Sign up
Login
MALWARE
//
THREAT ACTORS
//
VULNERABILITIES
1428
Threat Actor Objects
20694
Documents talking Threat Actor
50
Active Sources
0
Updates so far today
Hot threats you should care about.
CVE-2023-46805
Fudmodule
Alphv
Moobot
Salt Typhoon
4 updates this week.
60%
ghostemperor
government
volt typhoon
state-sponso...
apt
vulnerability
chinese
china
exploit
famoussparrow
+18 other associations
Salt Typhoon, a China-linked Advanced Persistent Threat (APT) group also known as FamousSparrow and GhostEmperor, has been active since at least 2020. The group has conducted cyber-espionage campaigns targeting governments, the tech industry, and most notably, U.S. internet service providers (ISPs).
Gaza Cybergang
2 updates this week.
300%
molerats
sysjoker
malware
operation el...
wirte
operation el...
hamas
rust
+8 other associations
Gaza Cybergang, a threat actor group affiliated with Hamas, has been active since at least 2012, targeting entities in the Middle East and North Africa. The group's activities primarily involve intelligence collection and espionage campaigns against Palestinian and Israeli victims. Researchers have
Ironwind
2 updates this week.
300%
malware
ta402
apt
loader
downloader
+1 other associations
IronWind is a threat actor that has been active since at least October 2023, known for its use of sophisticated malware and encryption techniques to carry out cyber attacks. This group uses a unique variant of the IronWind loader as an infection vector, which enables communication with command and c
Siegedsec
2 updates this week.
300%
telegram
hacktivist
denial of se...
atlassian
ghostsec
anonymous su...
israeli
ics
israel
ransomware
+15 other associations
SiegedSec, a threat actor group with both hacktivist and crimeware tendencies, has been involved in several significant cyberattacks. As part of an alliance known as The Five Families, which includes another prominent hacktivist group, GhostSec, SiegedSec has targeted various entities around the glo
Molerats
2 updates this week.
300%
molerats
phishing
hamas
ta402
apt
malware
sysjoker
backdoor
+31 other associations
Molerats, also known as the Gaza Cybergang Group1, is a threat actor group historically associated with Hamas. The group has been tracked for over a decade under various names including Frankenstein and WIRTE, among others. Molerats, along with five other groups including APT 35 and Moses Staff, are
WIRTE
2 updates this week.
300%
apt
phishing
ta402
wirte
malware
samecoin
hamas
+10 other associations
WIRTE is a threat actor that has been identified as part of several overlapping groups, including TA402, Molerats, and Frankenstein. In mid-2023, Proofpoint researchers first noticed WIRTE's activity within TA402, which targeted Middle Eastern governments using an intricate infection chain and a new
Volt Typhoon
2 updates this week.
-11.11%
malware
state-sponso...
botnet
apt
zero-day
exploit
bronze silho...
proxy
lotl
cisa
+173 other associations
Volt Typhoon, a cyberespionage cluster sponsored by China, has emerged as a significant threat actor in the cybersecurity landscape. Known for its strong operational security and obfuscation of malware, Volt Typhoon is both a resilient botnet and a warning signal of potential critical infrastructure
TA402
2 updates this week.
300%
malware
ta402
ta402
espionage
dropbox
frankenstein
ta402
+10 other associations
TA402, also known as Molerats, Gaza Cybergang, Frankenstein, and WIRTE, is a threat actor that has been tracked by cybersecurity researchers for over a decade. This group, associated with pro-Palestinian interests, is known for its innovative and persistent cyber espionage activities, frequently ret