| ID | Votes | Profile Description |
|---|---|---|
| Cobra Docguard | 3 | Cobra DocGuard, a software produced by Chinese firm EsafeNet for protecting, encrypting, and decrypting software, has been exploited in a series of malware attacks. The attackers compromised the software's update files to deliver malicious updates that infected targeted systems. The first known inst |
| Chargeweapon | 1 | ChargeWeapon is a malicious software (malware) that exploits compromised web servers to gain unauthorized access and gather sensitive data from infected systems. The malware was first identified on the Cobra DocGuard web server, where it was deployed as a previously unknown Go-based backdoor. This b |
| FALLCHILL | 1 | FALLCHILL is a malicious software (malware) typically introduced into a system as a file dropped by other HIDDEN COBRA malware. It has been linked to the North Korea-associated Lazarus APT group, who notably utilized a MacOS variant of the malware for the first time. The cybersecurity company that r |
| Carbon System | 1 | The Carbon System is a sophisticated malware program, designed to exploit and damage targeted computer systems. It is part of a suite of cyber-espionage tools developed by the Turla attackers, known for their advanced capabilities and stealth. The malware infiltrates unsuspecting systems through sus |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Korplug | Unspecified | 2 | Korplug, also known as PlugX, is a type of malware developed and utilized by the China-aligned Advanced Persistent Threat (APT) group, Mustang Panda. This malicious software is designed to infiltrate computer systems without detection, often through suspicious downloads, emails, or websites. Once in |
| Volgmer | Unspecified | 1 | Volgmer is a backdoor Trojan malware, designed to provide covert access to a compromised system. Developed by the Lazarus Group, it has been used as a conduit for serving backdoors to control infected systems. This malware has been observed in 32-bit form as either executables or dynamic-link librar |
| PlugX | Unspecified | 1 | PlugX is a notorious malware, typically associated with Chinese threat actors, that has been used in various cyberattacks. This malicious software infiltrates systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data for ransom. It |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Carderbee | Unspecified | 3 | Carderbee, a previously unknown Advanced Persistent Threat (APT) group, has been identified as the perpetrator behind a series of supply chain attacks against organizations in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team reported that Carderbee used a malware-infused version |
| Emissary Panda | Unspecified | 2 | Emissary Panda, also known as Iron Tiger, APT27, Budworm, Bronze Union, Lucky Mouse, and Red Phoenix, is a threat actor group associated with malicious cyber activities. The group has been active since at least 2013, targeting various industry verticals across Europe, North and South America, Africa |
| LuckyMouse | Unspecified | 2 | LuckyMouse, also known as Budworm, Emissary Panda, and APT27, is a threat actor that has been involved in several high-profile cyber-espionage activities. The group has demonstrated its ability to develop and deploy advanced cyber tools, targeting various operating systems including MacOS, Linux, an |
| APT27 | Unspecified | 2 | APT27, also known as Iron Taurus, is a Chinese threat actor group that primarily engages in cyber operations with the goal of intellectual property theft. The group targets multiple organizations worldwide, including those in North and South America, Europe, and the Middle East. APT27 utilizes vario |
| HIDDEN COBRA | Unspecified | 2 | Hidden Cobra, also known as the Lazarus Group and Sapphire Sleet, is a North Korean cyberespionage group that has been active since at least 2009. The U.S. Government uses the term Hidden Cobra to refer to malicious cyber activities by the North Korean government, with the BeagleBoyz representing a |
| Turla | Unspecified | 1 | Turla, also known as Pensive Ursa, is a sophisticated threat actor linked to Russia that has been active for many years. The group is known for its advanced cyber-espionage capabilities and has been associated with numerous high-profile breaches. According to the MITRE ATT&CK and MITRE Ingenuity dat |
| Budworm | Unspecified | 1 | Budworm, also known as LuckyMouse or APT 27, is a threat actor that has been associated with various high-profile cyber attacks. This group has been found to utilize tools such as the Korplug backdoor, which is commonly used by multiple Advanced Persistent Threats (APTs) including Budworm and APT41, |
| BRONZE UNION | Unspecified | 1 | Bronze Union, also known as APT27, Emissary Panda, Lucky Mouse, Iron Tiger, and Red Phoenix, is a threat actor with alleged connections to the Chinese government. The group has been observed targeting organizations across Europe, North and South America, Africa, the Middle East, and the Asia-Pacific |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Korplug/plugx | Unspecified | 1 | None |
| Source | CreatedAt | Title |
|---|---|---|
| CERT-EU | 5 months ago | Canada’s anti-money laundering agency hit by a cyber attack | IT World Canada News |
| CERT-EU | 8 months ago | Indian government’s ‘high risk’ warning for Google users, you maybe under attack |
| CERT-EU | 8 months ago | Plan to tighten law on glorifying terrorism ‘could criminalise crowd at Murrayfield’ - Security news - NewsLocker |
| CERT-EU | 9 months ago | No 10 says 40% of trains must always run under news laws to limit impact of strikes – UK politics live - Security news - NewsLocker |
| CERT-EU | 9 months ago | Cabinet minister refuses to back Suella Braverman’s claim homelessness is ‘lifestyle choice’ – UK politics live - Security news - NewsLocker |
| CERT-EU | 9 months ago | Revealed: plan to brand anyone ‘undermining’ UK as extremist - Security news - NewsLocker |
| CERT-EU | 9 months ago | Counter-terror chiefs on alert for Iranian activity in UK exploiting Gaza war - Security news - NewsLocker |
| CERT-EU | 9 months ago | Man jailed for life for attempted murder of US woman stationed at GCHQ - Security news - NewsLocker |
| CERT-EU | 9 months ago | Man, 28, who brought bomb to Leeds hospital was self-radicalised, court told - Security news - NewsLocker |
| CERT-EU | 9 months ago | UK ministers to hold Cobra meeting on terrorism threat from Israel-Hamas conflict - Security news - NewsLocker |
| CERT-EU | 10 months ago | Chinese Hackers Attacking Semiconductor Industries using Cobalt Strike beacon |
| CERT-EU | 10 months ago | Chinese State-Sponsored Cyber Espionage Activity Targeting Semiconductor Industry in East Asia |
| CERT-EU | a year ago | Cyber Security Week in Review: August 25, 2023 |
| CERT-EU | a year ago | Years into these games’ histories, attackers are still creating “Fortnite” and “Roblox”-related scams |
| CERT-EU | a year ago | The Week in Security: WinRAR exploit targets traders, malicious npm packages go after game devs |
| BankInfoSecurity | a year ago | Threat Actor Targets Hong Kong With Korplug Backdoor |
| CERT-EU | a year ago | Novel Carderbee supply chain attack impacts Asian organizations |
| CERT-EU | a year ago | Carderbee Hacking Group Uses Legitimate Software in Supply Chain Attack |
| Securityaffairs | a year ago | Carderbee APT targets Hong Kong orgs via supply chain attacks |
| CERT-EU | a year ago | Carderbee: APT Group use Legit Software in Supply Chain Attack Targeting Orgs in Hong Kong |