ID | Votes | Profile Description |
---|---|---|
Winnti | 2 | Winnti is a sophisticated threat actor group, first identified by Kaspersky in 2013, with activities dating back to at least 2007. The group has been associated with the Chinese nation-state and is part of a collective known as APT41, which also includes subgroups like Wicked Panda, Suckfly, and Bar |
Deputy Dog | 1 | Deputy Dog is a threat actor group that conducts network intrusions against targeted organizations, with a suspected attribution to China. The group is also known as Tailgator Team or APT17 and has primarily targeted the U.S. government, international law firms, and information technology companies. |
GREF | 1 | GREF, a China-aligned Advanced Persistent Threat (APT) group, has been identified as the orchestrator of two active Android malware campaigns. The campaigns have been distributing a malicious software called BadBazaar via two applications, Signal Plus Messenger and FlyGram, through the Google Play s |
Operation Aurora | 1 | Operation Aurora, also known as APT17, is a notorious malware operation that began in 2009 and is considered one of the most sophisticated cyberattacks ever conducted. It specializes in supply chain attacks, which are attempts to damage an organization by targeting less-secure elements in its supply |
ID | Type | Votes | Profile Description |
---|---|---|---|
ZxShell | has used | 2 | ZXShell is a malicious software (malware) that has been used by various cyber threat actors to exploit and damage computer systems. It is known to be associated with other malware such as PANDORA, SOGU, GHOST, WIDEBERTH, QUICKPULSE, FLOWERPOT, QIAC, Gh0st, Poison Ivy, BEACON, HOMEUNIX, STEW, among o |
Aurora | Unspecified | 1 | Aurora is a type of malware designed to exploit and damage computer systems, often through suspicious downloads, emails, or websites. It has been used in a series of high-profile cyber-attacks over the years, with notable instances such as Operation Aurora in 2009, which targeted major technology co |
Merdoor | Unspecified | 1 | Merdoor is a powerful malware that has been in existence since 2018, according to Symantec. This backdoor is capable of installing itself as a service, keylogging, listening on local ports for commands, and communicating with its command and control (C&C) server using various methods such as HTTP, H |
ID | Type | Votes | Profile Description |
---|---|---|---|
Lancefly | Unspecified | 1 | Lancefly, a threat actor potentially associated with China, has been identified as the group behind an ongoing cyberespionage campaign targeting organizations in South and Southeast Asia. The targets include government bodies, aviation companies, educational institutions, and telecommunication secto |
APT41 | Unspecified | 1 | APT41, also known as Winnti, Wicked Panda, and Wicked Spider, is a sophisticated threat actor attributed to China. This group has been active since at least 2012, targeting organizations across 14 countries. The group is known for its extensive use of various code families and tools, with at least 4 |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2015-5119 | Targets | 2 | CVE-2015-5119 is a software vulnerability, specifically a flaw in the design or implementation of Adobe Flash. This vulnerability was discovered as part of the Hacking Team data breach that took place in 2015. In this leak, internal data of the Italian cybersecurity firm Hacking Team was exposed, in |
Source | CreatedAt | Title |
---|---|---|
CERT-EU | 9 months ago | Burning Umbrella: An Intelligence Report on the Winnti Umbrella and Associated State-Sponsored Attackers |
MITRE | a year ago | Suspected Chinese Cyber Espionage Group (TEMP.Periscope) Targeting U.S. Engineering and Maritime Industries | Mandiant |
CERT-EU | a year ago | Researchers Identify Second Developer of ‘Golden Chickens’ Malware |
CERT-EU | a year ago | Шпионский код под Windows-системы госструктур и авиакомпаний оставался незамеченным пять лет |
MITRE | a year ago | Chinese State-Sponsored Activity Group TAG-22 Targets Nepal, the Philippines, and Taiwan |
MITRE | a year ago | Advanced Persistent Threats (APTs) | Threat Actors & Groups |
MITRE | a year ago | Operation Aurora: Supply Chain Attack Through CCleaner - Intezer |
CERT-EU | a year ago | Lancefly APT Hackers Using Custom Backdoor to Attack Government Orgs |
CERT-EU | a year ago | Sophisticated Merdoor backdoor long used in Lancefly APT attacks |