ID | Votes | Profile Description |
---|---|---|
Ghostsec | 3 | GhostSec is a malicious software (malware) identified as a significant cybersecurity threat. This harmful program, designed to exploit and damage computers or devices, infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once embedded, it can steal pe |
ID | Type | Votes | Profile Description |
---|---|---|---|
Lockbit | is related to | 3 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
Ghostlocker | Unspecified | 3 | GhostLocker is a harmful malware developed by the cybercrime gang GhostSec, which has seen a significant surge in its hacking activities over the past year. The group has recently introduced an updated version of this malicious software, known as GhostLocker 2.0 ransomware, a Golang variant of the o |
Akira | is related to | 2 | Akira is a malicious software, or malware, specifically a type of ransomware known for its disruptive and damaging effects. First surfacing in late 2023, it has continued to wreak havoc on various entities, including corporations and industries. This ransomware infects systems through suspicious dow |
Conti | Unspecified | 2 | Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in |
Quarkbandit | is related to | 1 | None |
Rhadamanthys | Unspecified | 1 | Rhadamanthys is a malicious software (malware) that has been leveraged by the threat actor group TA547 to target German organizations. The malware, which infiltrates systems through suspicious downloads, emails, or websites, can steal personal information, disrupt operations, or hold data for ransom |
Amadey | Unspecified | 1 | Amadey is a malicious software (malware) that has been found to be used in conjunction with other malware such as Remcos, GuLoader, and Formbook. Analysis of the infection chains revealed that the individual behind the sales of Remcos and GuLoader also uses Amadey and Formbook, using GuLoader as a p |
Granite Typhoon | Unspecified | 1 | Granite Typhoon is a notable malware that has been implicated in several cyber-attacks on various organizations and entities. The malware, which operates by infiltrating systems through suspicious downloads, emails, or websites, has been linked to attacks on telecommunications firms in 2023, an oper |
Faust | Unspecified | 1 | Faust is a newly discovered variant of the Phobos ransomware, an evolution of the Dharma/Crysis ransomware. It shares similar Tactics, Techniques, and Procedures (TTPs) with other variants such as Elking, Eight, Devos, and Backmydata, indicating a likely connection between them. Researchers from For |
Maze | Unspecified | 1 | Maze is a type of malware, specifically ransomware, that gained notoriety in 2019 for its double extortion tactic. This malicious software infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Maze w |
Phobos | Unspecified | 1 | Phobos is a type of malware, specifically a ransomware, that has been a significant cause for concern in the cyber security world. This malicious software infiltrates systems through dubious downloads, emails, or websites and can cause severe damage by stealing personal information, disrupting opera |
Eking | Unspecified | 1 | Eking is a malware, specifically a variant of the Phobos ransomware family. Malware, or malicious software, is designed to infiltrate and damage computers without the users' consent. Eking can infect systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once insid |
Devos | Unspecified | 1 | Devos is a variant of Phobos ransomware, a type of malware that infects systems and holds data hostage for ransom. It is closely linked to other variants such as Elking, Eight, Backmydata, and Faust ransomware due to similar Tactics, Techniques, and Procedures (TTPs) observed in their intrusions. Op |
gh0st RAT | is related to | 1 | Gh0st RAT is a notorious malware that was originally developed by the C. Rufus Security Team in China and has been widely used for cyber espionage since its code leaked in 2008. This malicious software can infiltrate systems through suspicious downloads, emails, or websites, often without the user's |
Poison Ivy | is related to | 1 | Poison Ivy is a type of malware, or malicious software, designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold d |
ID | Type | Votes | Profile Description |
---|---|---|---|
Space Kook | is related to | 2 | Space Kook is a threat actor, or malicious entity, identified in the cybersecurity industry for its involvement in ransomware operations. Named after a villain from Scooby Doo, Space Kook was first linked to malicious activities by Halcyon's analysis, which showed connections to an initial access br |
