ID | Votes | Profile Description |
---|
ID | Type | Votes | Profile Description |
---|---|---|---|
Agent Tesla | Unspecified | 5 | Agent Tesla is a malicious software (malware) that exploits and damages computer systems, often infiltrating the system through suspicious downloads, emails, or websites. This malware can steal personal information, disrupt operations, and potentially hold data for ransom. Agent Tesla has been obser |
Formbook | Unspecified | 3 | Formbook is a type of malware known for its ability to steal personal information, disrupt operations, and potentially hold data for ransom. The malware is commonly spread through suspicious downloads, emails, or websites, often without the user's knowledge. In June 2023, Formbook was observed being |
PowerShower | Unspecified | 2 | PowerShower is a malware variant that emerged as a significant threat due to its ability to exploit and damage computer systems. It was first observed in attacks against European targets in October 2018, where it exploited the CVE-2017-11882 vulnerability. The malware, written in PowerShell, was dow |
Lokibot | Unspecified | 2 | LokiBot is a malicious software, or malware, that was first reported on October 24, 2020. It is designed to exploit and damage computer systems by infiltrating them through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, LokiBot steals personal information |
GuLoader | Unspecified | 2 | GuLoader is a type of malware that infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, it can steal personal information, disrupt operations, or even hold data hostage for ransom. GuLoader is encrypted with NSIS Crypter and has |
POWRUNER | Unspecified | 1 | Powruner is a malicious software (malware) associated with other malware such as POWBAT and BONDUPDATER, and it's utilized by the Advanced Persistent Threat group APT34. The malware is designed to exploit and damage computer systems, often infiltrating via suspicious downloads, emails, or websites. |
BONDUPDATER | Unspecified | 1 | BondUpdater is a malware first discovered by FireEye in mid-November 2017, when APT34 targeted a Middle Eastern governmental organization. This PowerShell-based Trojan is associated with other malicious programs such as POWBAT and POWRUNER. BondUpdater contains basic backdoor functionality that allo |
PlugX | Unspecified | 1 | PlugX is a notorious malware, typically associated with Chinese threat actors, that has been used in various cyberattacks. This malicious software infiltrates systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data for ransom. It |
PoisonIvy | Unspecified | 1 | PoisonIvy is a malicious software (malware) known for its damaging capabilities, including stealing personal information and disrupting system operations. The malware can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it maintai |
Dridex | Unspecified | 1 | Dridex is a well-known malware, specifically a banking Trojan, that has been utilized by cybercriminals to exploit and damage computer systems. The malware infiltrates systems through dubious downloads, emails, or websites, often unbeknownst to the user, and can steal personal information, disrupt o |
Cobalt Strike Beacon | Unspecified | 1 | Cobalt Strike Beacon is a type of malware known for its harmful capabilities, including stealing personal information, disrupting operations, and potentially holding data hostage for ransom. The malware has been loaded by HUI Loader through various files such as mpc.tmp, dlp.ini, vmtools.ini, and an |
Cannon | Unspecified | 1 | The Cannon malware is a sophisticated and harmful program designed to infiltrate computer systems, often through suspicious downloads, emails, or websites. The actor initiates the attack by sending an email to a specific address with a unique system identifier as the subject and a file path for the |
Hailbot | Unspecified | 1 | HailBot is a malicious software variant that emerged in September 2023, based on the Mirai source code. This malware was identified and analyzed by cybersecurity firm NSFOCUS and content delivery network Akamai. It is known to propagate through exploitation of vulnerabilities and weak passwords, wit |
ID | Type | Votes | Profile Description |
---|---|---|---|
LuckyMouse | Unspecified | 1 | LuckyMouse, also known as Budworm, Emissary Panda, and APT27, is a threat actor that has been involved in several high-profile cyber-espionage activities. The group has demonstrated its ability to develop and deploy advanced cyber tools, targeting various operating systems including MacOS, Linux, an |
Cloud Atlas | Unspecified | 1 | Cloud Atlas, a sophisticated threat actor group, has been actively involved in cyber-espionage activities against various nations, primarily targeting Russia and former Soviet Union countries such as Belarus, Kazakhstan, and Azerbaijan. This group employs advanced techniques to evade detection and e |
APT40 | Unspecified | 1 | APT40, a Chinese cyber espionage group suspected to be linked to the People's Republic of China (PRC) Ministry of State Security, has been identified as a significant threat actor. The group typically targets countries strategically important to China's Belt and Road Initiative. Over the years, APT4 |
APT34 | Unspecified | 1 | APT34, also known as OilRig, EUROPIUM, Hazel Sandstorm, and Crambus among other names, is a threat actor believed to be operating on behalf of the Iranian government. Operational since at least 2014, APT34 has been involved in long-term cyber espionage operations primarily focused on reconnaissance |
OceanLotus | Unspecified | 1 | OceanLotus, also known as APT32, is a threat actor suspected to be linked with Vietnam. It primarily targets foreign companies involved in manufacturing, consumer products, consulting, and hospitality sectors that are investing or planning to invest in Vietnam. The group's recent activities indicate |
APT32 | Unspecified | 1 | APT32, also known as OceanLotus Group, APT-C-00, Canvas Cyclone, and Cobalt Kitty, is a threat actor group suspected to originate from Vietnam. Active since at least 2012, this group has targeted foreign companies investing in Vietnam's manufacturing, consumer products, consulting, and hospitality s |
Cobalt Group | Unspecified | 1 | The Cobalt Group is a significant threat actor known for its financially-motivated cybercrime activities. This group, along with the Russian state-sponsored hacking group APT28, was responsible for almost half of all cybersecurity incidents in 2023, according to TechRadar. The Cobalt Group's modus o |
Oceanlotus Group | Unspecified | 1 | The OceanLotus Group, also known as APT32, is a threat actor suspected to originate from Vietnam. This group poses a significant threat to foreign companies investing in Vietnam's manufacturing, consumer products, consulting, and hospitality sectors. The group operates with a typical 9 AM to 6 PM wo |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2018-0802 | Unspecified | 2 | None |
CVE-2017-0199 | Unspecified | 2 | CVE-2017-0199 is a notable software vulnerability, specifically a flaw in the design or implementation of Microsoft Office's Object Linking and Embedding (OLE) feature. This vulnerability has been exploited over the years to spread various notorious malware families. In 2017, it was used to dissemin |
CVE-2018-0798 | Unspecified | 1 | None |
Source | CreatedAt | Title |
---|---|---|
Securityaffairs | 5 days ago | Security Affairs Malware Newsletter - Round 3 |
Securityaffairs | 6 days ago | Security Affairs Malware Newsletter - Round 3 |
Securityaffairs | 12 days ago | Security Affairs Malware Newsletter - Round 2 |
Securityaffairs | 20 days ago | Security Affairs Malware Newsletter - Round 1 |
Securityaffairs | a month ago | Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | a month ago | Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | a month ago | Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION |
Fortinet | 2 months ago | New Agent Tesla Campaign Targeting Spanish-Speaking People | Fortinet Blog |
Securityaffairs | 2 months ago | Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION |
DARKReading | 3 months ago | To Damage OT Systems, Hackers Tap USBs, Old Bugs & Malware |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION |
BankInfoSecurity | 3 months ago | Steganography Campaign Targets Global Enterprises |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 466 by Pierluigi Paganini |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 465 by Pierluigi Paganini |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 464 by Pierluigi Paganini |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 463 by Pierluigi Paganini |
Securityaffairs | 5 months ago | Security Affairs newsletter Round 462 by Pierluigi Paganini |
CERT-EU | 5 months ago | Kaspersky spam and phishing report for 2023 |