| ID | Votes | Profile Description |
|---|---|---|
| Medusa Ransomware | 6 | Medusa ransomware is a malicious software designed to infiltrate systems, steal personal information, disrupt operations, and hold data hostage for ransom. It often enters systems through suspicious downloads, emails, or websites unbeknownst to the user. Once inside, it leaves a ransom note, demandi |
| Operation Medusa | 4 | Operation Medusa was a concerted campaign led by the United States Department of Justice and the FBI to disrupt the activities of Turla's Snake malware. Snake, a signature malware used by the Russia-sponsored Turla advanced persistent threat (APT), had been compromising computers on a large scale. T |
| MedusaLocker | 2 | MedusaLocker, first observed in September 2019, is a potent ransomware variant that primarily targets Windows machines through spam. This malware should not be confused with Medusa, a Ransomware-as-a-Service (RaaS) platform active since late 2022. MedusaLocker has been utilized by various ransomware |
| Stealc | 1 | Stealc is a malicious software (malware) that specifically targets browser extensions and authenticators by password managers, growing in popularity on the dark web since its discovery in early 2023. It has been associated with significant cyber-attacks, such as the $7 million heist on the Solana bl |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Lockbit | Unspecified | 6 | LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It can enter your system through various channels such as suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt |
| Akira | Unspecified | 4 | Akira is a malicious software, or malware, specifically a type of ransomware known for its disruptive and damaging effects. First surfacing in late 2023, it has continued to wreak havoc on various entities, including corporations and industries. This ransomware infects systems through suspicious dow |
| Snake Malware | Unspecified | 4 | The infamous Snake malware, a complex and destructive tool utilized by Pensive Ursa, became the target of a significant cybersecurity operation in May 2023. Detailed in a CISA report, the Snake malware was known to infiltrate systems via suspicious downloads, emails, or websites, often unbeknownst t |
| Locker Ransomware | Unspecified | 4 | Locker ransomware, a type of malware, poses significant risks to computer systems and data. Unlike crypto-ransomware which encrypts user data, locker ransomware locks users out of their devices entirely, demanding a ransom payment to restore access without any data encryption. This threat has evolve |
| Royal Ransomware | Unspecified | 2 | Royal Ransomware is a type of malware that has been causing significant disruptions in various sectors, particularly in the United States. Originating from the now-defunct Conti ransomware operation, Royal Ransomware was notorious for its multi-threaded encryption and ability to kill processes withi |
| Mirai | Unspecified | 2 | Mirai is a type of malware that primarily targets Internet of Things (IoT) devices to form botnets, which are networks of private computers infected with malicious software and controlled as a group without the owners' knowledge. In early 2022, Mirai botnets accounted for over 7 million detections g |
| Clop | Unspecified | 2 | Clop is a notorious malware, short for malicious software, known for its disruptive and damaging effects on computer systems. It primarily infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, Clop can steal personal information, disrupt o |
| Aukill | Unspecified | 2 | AuKill is a malicious software (malware) developed by the notorious cybercrime group FIN7, also known as Carbanak, Carbon Spider, Cobalt Group, and Navigator Group. This malware has been in development since April 2022 and is specifically designed to undermine endpoint security, targeting the protec |
| Milan | Unspecified | 1 | Milan is a malicious software, or malware, that was notably deployed by the cyber group OilRig in 2021. The group updated its DanBot backdoor and began deploying multiple backdoors including Shark, Milan, and Marlin. These backdoors were mentioned in the T3 2021 issue of the ESET Threat Report. Simi |
| Risepro | Unspecified | 1 | RisePro is a type of malware, specifically an info-stealer, designed to infiltrate and damage computer systems. It operates by exploiting vulnerabilities in a device, often through suspicious downloads, emails, or websites, typically without the user's knowledge. Once inside, RisePro can disrupt ope |
| Turla’s Snake | Unspecified | 1 | None |
| svhost.exe | Unspecified | 1 | Svhost.exe is a type of malware, specifically designed to exploit and damage computer systems. It infiltrates your system through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it unzips its contents, dropping another PowerShell loader script "core.ps1," an en |
| Redline | Unspecified | 1 | RedLine is a malware designed to exploit and damage computer systems by stealing personal information, disrupting operations, or even holding data hostage for ransom. It has been identified as a favorite infostealer among threat actors selling logs through the marketplace 2easy, which also sells Rac |
