| ID | Votes | Profile Description |
|---|---|---|
| Yellow Cockatoo | 3 | The SolarMarker malware, also known as Yellow Cockatoo, Polazert, and Jupyter Infostealer, has been a persistent threat since its inception in 2020. It has steadily evolved over the years, posing significant risks to sectors such as education, healthcare, and small to medium-sized enterprises (SMEs) |
| Jupyter Infostealer | 2 | The Jupyter Infostealer, also known as Yellow Cockatoo, SolarMarker, and Polazert, is a harmful malware that has been steadily evolving since 2020. This malicious software targets Chrome and Firefox browser data, exploiting and damaging systems it infiltrates. It can infect systems through suspiciou |
| Qubitstrike | 1 | Qubitstrike is a novel form of malware that has been targeting vulnerable Jupyter Notebook instances, as reported on October 19, 2023. The threat actors suspected to be behind this are believed to be based in Tunisia. These actors have been using Qubitstrike to facilitate cryptomining and cloud comp |
| Polazert | 1 | Polazert, also known as Jupyter Infostealer, SolarMarker, and Yellow Cockatoo, is a sophisticated malware that has been discovered with enhanced stealth capabilities. As reported by The Hacker News on November 7, 2023, this new version of the malware can infiltrate systems without detection, making |
| Pyloose | 1 | In July, Wiz researchers issued a warning about PyLoose, a malicious software (malware) composed of Python code. This malware is designed to covertly load an XMRig miner—a program used for cryptocurrency mining—into a computer's memory using the memfd Linux fileless process. This technique allows th |
| Solarmarker | 1 | SolarMarker, also known as Yellow Cockatoo, Polazert, and Jupyter Infostealer, is a sophisticated malware designed to steal information. It has been evolving since 2020 and has been active in various campaigns since 2021. The malware relies heavily on web delivery, using search engine optimization ( |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Tsunami | Unspecified | 1 | The "Tsunami" malware, a malicious software designed to exploit and damage computer systems, has caused significant cybersecurity disruptions globally. This malware, whose variants include xmrigDeamon, Bioset, dns3, xmrigMiner, docker-update, dns, 64[watchdogd], 64bioset, 64tshd, armbioset, armdns, |
| Hive | Unspecified | 1 | Hive is a malicious software, or malware, that infiltrates systems to exploit and damage them. This malware has been associated with Volt Typhoon, who exfiltrated NTDS.dit and SYSTEM registry hive to crack passwords offline. The Hive operation was primarily involved in port scanning, credential thef |
| Lumma Stealer | Unspecified | 1 | Lumma Stealer is a malicious software (malware) that infiltrates systems primarily to steal personal information, disrupt operations, and exploit vulnerabilities. According to the ESET Threat Report H2 2023, Lumma Stealer gained significant traction in the second half of 2023, with its capabilities |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Diamorphine | Unspecified | 1 | Diamorphine is a threat actor, a human entity or group with malicious intent, that has been identified as using sophisticated techniques to compromise system security. This actor utilizes open-source rootkits available on GitHub, namely Diamorphine and Reptile, to infiltrate supported systems. These |
| TeamTNT | Unspecified | 1 | TeamTNT, a threat actor group known for its malicious activities, has been implicated in a series of sophisticated attacks on Kubernetes, one of the most complex to date. The group is notorious for deploying malware, specifically the Hildegard malware, which was identified during a new campaign. The |
| Silentbob | Unspecified | 1 | Silentbob, a threat actor linked to the infamous cryptojacking group known as TeamTNT, has been identified as a significant cybersecurity concern. Silentbob has been involved in an aggressive cloud campaign, infecting as many as 196 hosts. The activity is named after an AnonDNS domain set up by the |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| CVE-2023-36881 | Unspecified | 1 | None |
| CVE-2023-35394 | Unspecified | 1 | None |
| CVE-2023-36877 | Unspecified | 1 | None |
| Source | CreatedAt | Title |
|---|---|---|
| Recorded Future | 18 days ago | Exploring the Depths of SolarMarker's Multi-tiered Infrastructure | Recorded Future |
| Recorded Future | 2 months ago | Exploring the Depths of SolarMarker's Multi-tiered Infrastructure | Recorded Future |
| CERT-EU | 4 months ago | Mageia 2024-0067: jupyter-notebook security update | LinuxSecurity.com |
| CERT-EU | 5 months ago | Cryptojacking is no longer the sole focus of cloud attackers - Help Net Security |
| CERT-EU | 5 months ago | Cryptojacking is no longer the sole focus of cloud attackers - Help Net Security |
| CERT-EU | 6 months ago | FBI: Androxgh0st Malware Building Mega-Botnet for Credential Theft |
| CERT-EU | a year ago | Meet PyLoose – First Python-Based Fileless Attack in the Wild |
| CERT-EU | 9 months ago | North Korea-linked BlueNoroff's macOS malware variant targets financial firms |
| CERT-EU | 10 months ago | 8 XSS Vulnerabilities in Azure HDInsight Allow Attackers to Deliver Malicious Payloads |
| CERT-EU | 8 months ago | Ноябрьские патчи Microsoft устраняют 58 дыр, 5 используются в атаках |
| CERT-EU | a year ago | Silentbob Campaign: Cloud-Native Environments Under Attack |
| CERT-EU | a year ago | Issue #584 (July 4, 2023) – GIXtools |
| CERT-EU | 9 months ago | Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials |
| CERT-EU | 8 months ago | GovCERT.HK - Security Alerts |
| CERT-EU | 8 months ago | Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws |
| BankInfoSecurity | 8 months ago | Info Stealers Thrive in Hot Market for Stolen Data |
| CERT-EU | 8 months ago | OracleIV emerges as a ‘Dockerized’ DDoS bot agent |
| CERT-EU | 9 months ago | Stealthier Jupyter infostealer discovered |
| CERT-EU | 9 months ago | New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics |
| CERT-EU | a year ago | 'ScarletEel' Hackers Worm Into AWS Cloud |