| ID | Votes | Profile Description |
|---|---|---|
| Tropical Scorpius | 3 | Tropical Scorpius is a notorious malware, first identified in late 2020, associated with the Cuba ransomware gang. This malicious software has been linked to multiple cybercriminal activities, including disrupting operations, stealing personal information, and holding data hostage for ransom. The ma |
| Void Rabisu | 2 | Void Rabisu, also known as Storm-0978, UNC2596, and Tropical Scorpius, is a malicious software (malware) notable for its use of the ROMCOM backdoor. This malware has been involved in numerous attacks, including those targeting attendees of the Women Political Leaders Summit (WPL Summit) in 2023. In |
| Colddraw | 1 | Colddraw, also known as Cuba and Fidel ransomware, first emerged on the cybersecurity threat landscape in 2019. This malicious software has been strategically targeting a moderate pool of victims over the years, marking encrypted files for the ransomware's and its decryptor's identification. The mal |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Cuba | Unspecified | 4 | The Cuba ransomware, a malicious software active since 2019, has been linked to a series of escalating attacks on US entities and European leaders. The criminal group behind the malware, known by various aliases such as Void Rabisu, UNC2596, Tropical Scorpius, and Storm-0978, has recently targeted w |
| RomCom | Unspecified | 3 | RomCom is a type of malware, specifically a Remote Access Trojan (RAT), that has been linked to several cyber-attacks across Europe and North America. It was first identified in spring 2022, when third-party and open-source reports highlighted a potential connection between Cuba ransomware actors, R |
| Romcom Rat | Unspecified | 3 | RomCom RAT, a type of malware, has been linked to Cuba ransomware and Industrial Spy ransomware actors since spring 2022. These malicious actors have been observed deploying the RomCom RAT and Meterpreter Reverse Shell HTTP/HTTPS proxy via a Command and Control (C2) server before initiating their ra |
| AvosLocker | Unspecified | 2 | AvosLocker is a type of malware, specifically a ransomware, that has been causing significant issues across the digital landscape. Ransomware is a form of malicious software designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without |
| Lockbit | Unspecified | 1 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
| Lv Ransomware | Unspecified | 1 | LV Ransomware is a type of malicious software designed to exploit and damage computer systems, often infiltrating systems through suspicious downloads, emails, or websites. This ransomware variant, also known as ".0nzo8yk Virus," was first identified in the wild in June 2020 and is a modified versio |
| Hancitor | Unspecified | 1 | Hancitor is a malicious software (malware) known for its ability to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once it gains access, Hancitor can steal personal information, disrupt operations, or e |
| Cobalt Strike Beacon | Unspecified | 1 | Cobalt Strike Beacon is a type of malware known for its harmful capabilities, including stealing personal information, disrupting operations, and potentially holding data hostage for ransom. The malware has been loaded by HUI Loader through various files such as mpc.tmp, dlp.ini, vmtools.ini, and an |
| Romcom Backdoor | Unspecified | 1 | The RomCom backdoor, a malicious software, is primarily used by the threat actor Void Rabisu, also known as Tropical Scorpius or Storm-0978. This malware has been associated with Cuba ransomware and has been notably deployed in cyberespionage activities, shifting away from opportunistic ransomware a |
| Romcom Remote Access Trojan | Unspecified | 1 | The RomCom Remote Access Trojan (RAT) is a type of malware that has gained significant attention in the cybersecurity landscape this year. This malicious software, designed to exploit and damage computer systems, can infiltrate systems via suspicious downloads, emails, or websites, often unbeknownst |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Lapsus | Unspecified | 1 | Lapsus is a significant threat actor that has been active since its inception in early 2022. The group gained notoriety for its cyberattacks, including a high-profile breach of Nvidia, an American multinational technology company, in the same year. This attack led to the leak of thousands of passwor |
| Unc2596 | Unspecified | 1 | UNC2596, also known as Void Rabisu, Tropical Scorpius, and Storm-0978, is a hybrid threat actor involved in both financially motivated and espionage attacks. This group has been refining its tactics and techniques, utilizing backdoor attacks that have targeted various high-profile events, including |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Zerologon | Unspecified | 2 | Zerologon is a critical vulnerability (CVE-2020-1472) found within Microsoft's Netlogon Remote Protocol, impacting all versions of Windows Server OS from 2008 onwards. This flaw in software design or implementation allows attackers to bypass authentication mechanisms and change computer passwords wi |
| CVE-2023-27532 | Unspecified | 1 | CVE-2023-27532 is a high-severity vulnerability discovered in Veeam's Backup & Replication software. This flaw, disclosed in March 2023, can be exploited to breach backup infrastructure hosts. Despite its serious implications, it was not added to the Known Exploited Vulnerabilities (KEV) list until |
| CVE-2023-36884 | Unspecified | 1 | CVE-2023-36884 is a significant software vulnerability discovered in Microsoft Windows, Server, Office, and Outlook. It is a flaw in the software design or implementation that allows for remote code execution (RCE), specifically in the Windows Search security feature. This vulnerability was being ac |
| CVE-2020-1472 | Unspecified | 1 | CVE-2020-1472, also known as the ZeroLogon vulnerability, is a critical-severity privilege escalation flaw in Microsoft's Netlogon Remote Protocol. It was patched by Microsoft on August 11, 2020. This vulnerability allows attackers to gain administrative access to a Windows domain controller without |
| Source | CreatedAt | Title |
|---|---|---|
| BankInfoSecurity | 6 months ago | Feds Warn Healthcare Sector of ScreenConnect Threats |
| CERT-EU | 8 months ago | Municipalities Face a Constant Battle as Ransomware Snowballs | #ransomware | #cybercrime | National Cyber Security Consulting |
| DARKReading | 8 months ago | Municipalities Face a Constant Battle as Ransomware Snowballs |
| CERT-EU | 8 months ago | Cybersecurity attack steals Rock County Human Services info | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
| Securelist | 8 months ago | Kaspersky malware report for Q3 2023 |
| CERT-EU | 8 months ago | Orgs still losing logs, powerless to speedy ransomware |
| CERT-EU | 9 months ago | Veeam แจ้งเตือนช่องโหว่ระดับ critical บน Veeam ONE Monitoring Platform - Bangkok, Thailand | i-secure Co, Ltd. |
| CERT-EU | 9 months ago | Veeam warns of critical bugs in Veeam ONE monitoring platform |
| BankInfoSecurity | 9 months ago | Women Political Leaders Targeted With RomCom RAT Variant |
| CERT-EU | 9 months ago | RomCom Malware Group Targets EU Gender Equality Summit |
| InfoSecurity-magazine | 9 months ago | New RomCom Backdoor Targets Female Political Leaders |
| CERT-EU | 9 months ago | Women Political Leaders Summit targeted in RomCom malware phishing |
| CERT-EU | 9 months ago | New PEAPOD Cyberattack Campaign Targeting Women Political Leaders |
| CERT-EU | a year ago | Russia-Linked RomCom Hackers Targeting NATO Summit Guests |
| CERT-EU | a year ago | It's 2023 and Sri Lanka lacks a cyber security authority |
| Securelist | a year ago | Overview of ransomware trends in 2023 |
| CERT-EU | a year ago | Microsoft Releases Patches for 132 Vulnerabilities, Including 6 Under Active Attack |
| Checkpoint | 10 months ago | 9th October – Threat Intelligence Report - Check Point Research |
| CERT-EU | 10 months ago | Kaspersky provides update on Cuba ransomware gang | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
| CERT-EU | 10 months ago | Cuba ransomware attack hits Wisconsin county's health department |