| Lumma | Unspecified | 1 | Lumma is a prominent malware, particularly known as an information stealer. It is delivered through various means, including suspicious downloads, emails, and websites. In one instance observed by Palo Alto Networks’ Unit 42, Lumma was sent over Latrodectus C2 in an infection chain. In another campa |
| Lummac2 | Unspecified | 1 | LummaC2 is a relatively new information-stealing malware, first discovered in 2022. The malicious software has been under active development, with researchers identifying LummaC2 4.0 as a dynamic malware strain in November 2023. It's been used by threat actors for initial access or data theft, often |
| Blackbasta | Unspecified | 1 | BlackBasta is a malicious software (malware) known for its disruptive and damaging effects on computer systems. It infiltrates systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even ho |
| Xenomorph | Unspecified | 1 | Xenomorph, a notorious malware known for its damaging capabilities, has resurfaced after several months of inactivity. Malware, short for malicious software, is designed to exploit and damage computer systems or devices. It can infiltrate systems through dubious downloads, emails, or websites, often |
| Rhysida Ransomware | Unspecified | 1 | Rhysida ransomware is a type of malicious software that has been causing significant disruptions worldwide. The malware, which infiltrates systems via suspicious downloads, emails, or websites, is designed to exploit and damage computers or devices. Once inside, it can steal personal information, di |
| Lumma Stealer | Unspecified | 1 | Lumma Stealer is a malicious software (malware) that infiltrates systems primarily to steal personal information, disrupt operations, and exploit vulnerabilities. According to the ESET Threat Report H2 2023, Lumma Stealer gained significant traction in the second half of 2023, with its capabilities |
| Xmrig | Unspecified | 1 | XMRig is a type of malware that is particularly harmful to computer systems and devices. It infiltrates the system through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal information, disrupt operations, or even hold your data hostage for |
| Black Basta | Unspecified | 1 | Black Basta is a notorious malware entity known for its devastating ransomware attacks. First emerging in June 2022, the group has since been associated with a series of high-profile cyber-attacks worldwide. This malware, like others, infiltrates systems through suspicious downloads, emails, or webs |
| NoEscape | Unspecified | 1 | NoEscape is a malicious software that emerged as a rebrand of 'Avaddon,' known for its successful multi-extortion tactics. In October 2023, the French basketball team ASVEL fell victim to a data breach orchestrated by the NoEscape ransomware gang. This incident was part of a broader trend in the las |
| Lucky | Unspecified | 1 | "Lucky" is a malicious software (malware) that has been compromising systems, causing significant disruptions and potential data loss. This malware infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, it can steal personal inform |
| Rorschach | Unspecified | 1 | Rorschach, also known as BabLock, is a malware variant that has been recognized for its speed and sophistication. It is a form of ransomware that encrypts files on infected systems at an unprecedented rate, with Check Point researchers noting it as one of the fastest ransomware variants ever observe |
| Bablock | Unspecified | 1 | BabLock, also known as Rorschach, is a type of malware that operates as ransomware. First identified by Check Point Research in April 2023, this harmful software infiltrates computer systems and devices, often without the user's knowledge, with the aim to exploit, damage, and potentially hold data h |
| Mirai Botnet | Unspecified | 1 | The Mirai botnet is a type of malware, malicious software designed to exploit and harm computer systems. It spreads by exploiting vulnerabilities in different systems, most notably through Ivanti Connect Secure bugs and the JAWS Webserver. Once inside a system, it can steal personal information, dis |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Turla | Unspecified | 5 | Turla, also known as Pensive Ursa, is a sophisticated threat actor linked to Russia that has been active for many years. The group is known for its advanced cyber-espionage capabilities and has been associated with numerous high-profile breaches. According to the MITRE ATT&CK and MITRE Ingenuity dat |
| Snake | Unspecified | 5 | Snake, also known as EKANS, is a significant threat actor that has been active since at least 2004, with its activities potentially dating back to the late 1990s. This group, which may have ties to Iran, targets diplomatic and government organizations as well as private businesses across various reg |
| Alphv | Unspecified | 4 | AlphV, also known as BlackCat, is a notable threat actor in the cybersecurity landscape. This group has been involved in numerous high-profile attacks, including stealing 5TB of data from Morrison Community Hospital and compromising Clarion, a global manufacturer of audio and video equipment for car |
