| ID | Votes | Profile Description |
|---|---|---|
| Slippy Spider | 1 | None |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Lockbit | Unspecified | 3 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
| Babuk | Unspecified | 1 | Babuk is a type of malware, specifically ransomware, which is designed to infiltrate systems and hold data hostage for ransom. It can be delivered through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside a system, Babuk can disrupt operations and steal perso |
| Lv Ransomware | Unspecified | 1 | LV Ransomware is a type of malicious software designed to exploit and damage computer systems, often infiltrating systems through suspicious downloads, emails, or websites. This ransomware variant, also known as ".0nzo8yk Virus," was first identified in the wild in June 2020 and is a modified versio |
| Cuba Ransomware | Unspecified | 1 | The Cuba ransomware is a malicious software that first appeared on cybersecurity radars in late 2020 under the name "Tropical Scorpius." It is designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without the user's knowledge. Once insi |
| Hive | Unspecified | 1 | Hive is a malicious software, or malware, that infiltrates systems to exploit and damage them. This malware has been associated with Volt Typhoon, who exfiltrated NTDS.dit and SYSTEM registry hive to crack passwords offline. The Hive operation was primarily involved in port scanning, credential thef |
| Karakurt | Unspecified | 1 | Karakurt is a notorious malware and data extortion group, previously affiliated with ITG23, known for its sophisticated tactics, techniques, and procedures (TTPs). The group's operations involve stealing sensitive data from compromised systems and demanding ransoms ranging from $25,000 to a staggeri |
| Clop | Unspecified | 1 | Clop is a notorious malware, short for malicious software, known for its disruptive and damaging effects on computer systems. It primarily infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Clop can steal personal information, disrupt o |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| APT28 | Unspecified | 2 | APT28, also known as Fancy Bear, is a threat actor linked to Russia and has been involved in numerous cyber espionage campaigns. The group is notorious for its sophisticated tactics, techniques, and procedures (TTPs). Recently, NATO and the EU formally condemned APT28's activities, acknowledging the |
| FIN7 | Unspecified | 2 | FIN7, a notorious threat actor group known for its malicious activities, has recently been identified as targeting a large U.S. carmaker with phishing attacks. This group, which has previously operated behind fake cybersecurity companies such as Combi Security and Bastion Secure to recruit security |
| DEV-0537 | Unspecified | 1 | None |
| Lazarus Group | Unspecified | 1 | The Lazarus Group, a notorious threat actor believed to be linked to North Korea, has been attributed with a series of significant cyber-attacks over the past few years. The group's malicious activities include the exploitation of digital infrastructure, stealing cryptocurrency, and executing large- |
| Bianlian | Unspecified | 1 | BianLian is a threat actor that has been increasingly active in cybercrimes. The group is known for its malicious activities, including the execution of actions with harmful intent. In a series of recent events, BianLian has exploited vulnerabilities in JetBrains TeamCity, a continuous integration a |
| Kimsuky | Unspecified | 1 | Kimsuky is a North Korea-linked advanced persistent threat (APT) group that conducts global cyber-attacks to gather intelligence for the North Korean government. The group has been identified as a significant threat actor, executing actions with malicious intent, and has recently targeted victims vi |
| Silent Librarian | Unspecified | 1 | Silent Librarian, also known as Cobalt Dickens and TA407, is a persistent threat actor operating out of Iran. Despite indictments and public disclosures of its campaigns, the group continues to engage in malicious activities, with no signs of cessation as of this publication. This cyber-espionage na |
| Scatter Swine | Unspecified | 1 | Scatter Swine, also known by multiple names such as 0ktapus, Scattered Spider, UNC3944, and Muddled Libra, is a threat actor group that has been active since early 2022. The group first came to light in August 2022 when they executed smishing attacks against over 100 organizations, including Twilio |
| Oktapus | Unspecified | 1 | Oktapus, a threat actor also known as Scattered Spider, Scatter Swine, and Muddled Libra, has been identified as a significant cybersecurity risk due to its sophisticated phishing campaigns. The group first gained notoriety in 2022 when it launched the Oktapus phishing campaign, targeting employees |
| UNC3944 | Unspecified | 1 | UNC3944, also known as Scattered Spider and 0ktapus, is a financially motivated threat actor that has been active since 2021. Initially targeting telecommunication firms and tech companies, the group has expanded its range to include hospitality, retail, media, and financial services sectors. The gr |
| Alphv | Unspecified | 1 | AlphV, also known as BlackCat, is a notable threat actor in the cybersecurity landscape. This group has been involved in numerous high-profile attacks, including stealing 5TB of data from Morrison Community Hospital and compromising Clarion, a global manufacturer of audio and video equipment for car |
| The Com | Unspecified | 1 | "The Com" is a threat actor or cybercriminal community that has been involved in numerous high-profile cyberattacks, including recent attacks on Las Vegas resorts that severely impacted several prominent hotels and casinos. The community is largely composed of young hackers who are inducted into a l |
| Rhysida | Unspecified | 1 | Rhysida, a threat actor known for executing malicious cyber activities, has been responsible for numerous ransomware attacks. The group has primarily targeted businesses and healthcare organizations, with notable instances including a disruptive attack on Ann & Robert H. Lurie Children's Hospital of |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Log4Shell | Unspecified | 1 | Log4Shell is a software vulnerability, specifically a flaw in the design or implementation of the popular Java logging library, Log4j. Identified as CVE-2021-44228, this vulnerability allows an attacker to remotely execute arbitrary code, often leading to full system compromise. Advanced Persistent |
| Oktapus Scattered Spider | Unspecified | 1 | None |
| Source | CreatedAt | Title |
|---|---|---|
| CERT-EU | 7 months ago | The DHS Cyber Safety Review Board's Inaugural Reports |
| CERT-EU | 7 months ago | GTA 6 Hacker: Life in Secure Hospital for Cybercrime Intent |
| CERT-EU | 10 months ago | FBI LEEP Data Sale Sparks Concerns Over National Security |
| CISA | a year ago | #StopRansomware: Cuba Ransomware | CISA |
| CERT-EU | a year ago | Businesses and passwords are a security marriage needing help |
| CrowdStrike | a year ago | Cloud Security Incident Response Guidance | CrowdStrike |
| CERT-EU | a year ago | Transatlantic Cable podcast, episode 314 |
| CISA | a year ago | #StopRansomware: Cuba Ransomware | CISA |
| Recorded Future | a year ago | Xiaoqiying/Genesis Day Threat Actor Group Targets South Korea, Taiwan | Recorded Future |
| CERT-EU | a year ago | Law enforcement crackdowns and new techniques are forcing cybercriminals to pivot |