| ID | Votes | Profile Description |
|---|---|---|
| Black Suit | 1 | Black Suit is a notable piece of malware that emerged as a rebranding of the Royal ransomware. The connection between the two was established through matching binaries. This malicious software, designed to exploit and damage computer systems, has been linked to several cyberattacks. Notably, Black S |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Akira | Unspecified | 3 | Akira is a malicious software, or malware, specifically a type of ransomware known for its disruptive and damaging effects. First surfacing in late 2023, it has continued to wreak havoc on various entities, including corporations and industries. This ransomware infects systems through suspicious dow |
| Lockbit | Unspecified | 3 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
| Karakurt | Unspecified | 2 | Karakurt is a notorious malware and data extortion group, previously affiliated with ITG23, known for its sophisticated tactics, techniques, and procedures (TTPs). The group's operations involve stealing sensitive data from compromised systems and demanding ransoms ranging from $25,000 to a staggeri |
| Conti | Unspecified | 2 | Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in |
| Black Basta | Unspecified | 1 | Black Basta is a notorious malware entity known for its devastating ransomware attacks. First emerging in June 2022, the group has since been associated with a series of high-profile cyber-attacks worldwide. This malware, like others, infiltrates systems through suspicious downloads, emails, or webs |
| Royal Ransomware | Unspecified | 1 | Royal Ransomware is a type of malware that has been causing significant disruptions in various sectors, particularly in the United States. Originating from the now-defunct Conti ransomware operation, Royal Ransomware was notorious for its multi-threaded encryption and ability to kill processes withi |
| Clop | Unspecified | 1 | Clop is a notorious malware, short for malicious software, known for its disruptive and damaging effects on computer systems. It primarily infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Clop can steal personal information, disrupt o |
| NoEscape | Unspecified | 1 | NoEscape is a malicious software that emerged as a rebrand of 'Avaddon,' known for its successful multi-extortion tactics. In October 2023, the French basketball team ASVEL fell victim to a data breach orchestrated by the NoEscape ransomware gang. This incident was part of a broader trend in the las |
| AvosLocker | Unspecified | 1 | AvosLocker is a type of malware, specifically a ransomware, that has been causing significant issues across the digital landscape. Ransomware is a form of malicious software designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without |
| Avaddon | Unspecified | 1 | Avaddon is a type of malware, specifically ransomware, designed to exploit and damage computer systems. It was notable for its compatibility with older systems such as Windows XP and Windows 2003, distinguishing it from other ransomware like Darkside and Babuk which targeted more modern systems like |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Medusa | Unspecified | 1 | Medusa, a threat actor group, has been identified as a rising menace in the cybersecurity landscape, with its ransomware activities escalating significantly. In November 2023, Medusa and other groups like LockBit and ALPHV (BlackCat) exploited a zero-day vulnerability known as Citrix Bleed (CVE-2023 |
| Alphv | Unspecified | 1 | AlphV, also known as BlackCat, is a notable threat actor in the cybersecurity landscape. This group has been involved in numerous high-profile attacks, including stealing 5TB of data from Morrison Community Hospital and compromising Clarion, a global manufacturer of audio and video equipment for car |
| Hive Ransomware | Unspecified | 1 | Hive ransomware, a notorious threat actor, emerged as one of the most prolific groups in 2022, executing a series of cyberattacks with malicious intent. This group was responsible for numerous ransomware attacks, causing significant disruptions and damage across various sectors. However, in January |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| CVE-2021-34523 | Unspecified | 1 | None |
| CVE-2021-31207 | Unspecified | 1 | CVE-2021-31207 is a significant software vulnerability that affects Atlassian Confluence and Microsoft Exchange. It was discovered that Advanced Persistent Threat group APT40 rapidly exploits this flaw, along with other public vulnerabilities in widely used software like Log4J (CVE-2021-44228) and M |
| Lvi | Unspecified | 1 | None |
| Proxyshell | Unspecified | 1 | ProxyShell is a critical vulnerability affecting Microsoft Exchange email servers. Identified as CVE-2021-34473, it is a flaw in software design or implementation that can be exploited by attackers to gain unauthorized access to systems. The vulnerability was actively exploited by threat actors, cau |
| CVE-2021-34473 | Unspecified | 1 | CVE-2021-34473 is a significant software vulnerability that was discovered in Microsoft Exchange Server. This flaw, along with two others (CVE-2021-31207 and CVE-2021-34523), forms a chain of vulnerabilities known as ProxyShell. These vulnerabilities can be exploited together by remote attackers to |
| Source | CreatedAt | Title |
|---|---|---|
| CERT-EU | 4 months ago | Encina Wastewater Authority Cyberattack Claimed By BlackByte |
| Checkpoint | a year ago | 10th July – Threat Intelligence Report - Check Point Research |
| CERT-EU | a year ago | Dallas ransomware recovery nearly completed |
| CERT-EU | a year ago | BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days |
| BankInfoSecurity | a year ago | Breach Roundup: Zenbleed Flaw Exposes AMD Ryzen CPUs |
| CERT-EU | 9 months ago | Microsoft Defender Brings Automated Attack Disruption to Endpoints |
| CERT-EU | 9 months ago | Microsoft Defender for Endpoint now stops human-operated attacks on its own | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware – National Cyber Security Consulting |
| CERT-EU | a year ago | The Top 4 Ransomware Vulnerabilities Putting your Company in Danger - Cybersecurity Insiders |
| CERT-EU | 10 months ago | Microsoft Defender now auto-isolates compromised accounts |
| CERT-EU | a year ago | Russian Ransomware Tasks Rebranded to Keep away from Western Sanctions: Report |
| Malwarebytes | a year ago | Living Off the Land (LOTL) attacks: Detecting ransomware gangs hiding in plain sight |
| CERT-EU | a year ago | Hackers impersonates a cybersecurity firm to lock your PC | Digital Trends |
| InfoSecurity-magazine | a year ago | Cyber-Attacks Targeting Government Agencies Increase 40% |
| CERT-EU | a year ago | Akira and BlackByte ransomware group claim attack on Yamaha Music Canada | IT Security News |
| CERT-EU | a year ago | PC malware statistics, Q2 2022 |
| CERT-EU | a year ago | Ransomware gang Clop prepped zero-day MOVEit attacks in 2021 |
| CERT-EU | a year ago | Lapsus$ hackers convicted of breaching GTA 6, Nvidia, more | Digital Trends |
| CERT-EU | a year ago | Here’s how cybercriminals bypass EDR – and why security teams need a defense-in-depth approach |
| CERT-EU | a year ago | San Francisco 49ers agree to pay out victims of 2022 data breach |
| CERT-EU | 7 months ago | Black Basta Ransomware Free Decryptor Available – Gridinsoft Blogs | #ransomware | #cybercrime | National Cyber Security Consulting |