Sign up
Login
MALWARE
//
THREAT ACTORS
//
VULNERABILITIES
1430
Threat Actor Objects
21140
Documents talking Threat Actor
50
Active Sources
2
Updates so far today
Hot threats you should care about.
CVE-2023-46805
Fudmodule
Alphv
Moobot
APT29
4 updates this week.
220%
cozy bear
phishing
midnight bli...
malware
apt
apt28
microsoft
nobelium
proxy
backdoor
+248 other associations
APT29, also known as Midnight Blizzard and linked to Russia's Foreign Intelligence Service (SVR), is a notorious threat actor that has been implicated in several high-profile cyberattacks. The group has demonstrated sophisticated capabilities, exploiting vulnerabilities such as the WinRAR 0day flaw
Cozy Bear
2 updates this week.
166.7%
cozy bear
midnight bli...
phishing
microsoft
nobelium
apt
cloaked ursa
blizzard
the dukes
state-sponso...
+75 other associations
Cozy Bear, also known as APT29 and Midnight Blizzard, is a threat actor believed to be linked to the Russian government. This entity has been behind numerous cyberattacks with malicious intent, targeting various organizations and systems worldwide. The first significant intrusion attributed to Cozy
Lazarus Group
2 updates this week.
100%
apt
malware
exploit
ransomware
backdoor
vulnerability
state-sponso...
andariel
labyrinth ch...
cybercrime
+240 other associations
The Lazarus Group, a notorious threat actor attributed to North Korea, is renowned for its malicious activities aimed at furthering the country's objectives. This group has been implicated in several high-profile cyber-attacks, including an attack in Spain known as Operation DreamJob. The exploitati
Midnight Blizzard
2 updates this week.
100%
midnight bli...
state-sponso...
microsoft
midnight bli...
nobelium
phishing
apt
blizzard
the dukes
russia
+63 other associations
Midnight Blizzard, also known as APT29 or Cozy Bear, is a Russia-linked threat actor associated with the country's Foreign Intelligence Service (SVR). Throughout 2024, the group has been implicated in several high-profile cyber-attacks, targeting global organizations and demonstrating sophisticated
Ransomhub
2 updates this week.
14.29%
ransomware
alphv
ransom
raas
lockbit
malware
akira
windows
medusa
encryption
+131 other associations
RansomHub, a threat actor in the realm of cybersecurity, has emerged as a significant player within the ransomware landscape. The group is known for its malicious activities, including data breaches and extortion attempts. It has been observed that RansomHub affiliates actively participate in campai
Reconnaissance General Bureau
2 updates this week.
166.7%
andariel
ransomware
state-sponso...
korean
apt
lazarus group
jumpy pisces
phishing
exploit
kimsuky
+34 other associations
The Reconnaissance General Bureau (RGB) is a North Korean intelligence agency known for its clandestine operations abroad. Its cyber activities, believed to be coordinated by the secretive organization, have been linked to various threat actors since at least 2014. Notable entities include the Beagl
Muddled Libra
1 updates this week.
300%
scattered sp...
ransomware
phishing
cybercrime
alphv
unc3944
rmm
+25 other associations
Muddled Libra, a threat actor subgroup known for its sophisticated cyber-attack techniques, has recently been noted for its advanced exfiltration and discovery methods using AWS and Azure cloud services. The group has not claimed responsibility for any specific attacks, but their tactics align close
Moonstone Sleet
1 updates this week.
300%
ransomware
qilin
+1 other associations
Moonstone Sleet, a state-sponsored threat actor originating from North Korea, has emerged as a significant cybersecurity concern. The group is involved in the publication of malicious npm and other code packages to popular developer repositories, a tactic that's becoming an increasingly common secur