Sign up
Login
MALWARE
//
THREAT ACTORS
//
VULNERABILITIES
1430
Threat Actor Objects
21487
Documents talking Threat Actor
50
Active Sources
0
Updates so far today
Hot threats you should care about.
CVE-2023-46805
Fudmodule
Alphv
Moobot
Scattered Spider
9 updates this week.
157.1%
ransomware
phishing
alphv
exploit
credentials
malware
cybercrime
extortion
esxi
muddled libra
+133 other associations
Scattered Spider, also known as Octo Tempest, 0ktapus, and UNC3944, is a notorious threat actor group involved in major data extortion campaigns. This cybercriminal group has been associated with high-profile attacks on organizations like Caesars Entertainment and MGM, often in collaboration with th
Lazarus Group
3 updates this week.
300%
apt
malware
exploit
ransomware
backdoor
vulnerability
state-sponso...
andariel
labyrinth ch...
cybercrime
+242 other associations
The Lazarus Group, a notorious threat actor attributed to North Korea, is renowned for its malicious activities aimed at furthering the country's objectives. This group has been implicated in several high-profile cyber-attacks, including an attack in Spain known as Operation DreamJob. The exploitati
Intelbroker
2 updates this week.
60%
source
breachforums
vulnerability
vpn
exploit
jira
credentials
cybercrime
ssh
+30 other associations
IntelBroker is a significant threat actor known for executing high-profile data breaches. The group, which could consist of a single individual or multiple persons, has been responsible for numerous cyberattacks on major corporations and government entities. IntelBroker's activities showcase a broad
Muddled Libra
2 updates this week.
300%
muddled libra
ransomware
phishing
cybercrime
alphv
unc3944
rmm
+25 other associations
Muddled Libra, a threat actor subgroup known for its sophisticated cyber-attack techniques, has recently been noted for its advanced exfiltration and discovery methods using AWS and Azure cloud services. The group has not claimed responsibility for any specific attacks, but their tactics align close
Qilin
2 updates this week.
-%
ransomware
extortion
raas
malware
lockbit
linux
ransom
ransomhub
cybercrime
encryption
+88 other associations
Qilin, a threat actor known for its malicious activities in the cyberspace, has been on the rise with an increase in victim count by 44% reaching 140 in Q3. This group is part of the Octo Tempest group which recently added RansomHub and Qilin ransomware to its arsenal, enhancing its capabilities to
Gamaredon
2 updates this week.
300%
apt
malware
ukraine
russia
litterdrifter
worm
gamaredon gr...
telegram
primitive bear
espionage
+141 other associations
Gamaredon, a Russia-aligned threat actor, has emerged as one of the most active Advanced Persistent Threat (APT) groups in Ukraine, particularly since Russia's 2022 invasion of the country. Composed of regular officers from the Russian Federal Security Service (FSB) and some former law enforcement o
Sandworm
1 updates this week.
100%
malware
apt
caddywiper
wiper
apt28
ukraine
ransomware
state-sponso...
industroyer
vulnerability
+165 other associations
Sandworm, a threat actor linked to Russia, has been identified as the primary cyber attack unit supporting Russian military activities in Ukraine. This group is notorious for its sophisticated and disruptive cyber attacks, including the compromise of 11 Ukrainian telecommunications providers which c
Ephemeral
1 updates this week.
300%
ransomware
encryption
kubernetes
exploit
github
raas
credentials
vulnerability
google
phishing
+35 other associations
Ephemeral is a threat actor, potentially linked to the Splinter and Ephemeral ransomware groups, known for their experience in other ransomware organizations and utilization of the modern Ransomware-as-a-Service (RaaS) ecosystem. The group's malicious activities typically involve the use of Command