Alias Description | Votes |
---|---|
Andariel is a possible alias for Onyx Sleet. Andariel, a threat actor controlled by North Korea's military intelligence agency, the Reconnaissance General Bureau, has been actively conducting cyber espionage and ransomware operations. The group funds its activities through ransomware attacks primarily targeting U.S. healthcare entities. In som | 6 |
Diamond Sleet is a possible alias for Onyx Sleet. Diamond Sleet, a threat actor linked to North Korea, has been identified as a significant cybersecurity concern. This group, also known as Selective Pisces, has targeted various sectors including media, defense, and IT organizations. The advanced persistent threat (APT) group is known for its supply | 4 |
Plutonium is a possible alias for Onyx Sleet. Plutonium, also known as Jumpy Pisces and Andariel, is a notable threat actor historically involved in cyberespionage, financial crime, and ransomware attacks. Recent reports indicate that this group has been breaching the IT systems of Sellafield, a site that holds the world's largest stockpile of | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Lazarus Group Threat Actor is associated with Onyx Sleet. The Lazarus Group, a notorious threat actor attributed to North Korea, is renowned for its malicious activities aimed at furthering the country's objectives. This group has been implicated in several high-profile cyber-attacks, including an attack in Spain known as Operation DreamJob. The exploitati | Unspecified | 3 |
The ZINC Threat Actor is associated with Onyx Sleet. Zinc, also known as Diamond Sleet, is a North Korea-based threat actor group that has been active since 2009. This group is notorious for its cyber-attacks aimed at collecting political, military, and economic intelligence on North Korea's foreign adversaries, and executing currency generation campa | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2023-42793 Vulnerability is associated with Onyx Sleet. CVE-2023-42793 is a critical security vulnerability identified in JetBrains TeamCity build management and continuous integration server. This flaw, characterized by an authentication bypass, was exploited by multiple threat actors throughout 2023 and into 2024. The first notable exploitation occurre | has used | 5 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Unit42 | 2 months ago | ||
DARKReading | 3 months ago | ||
Unit42 | 3 months ago | ||
DARKReading | 5 months ago | ||
CISA | 5 months ago | ||
DARKReading | 7 months ago | ||
CERT-EU | 10 months ago | ||
DARKReading | a year ago | ||
BankInfoSecurity | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
BankInfoSecurity | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago |