ID | Votes | Profile Description |
---|---|---|
DarkComet | 1 | DarkComet is a Remote Access Trojan (RAT) that opens a backdoor on infected computers, allowing unauthorized access and data theft. This malware has been classified among the top five Command and Control (C2) families, indicating its widespread usage by cybercriminals. DarkComet, along with other es |
Brc4 | 1 | Brc4 is a malicious software (malware) associated with Brute Ratel C4, the latest red-teaming and adversarial attack simulation tool available on the market. The malware can infiltrate your system via suspicious downloads, emails, or websites, often without your knowledge. Once inside, it can steal |
ID | Type | Votes | Profile Description |
---|---|---|---|
Black Basta | Unspecified | 5 | Black Basta is a notorious malware entity known for its devastating ransomware attacks. First emerging in June 2022, the group has since been associated with a series of high-profile cyber-attacks worldwide. This malware, like others, infiltrates systems through suspicious downloads, emails, or webs |
QakBot | Unspecified | 5 | Qakbot is a potent malware, a malicious software designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal information, disrupt operations, or e |
PlugX | Unspecified | 2 | PlugX is a notorious malware, typically associated with Chinese threat actors, that has been used in various cyberattacks. This malicious software infiltrates systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data for ransom. It |
Qbot | Unspecified | 2 | Qbot, also known as Qakbot or Pinkslipbot, is a modular information-stealing malware that emerged in 2007 as a banking trojan. Over the years, it has evolved into an advanced malware strain used by multiple cybercriminal groups to compromise networks and prepare them for ransomware attacks. The firs |
Conti | Unspecified | 2 | Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in |
svchost.exe | Unspecified | 1 | Svchost.exe is a malware that exploits and damages computer systems by injecting malicious code into various processes. This harmful program can infiltrate your system through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, di |
Pikabot | Unspecified | 1 | PikaBot is a harmful malware that emerged in 2023, designed to exploit and damage computer systems. It infiltrates systems through dubious downloads, emails, or websites, often undetected by the user. Once inside a system, PikaBot can pilfer personal information, disrupt operations, or even ransom d |
Systembc | Unspecified | 1 | SystemBC is a malicious software (malware) that has been used in various cyber attacks to exploit and damage computer systems. This malware was observed in 2023, being heavily used with BlackBasta and Quicksand. It has been deployed by teams using BlackBasta during their attacks. Play ransomware act |
IcedID | Unspecified | 1 | IcedID is a malicious software (malware) designed to exploit and damage computer systems. It infects systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom |
Bumblebee | Unspecified | 1 | Bumblebee is a type of malware that has been linked to ITG23, a cybercriminal group known for its use of crypters such as Emotet, IcedID, Qakbot, Bumblebee, and Gozi. Distributed via phishing campaigns or compromised websites, Bumblebee enables the delivery and execution of further payloads. The sam |
Havoc Framework | Unspecified | 1 | The Havoc Framework is a potent malware tool, designed for advanced post-exploitation command and control operations. It's been identified as the attacker's tool of choice during the second stage of a recent major cyber attack. This open-source framework is capable of bypassing even the most updated |
Brc4 v1.0.x | Unspecified | 1 | None |
ID | Type | Votes | Profile Description |
---|---|---|---|
The Dukes | Unspecified | 2 | The Dukes, also known as APT29, Cozy Bear, Midnight Blizzard, and several other aliases, is a highly active threat actor group widely believed to be associated with the Russian Foreign Intelligence Service (SVR). The group has been operational since at least 2008, targeting various governments, thin |
Sandworm | Unspecified | 2 | Sandworm, a threat actor linked to Russia, has been implicated in numerous high-profile cyber attacks. This group's activities have primarily targeted Ukraine, compromising the country's critical infrastructure and telecommunications providers. The Sandworm group is known for its fileless attack met |
Alphv | Unspecified | 2 | AlphV, also known as BlackCat, is a notable threat actor in the cybersecurity landscape. This group has been involved in numerous high-profile attacks, including stealing 5TB of data from Morrison Community Hospital and compromising Clarion, a global manufacturer of audio and video equipment for car |
Redhotel | Unspecified | 1 | RedHotel, also known as Aquatic Panda, ControlX, and Bronze University, is a threat actor linked to Chinese state-sponsored cyber groups. It is part of a sophisticated network of espionage operations including RedAlpha, Poison Carp, and i-SOON, which are primarily involved in the theft of telecommun |
Winnti | Unspecified | 1 | Winnti is a sophisticated threat actor group, first identified by Kaspersky in 2013, with activities dating back to at least 2007. The group has been associated with the Chinese nation-state and is part of a collective known as APT41, which also includes subgroups like Wicked Panda, Suckfly, and Bar |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
Securityaffairs | a month ago | Russia-linked APT Nobelium targets French diplomatic entities |
CERT-EU | 5 months ago | ALPHV Blackcat, GCP-Native Attacks, Bandook RAT, NoaBot Miner, Ivanti Secure Vulnerabilities, and More: Hacker’s Playbook Threat Coverage Round-up: February 2024 |
CERT-EU | 5 months ago | US Government Warns Healthcare is Biggest Target for BlackCat Affiliat |
CERT-EU | 5 months ago | CISA, FBI Warn of Continued BlackCat Ransomware Activity | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
CERT-EU | 5 months ago | US healthcare alerted against BlackCat amid targeted attacks | #ransomware | #cybercrime | National Cyber Security Consulting |
CISA | 7 months ago | #StopRansomware: ALPHV Blackcat | CISA |
DARKReading | 7 months ago | Qakbot Sightings Confirm Law Enforcement Takedown Was Only a Setback |
MITRE | 7 months ago | BlackCat ransomware attacks not merely a byproduct of bad luck |
MITRE | 7 months ago | PART 3: How I Met Your Beacon - Brute Ratel - MDSec |
MITRE | 7 months ago | When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors |
MITRE | 7 months ago | Brute Ratel C4 |
MITRE | 7 months ago | Black Basta Ransomware Gang Infiltrates Networks via QAKBOT, Brute Ratel, and Cobalt Strike |
MITRE | 7 months ago | Cracked Brute Ratel C4 framework proliferates across the cybercriminal underground | SANS |
CERT-EU | 10 months ago | Identification and Disruption of QakBot Infrastructure - KizzMyAnthia.com |
Recorded Future | a year ago | From Direct to Distant: The Challenge of Third and Fourth-Party Digital Risk Management |
BankInfoSecurity | a year ago | Cybercrime Tremors: Experts Forecast Qakbot Resurgence |
CISA | a year ago | Identification and Disruption of QakBot Infrastructure | CISA |
Securityaffairs | a year ago | Experts warn of OSS supply chain attacks on the banking sector |
Trend Micro | a year ago | 3 Shifts in the Cyber Threat Landscape |
DARKReading | a year ago | Exfiltrator-22 Post-Exploitation Toolkit Nips At Cobalt Strike's Heels |