-profile attacks on organizations like Caesars Entertainment and MGM, often in collaboration with th
Hunters International
4 updates this week.
220%
hive
ransomware
hive ransomw...
hunters
malware
extortion
raas
source
lockbit
conti
+23 other associations
Hunters International, an active threat actor group since October of the previous year, has been identified as a significant cybersecurity concern. The group has taken over and rebranded the Hive ransomware, despite their disputes about this association. This development followed the disbandment of
Lazarus Group
2 updates this week.
166.7%
apt
malware
exploit
ransomware
backdoor
vulnerability
state-sponso...
andariel
labyrinth ch...
cybercrime
+242 other associations
The Lazarus Group, a notorious threat actor attributed to North Korea, is renowned for its malicious activities aimed at furthering the country's objectives. This group has been implicated in several high-profile cyber-attacks, including an attack in Spain known as Operation DreamJob. The exploitati
Hive Ransomware
2 updates this week.
300%
ransomware
hive
lockbit
ransom
hive ransomw...
alphv
malware
raas
encryption
hunters
+51 other associations
Hive ransomware, a prominent threat actor active in 2022, was known for its widespread malicious activities in numerous countries, including the US. The group's modus operandi involved the use of SharpRhino, which upon execution, established persistence and provided remote access to the attackers, e
Gamaredon
2 updates this week.
300%
apt
malware
ukraine
russia
litterdrifter
worm
gamaredon gr...
telegram
primitive bear
espionage
+141 other associations
Gamaredon, a Russia-aligned threat actor, has emerged as one of the most active Advanced Persistent Threat (APT) groups in Ukraine, particularly since Russia's 2022 invasion of the country. Composed of regular officers from the Russian Federal Security Service (FSB) and some former law enforcement o
Muddled Libra
1 updates this week.
100%
muddled libra
ransomware
phishing
cybercrime
alphv
unc3944
rmm
+25 other associations
Muddled Libra, a threat actor subgroup known for its sophisticated cyber-attack techniques, has recently been noted for its advanced exfiltration and discovery methods using AWS and Azure cloud services. The group has not claimed responsibility for any specific attacks, but their tactics align close
Kimsuky
1 updates this week.
300%
malware
apt
korean
phishing
thallium
apt43
andariel
velvet choll...
reconnaissance
reconshark
+160 other associations
Kimsuky is a threat actor group linked to North Korea, known for its malicious cyber activities with a particular focus on espionage. The group has been observed employing a variety of sophisticated tactics and techniques, including the use of malware such as TOGREASE, GREASE, and RandomQuery, which
Moonstone Sleet
1 updates this week.
300%
ransomware
qilin
+1 other associations
Moonstone Sleet, a state-sponsored threat actor originating from North Korea, has emerged as a significant cybersecurity concern. The group is involved in the publication of malicious npm and other code packages to popular developer repositories, a tactic that's becoming an increasingly common secur