| ID | Votes | Profile Description |
|---|---|---|
| APT28 | 8 | APT28, also known as Fancy Bear, is a threat actor linked to Russia and has been involved in numerous cyber espionage campaigns. The group is notorious for its sophisticated tactics, techniques, and procedures (TTPs). Recently, NATO and the EU formally condemned APT28's activities, acknowledging the |
| STRONTIUM | 4 | Strontium, also known as APT28, Fancy Bear, Forest Blizzard, and several other aliases, is a Russia-linked threat actor that has been active since at least 2007. This group, believed to be associated with the Russian General Staff Main Intelligence Directorate (GRU), has targeted governments, milita |
| Pawn Storm | 4 | Pawn Storm, also known as APT28, Fancy Bear, Sofacy Group, Sednit, BlueDelta, and STRONTIUM, is a threat actor that has been active since at least 2007. This group is notorious for targeting governments, militaries, and security organizations worldwide. In recent years, the methods employed by Pawn |
| Ta422 | 2 | TA422, also known under various aliases such as APT28, Forest Blizzard, Pawn Storm, Fancy Bear, and BlueDelta, is a threat actor attributed to the Russian General Staff Main Intelligence Directorate (GRU) by the United States Intelligence Community. This group has been active in exploiting vulnerabi |
| Itg05 | 2 | ITG05, also known by various aliases including APT28, Fancy Bear, and Forest Blizzard, is a sophisticated malware that has been targeting non-governmental organizations (NGOs) through phishing lures. This harmful software, designed to exploit and damage computer systems, infects systems primarily th |
| Sednit | 2 | Sednit, also known as APT28, Fancy Bear, Strontium/Forest Blizzard, Pawn Storm, Sofacy, and BlueDelta, is a threat actor associated with Russia's military intelligence. Active since at least 2007, the group has targeted governments, militaries, and security organizations worldwide. ESET has shed lig |
| Fighting Ursa | 1 | Fighting Ursa, also known as APT28 or Fancy Bear, is a malicious software (malware) group notorious for conducting attacks on behalf of Russia's military. The group has been involved in numerous cyber campaigns exploiting various vulnerabilities, with the most recent being the Microsoft Outlook vuln |
| Blue Athena | 1 | None |
| Midnight Blizzard | 1 | Midnight Blizzard, a Russia-linked Advanced Persistent Threat (APT) group, has emerged as a significant cybersecurity concern. The group is known for executing actions with malicious intent and has been linked to several high-profile cyber attacks on global organizations. Notably, it breached the sy |
| Fancybear | 1 | Fancybear, also known as APT28, Forest Blizzard, or Strontium, is a threat actor linked to Russia that has been involved in various cyber espionage operations. These operations have targeted European countries and have been condemned by both NATO and the European Union. This group has demonstrated a |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Moobot | Unspecified | 2 | Moobot is a malicious software (malware) that has been causing significant disruption in the digital world. The malware, which can infiltrate systems through various methods such as suspicious downloads, emails, or websites, is known for its capability to steal personal information, disrupt operatio |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Frozenlake | has used | 2 | Frozenlake, also known as APT28, Fancy Bear, Forest Blizzard, and several other names, is a threat actor believed to be sponsored by the Russian military. The group has been involved in numerous cyber-attacks, primarily targeting Ukraine's energy sector. Their modus operandi includes exploiting vuln |
| Sofacy Group | Unspecified | 1 | The Sofacy Group, also known as APT28, Fancy Bear, Pawn Storm, Sednit, BlueDelta, and STRONTIUM, is a significant threat actor in the global cybersecurity landscape. Active since at least 2007, this group has targeted governments, militaries, and security organizations worldwide. The group's activit |
| Sandworm | Unspecified | 1 | Sandworm, a threat actor linked to Russia, has been implicated in numerous high-profile cyber attacks. This group's activities have primarily targeted Ukraine, compromising the country's critical infrastructure and telecommunications providers. The Sandworm group is known for its fileless attack met |
| Seashell Blizzard | Unspecified | 1 | Seashell Blizzard, also known as Iridium, Sandworm, Voodoo Bear, and APT44, is a state-sponsored threat actor group affiliated with the Russian military intelligence service (GRU). Microsoft has identified this group as distinct from other Advanced Persistent Threat (APT) groups operating under the |
| Seashell Blizzard Iridium | Unspecified | 1 | Seashell Blizzard Iridium, also known as Sandworm, is a threat actor reportedly comprised of Russian military intelligence officers. This group has been identified as distinct from other Advanced Persistent Threat (APT) groups associated with the Russian military intelligence GRU, such as Forest Bli |