| Rhysida | Unspecified | 2 | Rhysida, a threat actor known for executing malicious cyber activities, has been responsible for numerous ransomware attacks. The group has primarily targeted businesses and healthcare organizations, with notable instances including a disruptive attack on Ann & Robert H. Lurie Children's Hospital of |
| Ransomhub | Unspecified | 1 | RansomHub, a threat actor known for executing actions with malicious intent, has recently been linked to several high-profile cyber-attacks. The group is recognized for its ransomware attacks, which have resulted in significant data breaches at multiple companies. Christie, a prominent organization, |
| Vice Society | Unspecified | 1 | Vice Society, a threat actor group known for its malicious activities, has been linked to a series of ransomware attacks targeting various sectors, most notably education and healthcare. Throughout 2022 and the first half of 2023, Vice Society, along with Royal Ransomware, were actively executing mu |
| Bianlian | Unspecified | 1 | BianLian is a threat actor that has been increasingly active in cybercrimes. The group is known for its malicious activities, including the execution of actions with harmful intent. In a series of recent events, BianLian has exploited vulnerabilities in JetBrains TeamCity, a continuous integration a |
| Blackbyte | Unspecified | 1 | BlackByte, a threat actor known for its malicious activities, has been on the radar of cybersecurity agencies since its emergence in July 2021. Notorious for targeting critical infrastructure, BlackByte attracted the attention of the Federal Bureau of Investigation (FBI) and the US Secret Service (U |
| Turla Group | Unspecified | 1 | The Turla group, also known as Pensive Ursa, Krypton, Secret Blizzard, Venomous Bear, or Uroburos, is a notable threat actor that has been linked to the Russian Federal Security Service (FSB). With a history dating back to 2004, this group operates in painstaking stages, first conducting reconnaissa |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Citrix Bleed | has used | 2 | Citrix Bleed, identified as CVE-2023-4966, is a severe software vulnerability in Citrix Netscaler Gateway and Netscaler ADC products, with a high CVSS score of 9.4 indicating its critical nature. This flaw allows for sensitive information disclosure, bypassing password requirements and multifactor a |
| CVE-2023-4966 | Unspecified | 2 | CVE-2023-4966, also known as "Citrix Bleed," is a critical zero-day vulnerability affecting Citrix Netscaler Gateway and Netscaler ADC products. This sensitive information disclosure vulnerability enables threat actors to bypass multifactor authentication using stolen session tokens, making it parti |
| Medusa’s Ransomware | Unspecified | 1 | None |
| CVE-2023-50258 | Unspecified | 1 | None |
| Society/rhysida | Unspecified | 1 | None |
| Source | CreatedAt | Title |
|---|---|---|
| InfoSecurity-magazine | 24 days ago | Ransomware Attack Demands Reach a Staggering $5.2m in 2024 |
| InfoSecurity-magazine | a month ago | New Medusa Trojan Variant Emerges with Enhanced Stealth Features |
| BankInfoSecurity | a month ago | Chinese Hackers Used Open-Source Rootkits for Espionage |
| Securityaffairs | 2 months ago | Cybercriminals are targeting elections in India with influence campaigns |
| Checkpoint | 3 months ago | 29th April – Threat Intelligence Report - Check Point Research |
| DARKReading | 3 months ago | New Research Suggests Africa Is Being Used As a 'Testing Ground' for Nation State Cyber Warfare |
| CERT-EU | 4 months ago | GRIT Ransomware Report: February 2024 | #ransomware | #cybercrime | National Cyber Security Consulting |
| CERT-EU | 4 months ago | LatAm firms ramping up cybersecurity investments as they come into criminals' crosshairs | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
| CERT-EU | 4 months ago | Cybercrime on Main Street – Sophos News | #cybercrime | #infosec | National Cyber Security Consulting |
| CERT-EU | 4 months ago | Cybercrime on Main Street – Sophos News | #cybercrime | #computerhacker - Am I Hacker Proof |
| CERT-EU | 5 months ago | Medusa ransomware claims attack on US Federal Credit Union | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
| CERT-EU | 8 months ago | Ransomware attacks up 81% year-on-year in October | #ransomware | #cybercrime | National Cyber Security Consulting |
| BankInfoSecurity | 5 months ago | Breach Roundup: More Fallout From the LockBit Takedown |
| CERT-EU | 5 months ago | January sees three-year high in ransomware attacks across the globe | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
| Unit42 | 6 months ago | Ransomware Retrospective 2024: Unit 42 Leak Site Analysis |
| Securityaffairs | 6 months ago | Medusa ransomware attack hit Kansas City Area Transportation Authority |
| Malwarebytes | 6 months ago | 2024 State of Ransomware in Education: 92% spike in K-12 attacks | Malwarebytes |
| CERT-EU | 6 months ago | Medusa group steps up ransomware activities | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting |
| CERT-EU | 6 months ago | Korenix JetNet Series Unauthenticated Access - CXSecurity.com |
| CERT-EU | 6 months ago | Water for People Hit by Medusa Ransomware: $300,000 Ransom | #ransomware | #cybercrime | National Cyber Security Consulting |