ID | Votes | Profile Description |
---|---|---|
AvosLocker | 3 | AvosLocker is a type of malware, specifically a ransomware, that has been causing significant issues across the digital landscape. Ransomware is a form of malicious software designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without |
Zeon | 1 | Zeon, a known threat actor in the cybersecurity landscape, has been linked to several high-profile ransomware attacks. It was instrumental in crypting SVCReady and CargoBay loaders, observed in Quantum and Royal ransomware attacks respectively. Zeon has also employed third-party ransomware such as B |
ID | Type | Votes | Profile Description |
---|---|---|---|
Conti | Unspecified | 4 | Conti is a type of malware, specifically ransomware, known for its ability to disrupt operations, steal personal information, and hold data hostage for ransom. The malicious software infiltrates systems via suspicious downloads, emails, or websites, often unbeknownst to the user. It has been used in |
Lockbit | Unspecified | 3 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
Hive | Unspecified | 3 | Hive is a malicious software, or malware, that infiltrates systems to exploit and damage them. This malware has been associated with Volt Typhoon, who exfiltrated NTDS.dit and SYSTEM registry hive to crack passwords offline. The Hive operation was primarily involved in port scanning, credential thef |
Blackbasta | Unspecified | 2 | BlackBasta is a malicious software (malware) known for its disruptive and damaging effects on computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even ho |
Snatch | Unspecified | 2 | Snatch is a type of malware, specifically ransomware, designed to infiltrate systems undetected, often through suspicious downloads, emails, or websites. Once inside the system, it can wreak havoc by stealing personal information, disrupting operations, or holding data hostage for ransom. The Snatch |
Black Basta | Unspecified | 2 | Black Basta is a notorious malware entity known for its devastating ransomware attacks. First emerging in June 2022, the group has since been associated with a series of high-profile cyber-attacks worldwide. This malware, like others, infiltrates systems through suspicious downloads, emails, or webs |
Clop | Unspecified | 2 | Clop is a notorious malware, short for malicious software, known for its disruptive and damaging effects on computer systems. It primarily infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Clop can steal personal information, disrupt o |
REvil | Unspecified | 1 | REvil is a notorious form of malware, specifically ransomware, that infiltrates systems to disrupt operations and steal data. The ransomware operates on a Ransomware as a Service (RaaS) model, which gained traction in 2020. In this model, REvil, like other first-stage malware such as Dridex and Goot |
Diavol | Unspecified | 1 | Diavol is a type of malware, specifically ransomware, that infiltrates systems to exploit and cause damage. It can infect systems through various channels such as suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Diavol can steal personal information, disrupt ope |
Akira | Unspecified | 1 | Akira is a malicious software, or malware, specifically a type of ransomware known for its disruptive and damaging effects. First surfacing in late 2023, it has continued to wreak havoc on various entities, including corporations and industries. This ransomware infects systems through suspicious dow |
Bazarloader | Unspecified | 1 | BazarLoader is a form of malware that has been utilized extensively by ITG23, a cybercriminal group. This harmful software infiltrates systems via suspicious downloads, emails, or websites, potentially stealing personal information, disrupting operations, or holding data for ransom. ITG23 has used B |
Bazarbackdoor | Unspecified | 1 | BazarBackdoor is a type of malware developed by ITG23, first identified in April 2020. It is commonly distributed via contact forms on corporate websites, bypassing regular phishing emails, which makes it harder to detect. The malware is often associated with BazarLoader, both of which were used ext |
QakBot | Unspecified | 1 | Qakbot is a potent malware, a malicious software designed to exploit and damage computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it has the potential to steal personal information, disrupt operations, or e |
Forest | Unspecified | 1 | Forest is a potent malware that leverages the Golden Ticket, an authentication ticket (TGT), to gain domain-wide access. It exploits the TGT to acquire service tickets (TGS) used for accessing resources across the entire domain and the Active Directory (AD) forest by leveraging SID History. The malw |
Babuk | Unspecified | 1 | Babuk is a type of malware, specifically ransomware, which is designed to infiltrate systems and hold data hostage for ransom. It can be delivered through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside a system, Babuk can disrupt operations and steal perso |
