ID | Votes | Profile Description |
---|---|---|
Islanddreams | 2 | IslandDreams, also known as APT40, Bronze Mohawk, GreenCrash, Kryptonite Panda, Periscope, and Mudcarp, is a threat actor group that has been linked to China. The group has been associated with a series of malicious activities, including a notable phishing campaign in late August that targeted users |
ID | Type | Votes | Profile Description |
---|---|---|---|
Sandworm | Unspecified | 2 | Sandworm is a threat actor group, believed to be linked to Russia, known for executing actions with malicious intent. The group has been involved in numerous high-profile cybersecurity breaches over the years. In one significant incident, Sandworm compromised 11 Ukrainian telecommunications provider |
APT28 | Unspecified | 2 | APT28, also known as Fancy Bear, Forest Blizzard, and Unit 26165 of the Russian Main Intelligence Directorate, is a threat actor linked to Russia. Active since at least 2007, this group has targeted governments, militaries, and security organizations worldwide. Notably, APT28 was responsible for the |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2021-31207 | Unspecified | 2 | CVE-2021-31207 is a significant software vulnerability that has been exploited by APT40, a group known for rapidly taking advantage of newly public vulnerabilities in widely used software. This particular vulnerability affects Atlassian Confluence and Microsoft Exchange, among other platforms, and a |
CVE-2023-38831 | Unspecified | 2 | CVE-2023-38831 is a critical vulnerability identified in the WinRAR software, with a CVSS score of 7.8, indicating high severity. This flaw in software design or implementation has been exploited to disseminate the LONEPAGE malware through ZIP files using an exploit known as UAC-0099. The vulnerabil |
CVE-2021-26084 | Unspecified | 2 | CVE-2021-26084 is a critical vulnerability related to Atlassian's Confluence software. The flaw in the software design or implementation was first exploited as a zero-day, before its public disclosure in June 2022. It allowed remote attackers to execute code on a Confluence Server via injection atta |
CVE-2021-34523 | Unspecified | 2 | None |
CVE-2021-34473 | Unspecified | 2 | CVE-2021-34473 is a significant software vulnerability that was discovered in Microsoft Exchange Server. This flaw, along with two others (CVE-2021-31207 and CVE-2021-34523), forms a chain of vulnerabilities known as ProxyShell. These vulnerabilities can be exploited together by remote attackers to |
CVE-2021-44228 | Unspecified | 2 | CVE-2021-44228, also known as the Log4Shell vulnerability, is a significant flaw in Apache's Log4j software. Disclosed in December 2021, it quickly became one of the most severe bugs due to its widespread usage and potential for exploitation. Various Advanced Persistent Threat (APT) actors attempted |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | 2 months ago | Chinese Hacker Gang GhostEmperor Re-Emerges After Two Years | |
DARKReading | 2 months ago | Vulnerabilities & Threats recent news | Dark Reading | |
Securityaffairs | 2 months ago | Security Affairs newsletter Round 480 by Pierluigi Paganini – INTERNATIONAL EDITION | |
BankInfoSecurity | 2 months ago | Australia Flags Persistent Chinese Cyberespionage Hacking | |
Securityaffairs | 2 months ago | Cybersecurity agencies warn of China-linked APT40 's capabilities | |
InfoSecurity-magazine | 2 months ago | Ransomware Groups Prioritize Defense Evasion for Data Exfiltration | |
DARKReading | 2 months ago | Chinese Threat Group APT40 Exploits N-Day Vulns at Rapid Pace | |
InfoSecurity-magazine | 2 months ago | Chinese State Actor APT40 Exploits N-Day Vulnerabilities Within Hours | |
CISA | 2 months ago | People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action | CISA | |
CISA | 2 months ago | CISA and Partners join ASD’S ACSC to Release Advisory on PRC State-Sponsored Group, APT 40 | CISA | |
Securityaffairs | 6 months ago | UK, New Zealand against China-linked cyber operations | |
Securityaffairs | 10 months ago | APT29 group exploited WinRAR 0day in attacks against embassies | |
Securityaffairs | 10 months ago | DarkCasino joins the list of APT groups exploiting WinRAR 0day | |
CERT-EU | a year ago | Cyber Security Week in Review: October 20, 2023 | |
CERT-EU | a year ago | Attacks exploiting WinRAR zero-day linked to Russian, Chinese hackers | |
DARKReading | a year ago | Patch Now: APTs Continue to Pummel WinRAR Bug | |
CERT-EU | a year ago | Russian and Chinese nation-state actors target recently patched WinRAR zero-day | |
CERT-EU | a year ago | Government-backed actors exploiting WinRAR vulnerability | |
Securityaffairs | a year ago | Multiple APT groups exploited WinRAR flaw CVE-2023-38831 | |
BankInfoSecurity | a year ago | Nation-State Hackers Exploiting WinRAR, Google Warns |