ID | Votes | Profile Description |
---|---|---|
Mustang Panda | 6 | Mustang Panda, also known as Bronze President, Nomad Panda, Naikon, Earth Preta, and Stately Taurus, is a Chinese-aligned threat actor that has been associated with widespread attacks against various countries in the Asia-Pacific region. The group's malicious activities were first traced back to Mar |
Stately Taurus | 4 | Stately Taurus, also known as Mustang Panda, Bronze President, Red Delta, LuminousMoth, Earth Preta, and Camaro Dragon, is a potent malware linked to Chinese Advanced Persistent Threat (APT) activities. The first signs of its operation date back to at least 2012, with notable activity traced to Marc |
LuminousMoth | 3 | LuminousMoth is a threat actor with ties to HoneyMyte, as evidenced by their similar targeting and Tactics, Techniques, and Procedures (TTPs). These include the use of DLL side-loading, Cobalt Strike loaders, and Chrome cookie stealers. The malware's operation begins with the execution of "explorer. |
Earth Preta | 1 | Earth Preta, also known as Mustang Panda, Bronze President, TA416, RedDelta, and Stately Taurus, is a prominent threat actor group that has been operational since at least 2012. The group has been highly active in Europe and Asia, employing a variety of tools and malware for their malicious activiti |
Luminous Moth | 1 | None |
BlackTech | 1 | BlackTech is a threat actor, or a group responsible for carrying out malicious cyber activities. Known for its links to China, BlackTech focuses on gathering intelligence from technology and government organizations, predominantly in the Asia-Pacific region. This group has shown a high degree of sop |
ID | Type | Votes | Profile Description |
---|---|---|---|
Raspberry Robin | Unspecified | 2 | Raspberry Robin is a sophisticated malware that has been designed to exploit and damage computer systems. This malicious software infiltrates the system through suspicious downloads, emails, or websites, often unbeknownst to the user. Once embedded, Raspberry Robin can steal personal information, di |
PlugX | Unspecified | 1 | PlugX is a notorious malware, typically associated with Chinese threat actors, that has been used in various cyberattacks. This malicious software infiltrates systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data for ransom. It |
Taurus | Unspecified | 1 | Taurus is a malicious software (malware) that has been associated with multiple cyber threat actors, notably Stately Taurus, Iron Taurus, and Starchy Taurus, all of which have connections to Chinese Advanced Persistent Threats (APTs). The malware is designed to infiltrate systems and steal personal |
ID | Type | Votes | Profile Description |
---|---|---|---|
RedDelta | Unspecified | 4 | RedDelta, also known as Bronze President, is a threat actor that has been conducting cyber-espionage attacks since 2014. It is one of the likely Ministry of State Security (MSS)-linked groups which include APT10, APT17, APT27, APT40, APT41, TAG-22, and RedBravo among others. The organization's activ |
Aqua Blizzard | Unspecified | 2 | Aqua Blizzard, previously known as ACTINIUM, is a significant threat actor originating from Russia. Recently, Microsoft revamped its naming convention for threat groups, transitioning from all-cap names based on atomic elements to a two-name scheme inspired by storm terminology. Aqua Blizzard has be |
Gamaredon | Unspecified | 2 | Gamaredon, a Russian Advanced Persistent Threat (APT) group, has been actively tracked since 2013 and is recognized as a significant threat actor in the cybersecurity landscape. Its primary target is Ukraine, against which it deploys an array of home-brewed malware through malicious documents. The E |
Primitive Bear | Unspecified | 1 | Primitive Bear, also known as Gamaredon, UAC-0010, and Shuckworm, is a threat actor associated with Russia that has been actively targeting Ukraine for over a decade. This group has primarily focused on organizations within government, defense, and critical infrastructure sectors. Since our update i |
APT31 | Unspecified | 1 | APT31, also known as Zirconium, is a threat actor group believed to be sponsored by the Chinese government. This group has been implicated in various cyber espionage activities across the globe. One of their notable exploits includes the cloning and use of an Equation Group exploit, EpMe (CVE-2017-0 |
Stardust Chollima | Unspecified | 1 | Stardust Chollima is a recognized threat actor in the cybersecurity industry, primarily known for its malicious activities aimed at acquiring funds. This group has been linked to various high-profile cyber-attacks and fraudulent activities since 2015. Stardust Chollima has been associated with the f |
APT28 | Unspecified | 1 | APT28, also known as Fancy Bear, is a threat actor linked to Russia and has been involved in numerous cyber espionage campaigns. The group is notorious for its sophisticated tactics, techniques, and procedures (TTPs). Recently, NATO and the EU formally condemned APT28's activities, acknowledging the |
Evasive Panda | Unspecified | 1 | Evasive Panda, a threat actor group also known as Bronze Highland and Daggerfly, has been identified as a significant cybersecurity threat. This group, believed to be aligned with China, has been deploying custom implants such as MgBot, Nightdoor, and a macOS downloader component, using these tools |
TheWizards | Unspecified | 1 | TheWizards is a threat actor, potentially China-aligned, known for conducting adversary-in-the-middle attacks. The group exhibits capabilities similar to other known China-aligned threat actors such as Evasive Panda and Mustang Panda (also known as Camaro Dragon), who have been observed deploying ma |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
InfoSecurity-magazine | 17 days ago | Eldorado Ransomware Strikes Windows and Linux Networks |
InfoSecurity-magazine | 4 months ago | Chinese Hackers Target ASEAN Entities in Espionage Campaign |
Unit42 | 4 months ago | ASEAN Entities in the Spotlight: Chinese APT Group Targeting |
CERT-EU | 5 months ago | 'The Weirdest Trend in Cybersecurity': Nation-States Returning to USBs | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
DARKReading | 5 months ago | 'The Weirdest Trend in Cybersecurity': Nation-States Returning to USBs |
ESET | 6 months ago | NSPX30: A sophisticated AitM-enabled implant evolving since 2005 |
ESET | 6 months ago | NSPX30: A sophisticated AitM-enabled implant evolving since 2005 |
CERT-EU | 8 months ago | How to protect corporate routers and firewalls against hacking |
Unit42 | 8 months ago | Stately Taurus Targets the Philippines As Tensions Flare in the South Pacific |
CERT-EU | 10 months ago | Chinese state-backed hackers accidentally infected a European hospital with malware | #ukscams | #datingscams | #european | #datingscams | #love | #relationships | #scams | #pof | #match.com | #dating | National Cyber Security Consulting |
CERT-EU | 10 months ago | Hackers Are Dropping USB Drives at Watering Holes | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting |
CERT-EU | a year ago | Les dernières cyberattaques détectées | 27 juin 2023 |
CERT-EU | a year ago | Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware – GIXtools |
CERT-EU | a year ago | Leftover Links 02/07/2023: Amazon Antitrust Woes, Windows Security Breaches |
CERT-EU | a year ago | Chinese state-backed hackers accidentally infected a European hospital with malware | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting |
Checkpoint | a year ago | 22nd May – Threat Intelligence Report - Check Point Research |
CERT-EU | a year ago | In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security Tools |
CERT-EU | a year ago | This Week In Security:Camaro Dragon, RowPress, And RepoJacking |
CERT-EU | a year ago | Chinese Hackers Mustang Panda Attacks TP-Link Routers | IT Security News |
CERT-EU | a year ago | Camaro Dragon APT Group Exploits TP-Link Routers With Custom Implant |