| Star Blizzard | Unspecified | 1 | Star Blizzard, also known as Seaborgium or the Callisto Group, is a threat actor linked to Russia's intelligence service, the FSB. The group has been involved in sophisticated cyber-attacks worldwide, primarily using spear-phishing campaigns to steal account credentials and data. Microsoft, which tr |
| Krypton | Unspecified | 1 | Krypton, also known as Secret Blizzard or UAC-0003, is a significant threat actor that has been associated with Russia's Federal Security Service (FSB). This Advanced Persistent Threat (APT) group has been active since at least 2004, targeting diplomatic and government organizations as well as priva |
| Secret Blizzard | Unspecified | 1 | Secret Blizzard, also known as Turla, KRYPTON, and UAC-0003, is a threat actor group linked to Russia's Federal Security Service (FSB). This Advanced Persistent Threat (APT) group has been active since the early 2000s, primarily targeting government organizations worldwide. The group's activities we |
| Charcoal Typhoon | Unspecified | 1 | Charcoal Typhoon, a China-affiliated threat actor, has been identified as one of the state-backed groups using OpenAI's ChatGPT for malicious purposes. The group is known for focusing on tracking groups in Taiwan, Thailand, Mongolia, Malaysia, France, Nepal, and individuals globally that oppose Chin |
| Crimson Sandstorm | Unspecified | 1 | Crimson Sandstorm, an Advanced Persistent Threat (APT) group linked to Iran, has been identified as a significant threat actor in the cybersecurity landscape. This entity, potentially connected to the Islamic Revolutionary Guard Corps and active since at least 2017, targets victims across diverse se |
| Emerald Sleet | Unspecified | 1 | Emerald Sleet, a North Korea-affiliated advanced persistent threat (APT) group, has emerged as a significant cybersecurity concern. The group leverages OpenAI’s ChatGPT, the same technology that underpins Microsoft's Copilot, to enhance its malicious activities. These activities include spear-phishi |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| CVE-2022-38028 | Unspecified | 4 | None |
| CVE-2021-34527 | Unspecified | 1 | CVE-2021-34527, also known as PrintNightmare, is a software vulnerability that involves a flaw in software design or implementation. The exploitation process begins when a user clicks on a link which downloads a ZIP archive containing a malicious JScript (JS) downloader titled 'Stolen Images Evidenc |
| Printnightmare Cve-2021-34527 | Unspecified | 1 | PrintNightmare (CVE-2021-34527) is a significant software vulnerability that was identified and reported in 2021. It is a flaw in the design or implementation of Microsoft's Windows Print Spooler service, which can be exploited for local and Windows Active Domain privilege escalation. This allows at |
| CVE-2021-1675 | Unspecified | 1 | None |
| Source | CreatedAt | Title |
|---|---|---|
| SecurityIntelligence.com | 2 months ago | Threat intelligence to protect vulnerable communities |
| Securityaffairs | 2 months ago | Pro-Russia hackers targeted Kosovo government websites |
| Securityaffairs | 3 months ago | Russia-linked APT28 targets government Polish institutions |
| Securityaffairs | 3 months ago | NATO and the EU formally condemned APT28 cyber espionage |
| BankInfoSecurity | 3 months ago | Russian GRU Hackers Compromised German, Czech Targets |
| Securityaffairs | 3 months ago | Russia-linked APT28 and crooks are still using the Moobot botnet |
| Trend Micro | 3 months ago | Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks |
| Securityaffairs | 3 months ago | CISA adds Microsoft Windows Print Spooler flaw to its Known Exploited Vulnerabilities catalog |
| BankInfoSecurity | 3 months ago | Russian Hackers Exploiting Windows Print Spooler Vuln |
| DARKReading | 3 months ago | Russia's Fancy Bear Pummels Windows Print Spooler Bug |
| InfoSecurity-magazine | 3 months ago | Russian APT28 Group in New “GooseEgg” Hacking Campaign |
| Securityaffairs | 3 months ago | Russia-linked APT28 used tool GooseEgg for to exploit Win bug |
| CERT-EU | 4 months ago | APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting |
| CERT-EU | 5 months ago | Russian Midnight Blizzard Hackers Breached Microsoft Source Code | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting |
| CERT-EU | 5 months ago | Russian Military Botnet Dismantled |
| CERT-EU | 5 months ago | Ubiquiti router users urged to secure devices targeted by Russian hackers |
| CERT-EU | 5 months ago | FBI Alert: Russian Hackers Target Ubiquiti Routers for Data, Botnet Creation |
| CERT-EU | 5 months ago | Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations |
| CERT-EU | 5 months ago | Microsoft, OpenAI move to fend off genAI-aided hackers — for now |
| BankInfoSecurity | 5 months ago | Moscow Military Hackers Used Microsoft Outlook Vulnerability |