Alias Description | Votes |
---|---|
Conti is a possible alias for Bl00dy. Conti is a type of malware, specifically ransomware, which is designed to infiltrate and damage computer systems. This malicious software can enter systems through various methods such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal persona | 3 |
The Bl00dy Ransomware Gang is a possible alias for Bl00dy. The Bl00dy ransomware gang, a threat actor that began operations in May 2022, is known for its malicious activities, which include exploiting vulnerabilities and using double extortion techniques against targeted organizations. This group has been observed to leverage the ScreenConnect Remote Code E | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Black Basta Malware is associated with Bl00dy. Black Basta is a notorious malware group known for its sophisticated ransomware attacks, which have targeted numerous high-profile entities. The group has demonstrated a remarkable ability to adapt their tactics, techniques, and procedures (TTPs), allowing them to effectively evade security defenses | Unspecified | 5 |
The Lockbit Malware is associated with Bl00dy. LockBit is a prominent ransomware-as-a-service (RaaS) malware that has been involved in numerous cyberattacks, demonstrating its staying power and adaptability. The malware, which can infiltrate systems through suspicious downloads, emails, or websites, is designed to exploit and damage computers or | Unspecified | 5 |
The Truebot Malware is associated with Bl00dy. Truebot is a malicious software (malware) utilized by the CL0P actors, designed to exploit and damage computer systems. This malware can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Truebot serves multiple purposes: it can dow | Unspecified | 2 |
The Buhti Malware is associated with Bl00dy. Buhti is a malicious software, or malware, that was first highlighted by Palo Alto Networks Unit 42 in February 2023. It is a Golang ransomware targeting Linux systems. The Buhti ransomware operation was further detailed by Symantec’s Threat Hunter Team in May of the same year. Its payload included | Unspecified | 2 |
The Hive Malware is associated with Bl00dy. Hive is a form of malware, specifically ransomware, designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Hive can steal personal information, disrupt operations, or hold data hostag | Unspecified | 2 |
The Lockbit Black Malware is associated with Bl00dy. LockBit Black, also known as LockBit 3.0, is a malicious software that emerged in early 2022 following the release of its predecessor, LockBit 2.0 (or LockBit Red) in mid-2021. The malware has been developed to exploit and damage computer systems by encrypting files, often leading to ransom demands | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Blackmatter Threat Actor is associated with Bl00dy. BlackMatter, a threat actor in the cybersecurity realm, is known for its malicious activities and has been linked to several ransomware strains. The group emerged as a successor to the DarkSide ransomware, which was responsible for the high-profile attack on the Colonial Pipeline in May 2021. Howeve | Unspecified | 2 |
The Hunters International Threat Actor is associated with Bl00dy. Hunters International, an active threat actor group since October of the previous year, has been identified as a significant cybersecurity concern. The group has taken over and rebranded the Hive ransomware, despite their disputes about this association. This development followed the disbandment of | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2023-27350 Vulnerability is associated with Bl00dy. CVE-2023-27350 represents a significant software vulnerability in PaperCut MF/NG, identified as an improper access control flaw. This weakness allows attackers to bypass authentication processes, providing them with the ability to execute code with system privileges. The vulnerability was first upda | Unspecified | 4 |
The CVE-2024-1709 Vulnerability is associated with Bl00dy. CVE-2024-1709 is a critical vulnerability in the ConnectWise ScreenConnect software that allows for an authentication bypass. This flaw can enable a remote non-authenticated attacker to bypass the system's authentication process and gain full access. The issue was identified by Sophos Rapid Response | Unspecified | 3 |
The CVE-2024-1708 Vulnerability is associated with Bl00dy. CVE-2024-1708 is a high-severity path traversal vulnerability that was discovered in ConnectWise's ScreenConnect software. This flaw, which affects versions 23.9.7 and earlier, allows a remote privileged user to read arbitrary files on the system using a specially crafted HTTP request. ConnectWise d | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securityaffairs | 4 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 7 months ago | ||
Securityaffairs | 8 months ago | ||
Securityaffairs | 8 months ago | ||
Securityaffairs | 8 months ago | ||
Securityaffairs | 8 months ago | ||
Securityaffairs | 9 months ago | ||
Securityaffairs | 9 months ago | ||
Securityaffairs | 9 months ago | ||
CERT-EU | 9 months ago | ||
Malwarebytes | 9 months ago | ||
CERT-EU | 9 months ago |