Sign up
Login
MALWARE
//
THREAT ACTORS
//
VULNERABILITIES
1430
Threat Actor Objects
20967
Documents talking Threat Actor
50
Active Sources
1
Updates so far today
Hot threats you should care about.
CVE-2023-46805
Fudmodule
Alphv
Moobot
Evil Corp
3 updates this week.
300%
lockbit
ransomware
cybercrime
raspberry ro...
dridex
malware
russia
ta505
socgholish
ransom
+76 other associations
Evil Corp, a threat actor based in Russia, has been identified as a significant cybersecurity threat due to its involvement in various malicious activities, including the deployment of Dridex malware. The group is led by Maksim Yakubets and has been sanctioned by the Treasury Department for its cybe
Salt Typhoon
2 updates this week.
100%
apt
state-sponso...
ghostemperor
volt typhoon
government
cisco
chinese
china
earth estries
malware
+45 other associations
Salt Typhoon, also known as Earth Estries, FamousSparrow, GhostEmperor, and UNC2286, is a threat actor linked to China's Ministry of State Security. Active since at least 2020, this advanced persistent threat (APT) group has a history of targeting U.S. systems for intelligence gathering, particularl
Ransomhub
2 updates this week.
60%
ransomware
alphv
ransom
raas
lockbit
windows
extortion
malware
encryption
akira
+124 other associations
RansomHub, a threat actor in the realm of cybersecurity, has emerged as a significant player within the ransomware landscape. The group is known for its malicious activities, including data breaches and extortion attempts. It has been observed that RansomHub affiliates actively participate in campai
Earth Lusca
2 updates this week.
300%
malware
sprysocks
backdoor
linux
lateral move...
espionage
web shell
i-soon
chinese
winnti
+49 other associations
Earth Lusca, a threat actor believed to be part of the China-backed Winnti collective, has been active since at least 2019 and is known for its cyber-espionage activities. The group primarily targets government organizations in Asia, Latin America, and other regions. Recently, it has expanded its ar
Earth Preta
1 updates this week.
300%
mustang panda
malware
stately taurus
phishing
camaro dragon
backdoor
doplugs
+14 other associations
Earth Preta, also known as Mustang Panda or Stately Taurus, is a high-profile threat actor group that has been actively executing cyberattacks with malicious intent. Their activities have been particularly prevalent in the Asia Pacific (APAC) region and Europe. The group employs a variety of tools a
Aquatic Panda
1 updates this week.
300%
+9 other associations
Aquatic Panda, also known as Budworm, Charcoal Typhoon, ControlX, RedHotel, and Bronze University, is a significant threat actor suspected of state-backed cyber espionage activities. This group has been particularly active in the recent quarter, ranking amongst the top geopolitical groups targeting
Blind Eagle
1 updates this week.
33.33%
apt
phishing
malware
exploit
vulnerability
remcos
+16 other associations
Blind Eagle, also known as APT-C-36, is a suspected South American Advanced Persistent Threat (APT) group that has been active since April 2018. The group has continuously targeted Colombian government institutions and important corporations in various sectors including finance, petroleum, and profe
Blackmatter
1 updates this week.
300%
ransomware
lockbit
darkside
alphv
revil
lockbit black
conti
hive
cybercrime
fin7
+54 other associations
BlackMatter, a threat actor in the cybersecurity realm, is known for its malicious activities and has been linked to several ransomware strains. The group emerged as a successor to the DarkSide ransomware, which was responsible for the high-profile attack on the Colonial Pipeline in May 2021. Howeve