Sign up
Login
MALWARE
//
THREAT ACTORS
//
VULNERABILITIES
1431
Threat Actor Objects
21768
Documents talking Threat Actor
50
Active Sources
9
Updates so far today
Hot threats you should care about.
CVE-2023-46805
Fudmodule
Alphv
Moobot
Salt Typhoon
7 updates this week.
180%
apt
state-sponso...
cisco
ghostemperor
famoussparrow
exploit
chinese
tool
volt typhoon
earth estries
+85 other associations
Salt Typhoon, also known as Earth Estries, FamousSparrow, GhostEmperor, and UNC2286, is a threat actor linked to China's Ministry of State Security. Active since at least 2020, this advanced persistent threat (APT) group has a history of targeting U.S. systems for intelligence gathering, particularl
Scattered Spider
3 updates this week.
-25%
ransomware
phishing
credentials
exploit
extortion
malware
esxi
alphv
cybercrime
ransom
+150 other associations
Scattered Spider, also known as Octo Tempest, 0ktapus, and UNC3944, is a notorious threat actor group involved in major data extortion campaigns. This cybercriminal group has been associated with high-profile attacks on organizations like Caesars Entertainment and MGM, often in collaboration with th
Ghostemperor
3 updates this week.
300%
famoussparrow
ghostemperor
apt
+2 other associations
GhostEmperor, also known as Salt Typhoon and FamousSparrow, is a threat actor that has been active since August 2019. The group is linked to China's Ministry of State Security and is recognized for its sophisticated cyber campaigns primarily targeting high-profile entities in Southeast Asia, includi
APT29
2 updates this week.
300%
cozy bear
malware
phishing
midnight bli...
apt28
apt
state-sponso...
microsoft
nobelium
proxy
+250 other associations
APT29, also known as Midnight Blizzard and linked to Russia's Foreign Intelligence Service (SVR), is a notorious threat actor that has been implicated in several high-profile cyberattacks. The group has demonstrated sophisticated capabilities, exploiting vulnerabilities such as the WinRAR 0day flaw
APT36
2 updates this week.
300%
malware
apt
rat
android
mythic leopard
crimson
windows
implant
sidecopy
transparent ...
+53 other associations
APT36, also known as Transparent Tribe, is a Pakistan-based threat actor that has been persistently targeting Indian government organizations, diplomatic personnel, and military facilities. This group has been involved in several malicious campaigns, with the most recent one being tracked by Cisco T
Shinyhunters
2 updates this week.
-50%
extortion
cybercrime
breachforums
scattered sp...
ransomware
aws
ransom
exploit
salesforce
vishing
+19 other associations
ShinyHunters, a notorious threat actor group, has been involved in several significant data breaches, posing a serious cybersecurity concern for businesses worldwide. The group is known for its malicious activities targeting corporate entities, with the intent of stealing proprietary information. Be
Qilin
2 updates this week.
-%
ransomware
raas
extortion
lockbit
ransomhub
malware
ransom
akira
linux
cybercrime
+96 other associations
Qilin, a threat actor known for its malicious activities in the cyberspace, has been on the rise with an increase in victim count by 44% reaching 140 in Q3. This group is part of the Octo Tempest group which recently added RansomHub and Qilin ransomware to its arsenal, enhancing its capabilities to
Unc5221
2 updates this week.
300%
exploit
malware
zero-day
uta0178
ivanti
backdoor
apt
vpn
vulnerability
mandiant
+44 other associations
UNC5221, a threat actor linked to China, has been identified as the group behind recent cyberattacks involving new malware specifically designed to exploit vulnerabilities in Ivanti Connect Secure VPN and Policy Secure devices. The discovery was made by Mandiant researchers who observed the deployme