Alias Description | Association Type | Votes |
---|---|---|
The KONNI Malware is associated with CVE-2023-38831. Konni is a malicious software (malware) linked to North Korea, specifically associated with the state-sponsored Kimsuky group. This advanced persistent threat (APT) has been active since at least 2021, focusing on high-profile targets such as the Russian Ministry of Foreign Affairs, the Russian Emba | Unspecified | 3 |
The EVILNUM Malware is associated with CVE-2023-38831. Evilnum is a form of malware, first observed and reported in 2018, that is designed to exploit and damage computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge, and can steal personal information, disrupt operations, or even ho | Unspecified | 2 |
The Lonepage Malware is associated with CVE-2023-38831. Lonepage is a malicious software (malware) that has been actively utilized by the threat actor UAC-0099 since mid-2022 to compromise Ukrainian entities. This malware, along with others like Clogflag, Seaglow, and Overjam, is used to spy on victims and steal data. The operation employs phishing messa | Targets | 2 |
The Phantomdl Malware is associated with CVE-2023-38831. PhantomDL is a malicious software (malware) associated with the cybercriminal group known as Head Mare, which has been linked to targeted attacks on Russian organizations. This custom-made malware, along with PhantomCore, exploits a relatively new vulnerability, CVE-2023-38831, in phishing campaigns | Unspecified | 2 |
The Phantomcore Malware is associated with CVE-2023-38831. PhantomCore is a sophisticated malware, which is part of a suite of custom-made malicious software that includes PhantomDL. This malware has been used in targeted phishing campaigns to infiltrate victim infrastructure by exploiting a relatively new vulnerability, CVE-2023-38831. Once executed, the m | Unspecified | 2 |
The Bumblebee Malware is associated with CVE-2023-38831. Bumblebee is a type of malware that has been linked to ITG23, a cybercriminal group known for its use of crypters such as Emotet, IcedID, Qakbot, Bumblebee, and Gozi. Distributed via phishing campaigns or compromised websites, Bumblebee enables the delivery and execution of further payloads. The sam | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Sandworm Threat Actor is associated with CVE-2023-38831. Sandworm, also known as APT44, is a Russia-linked threat actor that has been implicated in several major cyberattacks. This group has been particularly active against targets in Ukraine and Poland, with significant operations including the compromise of 11 Ukrainian telecommunications providers, whi | Unspecified | 4 |
The APT28 Threat Actor is associated with CVE-2023-38831. APT28, also known as Fancy Bear, Forest Blizzard, and Unit 26165 of the Russian Main Intelligence Directorate, is a Russia-linked threat actor that has been active since at least 2007. This group has targeted governments, militaries, and security organizations worldwide with a particular focus on th | Targets | 4 |
The Cozy Bear Threat Actor is associated with CVE-2023-38831. Cozy Bear, also known as APT29 and associated with names like Midnight Blizzard, Nobelium, and The Dukes, is a threat actor believed to be linked with the Russian state. This group has been involved in numerous cyber espionage activities, demonstrating proficiency across multiple operating systems a | Targets | 3 |
The APT29 Threat Actor is associated with CVE-2023-38831. APT29, also known as Cozy Bear, Midnight Blizzard, Nobelium, and the Dukes, is a Russia-linked threat actor associated with SVR. This group is notorious for its sophisticated cyber espionage tactics, techniques, and procedures. APT29 often uses The Onion Router (TOR) network, leased and compromised | Unspecified | 3 |
The The Dukes Threat Actor is associated with CVE-2023-38831. The Dukes, also known as APT29, Cozy Bear, Midnight Blizzard, and Nobelium, is a threat actor associated with the Russian government that has been active since at least 2008. Notably, this group was implicated in the 2015 attack on the American Democratic National Committee (DNC). The FBI alerted th | Targets | 2 |
The Darkcasino Threat Actor is associated with CVE-2023-38831. DarkCasino is a threat actor that has recently emerged in the cybersecurity landscape. As a malicious entity, it's responsible for executing actions with potentially harmful intent. The nature of such entities can range from individual hackers to more organized groups affiliated with private compani | Unspecified | 2 |
The APT40 Threat Actor is associated with CVE-2023-38831. APT40, a Chinese cyber espionage group suspected to be affiliated with China's Ministry of State Security, has been actively conducting cyberespionage campaigns against government and private organizations in multiple countries. This threat actor typically targets nations strategically significant t | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | 22 days ago | ||
Securityaffairs | a month ago | ||
Securelist | 2 months ago | ||
Securityaffairs | 2 months ago | ||
Securityaffairs | 2 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 3 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
DARKReading | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securelist | 5 months ago | ||
Securityaffairs | 5 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago | ||
Securityaffairs | 6 months ago |