Alias Description | Votes |
---|---|
Andariel is a possible alias for Onyx Sleet. Andariel, also known as Jumpy Pisces, is a threat actor group primarily associated with cyberespionage and ransomware activities. The group has been linked to North Korea's Reconnaissance General Bureau and other APT groups such as Kimsuky and Onyx Sleet. Andariel has been noted for its aggressive t | 6 |
Diamond Sleet is a possible alias for Onyx Sleet. Diamond Sleet, a threat actor linked to North Korea, has been identified as a significant cybersecurity concern. This group, also known as Selective Pisces, has targeted various sectors including media, defense, and IT organizations. The advanced persistent threat (APT) group is known for its supply | 4 |
Plutonium is a possible alias for Onyx Sleet. Plutonium, a threat actor with potentially global implications, has been involved in several critical incidents. The group's activities have been traced back to the 1960s when alleged Israeli scientists visited NUMEC, claiming to obtain plutonium-238 for non-nuclear projects. The lack of stringent r | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Lazarus Group Threat Actor is associated with Onyx Sleet. The Lazarus Group, also known as Hidden Cobra and Guardians of Peace, is a notorious threat actor attributed to North Korea. Their activities date back several years, with significant exploits including the "FASTCash" ATM cash-out scheme warned about by the US-CERT in October 2018. More recently, th | Unspecified | 3 |
The ZINC Threat Actor is associated with Onyx Sleet. Zinc, also known as Diamond Sleet, is a North Korea-based threat actor group that has been active since 2009. This group is notorious for its cyber-attacks aimed at collecting political, military, and economic intelligence on North Korea's foreign adversaries, and executing currency generation campa | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2023-42793 Vulnerability is associated with Onyx Sleet. CVE-2023-42793 is a critical security vulnerability identified in JetBrains TeamCity build management and continuous integration server. This flaw, characterized by an authentication bypass, was exploited by multiple threat actors throughout 2023 and into 2024. The first notable exploitation occurre | has used | 5 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | 25 days ago | ||
Unit42 | 2 months ago | ||
DARKReading | 3 months ago | ||
CISA | 3 months ago | ||
DARKReading | 5 months ago | ||
CERT-EU | 8 months ago | ||
DARKReading | 10 months ago | ||
BankInfoSecurity | 10 months ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
BankInfoSecurity | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago |