ID | Votes | Profile Description |
---|---|---|
Conti | 3 | Conti is a notorious malware and ransomware operation that has caused significant damage to computer systems worldwide. The Conti group, believed to have around 200 employees, operated like a regular business, with internal communications revealing the organization's structure and operations. It was |
The Bl00dy Ransomware Gang | 2 | The Bl00dy ransomware gang, a threat actor that began operations in May 2022, is known for its malicious activities, which include exploiting vulnerabilities and using double extortion techniques against targeted organizations. This group has been observed to leverage the ScreenConnect Remote Code E |
ID | Type | Votes | Profile Description |
---|---|---|---|
Black Basta | Unspecified | 5 | Black Basta is a notorious malware group known for its ransomware activities. The group has been active since at least early 2022, during which time it has accumulated an estimated $107 million in Bitcoin ransom payments. It leverages malicious software to infiltrate and exploit computer systems, of |
Lockbit | Unspecified | 5 | LockBit is a malicious software, or malware, that has been notably active and damaging in the cyber world. Known for its ability to infiltrate systems often without detection, it can steal personal information, disrupt operations, and even hold data hostage for ransom. In the first half of 2024, Loc |
Truebot | Unspecified | 2 | Truebot is a highly potent malware used by the threat actor group CL0P, which has been linked to various malicious activities aimed at exploiting and damaging computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once embedded, |
Buhti | Unspecified | 2 | Buhti is a malicious software, or malware, that was first highlighted by Palo Alto Networks Unit 42 in February 2023. It is a Golang ransomware targeting Linux systems. The Buhti ransomware operation was further detailed by Symantec’s Threat Hunter Team in May of the same year. Its payload included |
Hive | Unspecified | 2 | Hive is a malicious software (malware) that has been used by the cybercriminal group, Hunters International, to launch ransomware attacks since October of last year. The group operates as a ransomware-as-a-service (RaaS) provider, spreading Hive rapidly through collaborations with less sophisticated |
Lockbit Black | Unspecified | 2 | LockBit Black, also known as LockBit 3.0, is a sophisticated malware variant that emerged in early 2022. This malicious software encrypts files and disrupts operations on infected devices, often demanding a ransom for the restoration of data. Developed as an iteration of LockBit 2.0 (LockBit Red) re |
ID | Type | Votes | Profile Description |
---|---|---|---|
Blackmatter | Unspecified | 2 | BlackMatter is a recognized threat actor in the cybersecurity industry, notorious for its malicious activities and the execution of ransomware attacks. The group initially operated as DarkSide, responsible for the high-profile Colonial Pipeline attack in May 2021, which led to significant attention |
Hunters International | Unspecified | 2 | Hunters International, a threat actor group allegedly linked to Russia, has emerged as a significant cybersecurity concern. The group, which has been active since October of the previous year, is known for executing malicious actions with intent to cause harm and gain financially. They have recently |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2023-27350 | Unspecified | 4 | CVE-2023-27350 is a significant software vulnerability discovered in PaperCut NG/MF, a popular print management software. This flaw in software design or implementation allows attackers to bypass authentication and execute code with system privileges, posing a serious threat to both server and inter |
CVE-2024-1709 | Unspecified | 3 | CVE-2024-1709 is a critical vulnerability in the ConnectWise ScreenConnect software that allows for an authentication bypass. This flaw can enable a remote non-authenticated attacker to bypass the system's authentication process and gain full access. The issue was identified by Sophos Rapid Response |
CVE-2024-1708 | Unspecified | 2 | CVE-2024-1708 is a high-severity software vulnerability found in ConnectWise's ScreenConnect software, specifically targeting versions 23.9.7 and earlier. The flaw was officially disclosed by ConnectWise on February 19, 2024. This vulnerability, alongside another (CVE-2024-1709), presents significan |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securityaffairs | a month ago | SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6 | |
Securityaffairs | a month ago | security-affairs-malware-newsletter-round-5 | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 3 | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 3 | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 2 | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 1 | |
Securityaffairs | 2 months ago | Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 5 months ago | Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 5 months ago | Security Affairs newsletter Round 466 by Pierluigi Paganini | |
Securityaffairs | 5 months ago | Security Affairs newsletter Round 465 by Pierluigi Paganini | |
Securityaffairs | 5 months ago | Security Affairs newsletter Round 464 by Pierluigi Paganini | |
Securityaffairs | 6 months ago | Security Affairs newsletter Round 463 by Pierluigi Paganini | |
CERT-EU | 6 months ago | GRIT Ransomware Report: February 2024 | #ransomware | #cybercrime | National Cyber Security Consulting | |
Malwarebytes | 6 months ago | Ransomware review: January 2024 | |
CERT-EU | 6 months ago | Alert: FBI Warns Of BlackCat Ransomware Healthcare Attack |