ID | Type | Votes | Profile Description |
---|---|---|---|
Blackbyte | Unspecified | 2 | BlackByte, a threat actor known for its malicious activities, has been on the radar of cybersecurity agencies since its emergence in July 2021. Notorious for targeting critical infrastructure, BlackByte attracted the attention of the Federal Bureau of Investigation (FBI) and the US Secret Service (U |
Vice Society | Unspecified | 2 | Vice Society, a threat actor group known for its malicious activities, has been linked to a series of ransomware attacks targeting various sectors, most notably education and healthcare. Throughout 2022 and the first half of 2023, Vice Society, along with Royal Ransomware, were actively executing mu |
Bianlian | Unspecified | 2 | BianLian is a threat actor that has been increasingly active in cybercrimes. The group is known for its malicious activities, including the execution of actions with harmful intent. In a series of recent events, BianLian has exploited vulnerabilities in JetBrains TeamCity, a continuous integration a |
ITG23 | Unspecified | 1 | ITG23, also known as the Trickbot/Conti syndicate, is a significant threat actor that has been active since 2016 in the East European cybercrime arena. This group is renowned for its use of Reflective DLL Injection code in many of its crypters, with the presence of these crypters on a file sample be |
Scattered Spider | Unspecified | 1 | Scattered Spider is a prominent threat actor group involved in cybercrime activities with malicious intent. The group employs various tactics to compromise its targets, including phishing for login credentials, searching SharePoint repositories for sensitive information, and exploiting infrastructur |
Alphv | Unspecified | 1 | AlphV, also known as BlackCat, is a notable threat actor in the cybersecurity landscape. This group has been involved in numerous high-profile attacks, including stealing 5TB of data from Morrison Community Hospital and compromising Clarion, a global manufacturer of audio and video equipment for car |
Rhysida | Unspecified | 1 | Rhysida, a threat actor known for executing malicious cyber activities, has been responsible for numerous ransomware attacks. The group has primarily targeted businesses and healthcare organizations, with notable instances including a disruptive attack on Ann & Robert H. Lurie Children's Hospital of |
Lapsus | Unspecified | 1 | Lapsus is a significant threat actor that has been active since its inception in early 2022. The group gained notoriety for its cyberattacks, including a high-profile breach of Nvidia, an American multinational technology company, in the same year. This attack led to the leak of thousands of passwor |
ID | Type | Votes | Profile Description |
---|---|---|---|
Lockbit Medusa Vice Society | Unspecified | 1 | None |
Source | CreatedAt | Title |
---|---|---|
CERT-EU | 6 months ago | Hstoday Joint Advisory by FBI, CISA, Treasury, and FinCEN Sheds Light on Karakurt Data Extortion Group’s Evolving Tactics | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
CERT-EU | 6 months ago | Follow-On Extortion Campaign Targeting Victims of Akira and Royal Ransomware | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
CERT-EU | 6 months ago | Hackers Impersonate as Security Researcher Aid Ransom Victims | #ransomware | #cybercrime | National Cyber Security Consulting |
CERT-EU | 7 months ago | Ransomware victims targeted in follow-on extortion attacks |
CERT-EU | a year ago | Threat Spotlight: Triple Extortion Ransomware |
CERT-EU | a year ago | Ransomware increases 64% in second quarter of 2023 |
CERT-EU | a year ago | Critical infrastructure organizations the target of more than half of ransomware attacks |
BankInfoSecurity | 7 months ago | Ransomware Groups' Latest Tactic: Weaponized Marketing |
CERT-EU | 7 months ago | How ransomware gangs are engaging -- and using -- the media | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
MITRE | 7 months ago | An In-Depth Look at Black Basta Ransomware |
CERT-EU | a year ago | Encryption-less ransomware: Warning issued over emerging attack method for threat actors - TechCentral.ie |
CERT-EU | a year ago | Data theft extortion rises, while healthcare is still most-targeted vertical in Talos IR engagements |
CERT-EU | 10 months ago | Mass exploitation attempts against WS_FTP have begun |
CERT-EU | 10 months ago | Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders |
CERT-EU | 10 months ago | Microsoft: Human-operated ransomware attacks tripled over past year |
CERT-EU | a year ago | Zscaler uncovers increasing complexity and sophistication of ransomware | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
CERT-EU | a year ago | Ransomware research reveals 12 vulnerabilities newly associated with ransomware in Q1 2023 |
CERT-EU | a year ago | BianLian Ransomware: The Dangerous Shift Toward Pure Data Extortion |
CERT-EU | a year ago | 2023 Ransomware Attacks: First-Quarter Highlights |
SecurityIntelligence.com | a year ago | The Trickbot/Conti Crypters: Where Are They Now? |