Alphv | Unspecified | 2 | AlphV, also known as BlackCat, is a notable threat actor in the cybersecurity landscape. This group has been involved in numerous high-profile attacks, including stealing 5TB of data from Morrison Community Hospital and compromising Clarion, a global manufacturer of audio and video equipment for car |
Zeon | is related to | 2 | Zeon, a known threat actor in the cybersecurity landscape, has been linked to several high-profile ransomware attacks. It was instrumental in crypting SVCReady and CargoBay loaders, observed in Quantum and Royal ransomware attacks respectively. Zeon has also employed third-party ransomware such as B |
LockBitSupp | Unspecified | 1 | LockBitSupp, also known as LockBit and putinkrab, is a notorious threat actor responsible for creating and operating one of the most prolific ransomware variants. The individual behind this persona, Dmitry Yuryevich Khoroshev, has been actively involved in ransomware attacks against organizations fo |
Ruby Sleet | Unspecified | 1 | Ruby Sleet, also known as Ricochet Chollima and CERIUM, is a North Korean threat actor that has been actively targeting governmental and defense sectors across several countries. According to a Microsoft report, from November 2022 to January 2023, Ruby Sleet, in conjunction with another threat actor |
GALLIUM | Unspecified | 1 | Gallium, also known as Alloy Taurus, is a China-aligned threat actor known for executing actions with malicious intent in the cyber domain. In recent years, Gallium has been associated with various significant cyber-espionage campaigns. The group targeted telecommunication entities in the Middle Eas |
Anonymous Sudan | Unspecified | 1 | Anonymous Sudan, a threat actor group known for its malicious cyber activities, has recently been the subject of increased attention in the cybersecurity industry. This entity, which could consist of a single individual, a private company, or part of a government organization, is responsible for exe |
ID | Type | Votes | Profile Description |
---|---|---|---|
Lockbit's Ghost | Unspecified | 2 | None |
CVE-2012-1033 | Unspecified | 1 | None |
CVE-2022-41654 | Unspecified | 1 | None |
CVE-2022-41697 | Unspecified | 1 | None |
Zeon/ryuk | Unspecified | 1 | None |
Source | CreatedAt | Title |
---|---|---|
Checkpoint | 3 days ago | Stargazers Ghost Network - Check Point Research |
Securelist | 16 days ago | Spear phishing techniques in mass phishing: a new trend |
Unit42 | 2 months ago | Leveraging DNS Tunneling for Tracking and Scanning |
CERT-EU | 4 months ago | The effects of law enforcement takedowns on the ransomware landscape - Help Net Security |
CERT-EU | 4 months ago | Nigerian pleads guilty in BEC attack involvement |
CERT-EU | 4 months ago | The effects of law enforcement takedowns on the ransomware landscape - Help Net Security |
CERT-EU | 4 months ago | Ransomware Talent Surges to Akira After LockBit's Demise |
BankInfoSecurity | 4 months ago | Ransomware Talent Surges to Akira After LockBit's Demise |
CERT-EU | 5 months ago | Tax-related scams escalate as filing deadline approaches - Help Net Security |
CERT-EU | 5 months ago | Apple TV+ shows and movies: What to watch on Apple TV Plus |
CERT-EU | 5 months ago | Microsoft engineer who raised concerns about Copilot image creator pens letter to the FTC |
Securityaffairs | 5 months ago | Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks |
CERT-EU | 5 months ago | Watch out, GhostSec and Stourmous groups jointly conducting ransomware attacks | #ransomware | #cybercrime | National Cyber Security Consulting |
DARKReading | 5 months ago | GhostLocker 2.0 Haunts Businesses Across Middle East, Africa & Asia |
CERT-EU | 5 months ago | Techrights — Links 04/03/2024: Techno-Babble in Tech Job Ads and Vision Pro Already Breaking Apart |
CERT-EU | 5 months ago | Pennsylvania Fact-Checking, Syria, Florida Legislation, More: Sunday Afternoon ResearchBuzz, March 3, 2024 |
CERT-EU | 5 months ago | Apple TV+ shows and movies: What to watch on Apple TV Plus |
BankInfoSecurity | 5 months ago | Stages of LockBit Grief: Anger, Denial, Faking Resurrection? |
CERT-EU | 5 months ago | Authorities Claim LockBit Admin "LockBitSupp" Has Engaged with Law Enforcement | #cybercrime | #infosec | National Cyber Security Consulting |
CERT-EU | 5 months ago | Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities |