Alias Description | Association Type | Votes |
---|---|---|
The KONNI Malware is associated with CVE-2023-38831. Konni is a malicious software (malware) linked to North Korea, specifically associated with the state-sponsored Kimsuky group. This advanced persistent threat (APT) has been active since at least 2021, focusing on high-profile targets such as the Russian Ministry of Foreign Affairs, the Russian Emba | Unspecified | 3 |
The Lonepage Malware is associated with CVE-2023-38831. Lonepage is a malicious software (malware) that has been actively utilized by the threat actor UAC-0099 since mid-2022 to compromise Ukrainian entities. This malware, along with others like Clogflag, Seaglow, and Overjam, is used to spy on victims and steal data. The operation employs phishing messa | Targets | 2 |
The Phantomdl Malware is associated with CVE-2023-38831. PhantomDL is a malicious software (malware) associated with the cybercriminal group known as Head Mare, which has been linked to targeted attacks on Russian organizations. This custom-made malware, along with PhantomCore, exploits a relatively new vulnerability, CVE-2023-38831, in phishing campaigns | Unspecified | 2 |
The EVILNUM Malware is associated with CVE-2023-38831. Evilnum is a form of malware, first observed and reported in 2018, that is designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge, and can steal personal information, disrupt operations, or even ho | Unspecified | 2 |
The Phantomcore Malware is associated with CVE-2023-38831. PhantomCore is a sophisticated malware, which is part of a suite of custom-made malicious software that includes PhantomDL. This malware has been used in targeted phishing campaigns to infiltrate victim infrastructure by exploiting a relatively new vulnerability, CVE-2023-38831. Once executed, the m | Unspecified | 2 |
The Bumblebee Malware is associated with CVE-2023-38831. Bumblebee is a type of malware that has been linked to ITG23, a cyber threat group. Over the past year, it has been used in conjunction with other initial access malwares such as Emotet, IcedID, Qakbot, and Gozi during ITG23 attacks. The same values for self-signed certificates seen in Bumblebee hav | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Sandworm Threat Actor is associated with CVE-2023-38831. Sandworm, a threat actor linked to Russia, has been identified as the primary cyber attack unit supporting Russian military activities in Ukraine. This group is notorious for its sophisticated and disruptive cyber attacks, including the compromise of 11 Ukrainian telecommunications providers which c | Unspecified | 4 |
The APT28 Threat Actor is associated with CVE-2023-38831. APT28, also known as Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM, is a threat actor linked to Russia. The group has been associated with cyber espionage campaigns across Central Asia and has historically targeted areas of national security, military operations, and geopolitical influ | Targets | 4 |
The APT29 Threat Actor is associated with CVE-2023-38831. APT29, also known as Midnight Blizzard and linked to Russia's Foreign Intelligence Service (SVR), is a notorious threat actor that has been implicated in several high-profile cyberattacks. The group has demonstrated sophisticated capabilities, exploiting vulnerabilities such as the WinRAR 0day flaw | Unspecified | 3 |
The Cozy Bear Threat Actor is associated with CVE-2023-38831. Cozy Bear, also known as APT29 and Midnight Blizzard, is a threat actor believed to be linked to the Russian government. This entity has been behind numerous cyberattacks with malicious intent, targeting various organizations and systems worldwide. The first significant intrusion attributed to Cozy | Targets | 3 |
The Darkcasino Threat Actor is associated with CVE-2023-38831. DarkCasino is a threat actor that has recently emerged in the cybersecurity landscape. As a malicious entity, it's responsible for executing actions with potentially harmful intent. The nature of such entities can range from individual hackers to more organized groups affiliated with private compani | Unspecified | 2 |
The The Dukes Threat Actor is associated with CVE-2023-38831. The Dukes, also known as APT29, Cozy Bear, Midnight Blizzard, Nobelium, and BlueBravo, is a threat actor associated with the Russian government. The group has been active since at least 2008 and has targeted various governments, think tanks, diplomatic entities, and political parties. Notably, in Se | Targets | 2 |
The APT40 Threat Actor is associated with CVE-2023-38831. APT40, a threat actor attributed to China, is a cyber espionage group that primarily targets countries of strategic importance to the Belt and Road Initiative. The group is known for its use of a variety of attack vectors, notably spear-phishing emails posing as individuals likely to be of interest | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securelist | 2 days ago | ||
CISA | 18 days ago | ||
DARKReading | 2 months ago | ||
Securityaffairs | 3 months ago | ||
Securelist | 3 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
DARKReading | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securelist | 7 months ago | ||
Securityaffairs | 7 months ago | ||
Securityaffairs | 7 months ago |