ID | Votes | Profile Description |
---|---|---|
FIVEHANDS | 5 | FiveHands, also known as HelloKitty, is a sophisticated form of malware that primarily targets financial institutions. It was first reported by Mandiant in April 2021 as part of a cyber threat posed by the UNC2447 group. The ransomware is typically delivered through Encryptor.exe, a loader that init |
Abyss Locker | 4 | Abyss Locker is a formidable strain of malware, specifically ransomware, that has been observed targeting both Microsoft Windows and Linux platforms. This malicious software operates by infiltrating systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside |
ID | Type | Votes | Profile Description |
---|---|---|---|
Black Basta | Unspecified | 4 | Black Basta is a notorious malware entity known for its devastating ransomware attacks. First emerging in June 2022, the group has since been associated with a series of high-profile cyber-attacks worldwide. This malware, like others, infiltrates systems through suspicious downloads, emails, or webs |
Lockbit | Unspecified | 3 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
Hive | Unspecified | 3 | Hive is a malicious software, or malware, that infiltrates systems to exploit and damage them. This malware has been associated with Volt Typhoon, who exfiltrated NTDS.dit and SYSTEM registry hive to crack passwords offline. The Hive operation was primarily involved in port scanning, credential thef |
REvil | Unspecified | 3 | REvil is a notorious form of malware, specifically ransomware, that infiltrates systems to disrupt operations and steal data. The ransomware operates on a Ransomware as a Service (RaaS) model, which gained traction in 2020. In this model, REvil, like other first-stage malware such as Dridex and Goot |
DEATHRANSOM | Unspecified | 2 | DeathRansom is a form of malware, specifically ransomware, known for its damaging effects on computer systems. It operates by infiltrating systems through suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operations, or hold data hostage for ranso |
Conti | Unspecified | 2 | Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in |
Akira | Unspecified | 1 | Akira is a malicious software, or malware, specifically a type of ransomware known for its disruptive and damaging effects. First surfacing in late 2023, it has continued to wreak havoc on various entities, including corporations and industries. This ransomware infects systems through suspicious dow |
malware.binary.exe | Unspecified | 1 | None |
Blackbasta | Unspecified | 1 | BlackBasta is a malicious software (malware) known for its disruptive and damaging effects on computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even ho |
Monti | Unspecified | 1 | The Monti group, a malicious cyber entity, has been active since June 2022, shortly after the Conti ransomware gang shut down its operations. The group is known for its malware, Monti, which is a particularly harmful program designed to exploit and damage computer systems. It infiltrates systems thr |
AvosLocker | Unspecified | 1 | AvosLocker is a type of malware, specifically a ransomware, that has been causing significant issues across the digital landscape. Ransomware is a form of malicious software designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without |
Kinsing | Unspecified | 1 | Kinsing is a type of malware, short for malicious software, that is designed to exploit and damage computer systems or devices. It typically infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt o |
Clop | Unspecified | 1 | Clop is a notorious malware, short for malicious software, known for its disruptive and damaging effects on computer systems. It primarily infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Clop can steal personal information, disrupt o |
SombRAT | Unspecified | 1 | Sombrat is a sophisticated malware that poses a significant financial threat, as reported by Mandiant in April 2021. It operates in conjunction with FIVEHANDS Ransomware under the umbrella of UNC2447, a malicious cyber activity group. The malware infects systems through suspicious downloads, emails, |
ID | Type | Votes | Profile Description |
---|---|---|---|
Blackmatter | Unspecified | 1 | BlackMatter is a recognized threat actor in the cybersecurity industry, notorious for its malicious activities and the execution of ransomware attacks. The group initially operated as DarkSide, responsible for the high-profile Colonial Pipeline attack in May 2021, which led to significant attention |
Alphv | Unspecified | 1 | AlphV, also known as BlackCat, is a notable threat actor in the cybersecurity landscape. This group has been involved in numerous high-profile attacks, including stealing 5TB of data from Morrison Community Hospital and compromising Clarion, a global manufacturer of audio and video equipment for car |
Qilin | Unspecified | 1 | Qilin, a notable threat actor in the cybersecurity landscape, has been significantly active over the last two years, compromising more than 150 organizations across 25 countries and various industries. Originally evolving from the Agenda ransomware written in Go, Qilin has since transitioned to Rust |
Vice Society | Unspecified | 1 | Vice Society, a threat actor group known for its malicious activities, has been linked to a series of ransomware attacks targeting various sectors, most notably education and healthcare. Throughout 2022 and the first half of 2023, Vice Society, along with Royal Ransomware, were actively executing mu |
Havex | Unspecified | 1 | Havex, also known as Dragonfly or the Energetic Bear RAT, is a prominent threat actor in the cybersecurity landscape. First spotted in 2013, Havex was part of a broad industrial espionage campaign that specifically targeted Supervisory Control and Data Acquisition (SCADA) and Industrial Control Syst |
DarkSide | Unspecified | 1 | DarkSide is a notable threat actor that emerged in the cybersecurity landscape with its advanced ransomware operations. In 2021, the group gained significant attention for its attack on the United States' largest oil pipeline, Colonial Pipeline, causing a temporary halt to all operations for three d |
APT10 | Unspecified | 1 | APT10, also known as the Menupass Team, is a threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS). The group has been active since 2009 and is suspected to be based in Tianjin, China, according to research by IntrusionTruth in 2018. APT10 has primarily targeted |
ID | Type | Votes | Profile Description |
---|---|---|---|
CVE-2023-46604 | Unspecified | 3 | CVE-2023-46604 is a critical vulnerability identified in Apache ActiveMQ, specifically affecting versions prior to 5.15.16, 5.16.7, 5.17.6, and 5.18.3. This flaw, which lies within the Java OpenWire protocol marshaller, allows for Remote Code Execution (RCE) and has been assigned a maximum severity |
CVE-2023-44604 | Unspecified | 1 | None |
Source | CreatedAt | Title |
---|---|---|
Securityaffairs | 5 days ago | Security Affairs Malware Newsletter - Round 3 |
Securityaffairs | 5 days ago | Security Affairs Malware Newsletter - Round 3 |
Securityaffairs | 12 days ago | Security Affairs Malware Newsletter - Round 2 |
Securityaffairs | 19 days ago | Security Affairs Malware Newsletter - Round 1 |
Securityaffairs | a month ago | Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | a month ago | Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | a month ago | Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 2 months ago | Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 466 by Pierluigi Paganini |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 465 by Pierluigi Paganini |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 464 by Pierluigi Paganini |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 463 by Pierluigi Paganini |
Securityaffairs | 5 months ago | Security Affairs newsletter Round 462 by Pierluigi Paganini |
Securityaffairs | 5 months ago | Security Affairs newsletter Round 461 by Pierluigi Paganini |
Fortinet | 5 months ago | Ransomware Roundup – Abyss Locker | FortiGuard Labs |
Securityaffairs | 5 months ago | Security Affairs newsletter Round 460 by Pierluigi Paganini |
Securityaffairs | 5 months ago | Security Affairs newsletter Round 459 by Pierluigi Paganini |