| ID | Votes | Profile Description |
|---|---|---|
| Blackmatter | 9 | BlackMatter is a recognized threat actor in the cybersecurity industry, notorious for its malicious activities and the execution of ransomware attacks. The group initially operated as DarkSide, responsible for the high-profile Colonial Pipeline attack in May 2021, which led to significant attention |
| Alphv | 7 | Alphv is a threat actor group known for its malicious activities in the cyber world. They have been particularly active in deploying ransomware attacks, with one of their most significant actions being the theft of 5TB of data from Morrison Community Hospital. This act not only disrupted hospital op |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| REvil | is related to | 9 | REvil is a type of malware, specifically ransomware, that has been linked to significant cyber attacks. It emerged as part of the Ransomware as a Service (RaaS) model that gained popularity in 2020. This model established relationships between first-stage malware and subsequent ransomware attacks, s |
| Lockbit | Unspecified | 6 | LockBit is a malicious software, or malware, that has been notably active and damaging in the cyber world. Known for its ability to infiltrate systems often without detection, it can steal personal information, disrupt operations, and even hold data hostage for ransom. In the first half of 2024, Loc |
| Avaddon | Unspecified | 5 | Avaddon is a type of malware, specifically ransomware, designed to exploit and damage computer systems. It was notable for its compatibility with older systems such as Windows XP and Windows 2003, distinguishing it from other ransomware like Darkside and Babuk which targeted more modern systems like |
| Maze | Unspecified | 5 | Maze is a type of malware, specifically ransomware, that gained notoriety in 2019 for its double extortion tactic. This malicious software infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Maze w |
| Conti | Unspecified | 4 | Conti is a notorious malware and ransomware operation that has caused significant damage to computer systems worldwide. The Conti group, believed to have around 200 employees, operated like a regular business, with internal communications revealing the organization's structure and operations. It was |
| Babuk | Unspecified | 4 | Babuk is a type of malware, specifically ransomware, that infiltrates systems to encrypt files and hold them for ransom. This malicious software can infect your system through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can disrupt operations by enc |
| Hive | Unspecified | 3 | Hive is a malicious software (malware) that has been used by the cybercriminal group, Hunters International, to launch ransomware attacks since October of last year. The group operates as a ransomware-as-a-service (RaaS) provider, spreading Hive rapidly through collaborations with less sophisticated |
| Clop | Unspecified | 3 | Clop, also known as Cl0p, is a notorious ransomware group responsible for several high-profile cyberattacks. The group specializes in exploiting vulnerabilities in software and systems to gain unauthorized access, exfiltrate sensitive data, and then extort victims by threatening to release the stole |
| Ragnar Locker | Unspecified | 3 | Ragnar Locker is a type of malware, specifically ransomware, known for its destructive impact on computer systems. It infiltrates systems primarily through suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operations, or hold data hostage for rans |
| Ryuk | Unspecified | 3 | Ryuk is a type of malware known as ransomware, which has been utilized by the threat group ITG23 for several years. This group has been notorious for crypting their malware, with crypters seen in use with other malware such as Trickbot, Emotet, Cobalt Strike, and Ryuk. In 2019, most ransomware inves |
| Trigona | Unspecified | 2 | Trigona was a significant strain of ransomware that emerged in 2022, known for its harmful effects on computer systems. The malware infiltrated systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it could steal personal information, disrupt ope |
| Revil/sodinokibi | Unspecified | 2 | REvil/Sodinokibi is a type of malware, specifically ransomware, first identified on September 24, 2019. This malicious software is designed to infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, it can steal personal information, |
| Maze Ransomware | Unspecified | 2 | Maze ransomware is a type of malware that emerged in 2019, employing a double extortion tactic to wreak havoc on its victims. This malicious software infiltrates systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for |
| Cheerscrypt | Unspecified | 2 | Cheerscrypt is a malicious software (malware) that was discovered in May 2022, specifically designed to target ESXi servers, which are extensively used by enterprises for server virtualization. This discovery was made following the reporting of DarkSide ransomware variants in May 2021. Cheerscrypt, |
| Lockbit Black | Unspecified | 2 | LockBit Black, also known as LockBit 3.0, is a sophisticated malware variant that emerged in early 2022. This malicious software encrypts files and disrupts operations on infected devices, often demanding a ransom for the restoration of data. Developed as an iteration of LockBit 2.0 (LockBit Red) re |
| Bablock | Unspecified | 2 | BabLock, also known as Rorschach, is a type of malware that operates as ransomware. First identified by Check Point Research in April 2023, this harmful software infiltrates computer systems and devices, often without the user's knowledge, with the aim to exploit, damage, and potentially hold data h |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| FIN7 | Unspecified | 4 | FIN7, a prominent threat actor in the cybercrime landscape, has been noted for its malicious activities and innovative tactics. Known for their relentless attacks on large corporations, FIN7 recently targeted a significant U.S. carmaker with phishing attacks, demonstrating their continued evolution |
| Sodinokibi | Unspecified | 3 | Sodinokibi, also known as REvil, is a significant threat actor first identified in April 2019. This ransomware family operates as a Ransomware-as-a-Service (RaaS) and has been responsible for one in three ransomware incidents responded to by IBM Security X-Force in 2020. The Sodinokibi ransomware st |
| LockBitSupp | Unspecified | 2 | LockBitSupp, also known as Dmitry Yuryevich Khoroshev, is a threat actor who has been identified as the creator and operator of one of the most prolific ransomware variants known as LockBit. Based in Voronezh, Russia, Khoroshev allegedly began developing LockBit as early as September 2019 and contin |
| Sangria Tempest | Unspecified | 2 | Sangria Tempest, also known as FIN7, Carbon Spider, and ELBRUS, is a threat actor that has been active since 2014. This Russian advanced persistent threat (APT) group is known for its malicious activities, including spear-phishing campaigns, malware distribution, and theft of payment card data. In m |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| CVE-2021-20016 | Unspecified | 2 | None |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| Securityaffairs | 16 days ago | A cyberattack hit US oil giant Halliburton | |
| BankInfoSecurity | 16 days ago | Oil Services Giant Halliburton Disrupted by Hack Attack | |
| DARKReading | 2 months ago | Security End-Run: 'AuKill' Shuts Down Windows-Reliant EDR Processes | |
| BankInfoSecurity | 2 months ago | Millions Affected by Prudential Ransomware Hack in February | |
| Quick Heal Technologies Ltd. | 3 months ago | Doubt Your Vulnerability to Ransomware Attacks? Know How Quick Heal’s Protection Will Save You! | |
| BankInfoSecurity | 5 months ago | FIN7 Targeted US Automotive Giant In Failed Attack | |
| CERT-EU | 6 months ago | Protecting branch office environments from ransomware | |
| CERT-EU | 6 months ago | Ransomware's appetite for US healthcare sees known attacks double in a year | Malwarebytes | |
| CERT-EU | 6 months ago | Ransomware Talent Surges to Akira After LockBit's Demise | |
| BankInfoSecurity | 6 months ago | Ransomware Talent Surges to Akira After LockBit's Demise | |
| CERT-EU | 6 months ago | The Change Healthcare attack: Explaining how it happened | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | |
| CERT-EU | 6 months ago | Operational Technology Threats - ReliaQuest | |
| CERT-EU | 6 months ago | The Great BlackCat Ransomware Heist | |
| CERT-EU | 6 months ago | Cybersecurity tips to follow to keep your information safe | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | |
| CERT-EU | 6 months ago | ALPHV/BlackCat gang vanishes amid ransomware ‘turmoil‘ | #ransomware | #cybercrime | National Cyber Security Consulting | |
| CERT-EU | 6 months ago | Ransomware group behind Change Healthcare attack goes dark | |
| CERT-EU | 6 months ago | Calls grow for federal funding after Change Healthcare cyberattack | |
| CERT-EU | 6 months ago | Blackcat ransomware site reportedly seized but UK agency denies responsibility | #ransomware | #cybercrime | National Cyber Security Consulting | |
| InfoSecurity-magazine | 6 months ago | ALPHV/BlackCat Ransomware Servers Go Down | |
| CERT-EU | 6 months ago | BlackCat ransomware turns off servers amid claim they stole $22 million ransom |