Alias Description | Votes |
---|---|
Qilin is a possible alias for Ransomhub. Qilin is a prominent threat actor known for its malicious cyber activities, including the deployment of ransomware. In recent events, it has been observed that Qilin has partnered with the Octo Tempest group, adding RansomHub and Qilin ransomware to its arsenal. This strategic partnership presents a | 2 |
Octo Tempest is a possible alias for Ransomhub. Octo Tempest, also known as Scattered Spider, is a prominent threat actor in the cybersecurity landscape. This group has rapidly gained notoriety in the ransomware domain by incorporating RansomHub and Qilin ransomware into its arsenal, significantly enhancing its ability to compromise systems and n | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Lockbit Malware is associated with Ransomhub. LockBit is a notorious malware that has been involved in several high-profile ransomware incidents, including attacks on Boeing, London Drugs, Ontario hospitals, and Accenture. The malicious software infiltrates systems through suspicious downloads, emails, or websites, often unbeknownst to the user | Unspecified | 6 |
Alias Description | Association Type | Votes |
---|---|---|
The Alphv Threat Actor is associated with Ransomhub. AlphV, also known as BlackCat, is a notable threat actor that has been operational since November 2021. This group has pioneered the public leaks business model in the realm of ransomware attacks and has been associated with significant cybercrimes. It is particularly infamous for its attack on Morr | Unspecified | 9 |
The Scattered Spider Threat Actor is associated with Ransomhub. Scattered Spider is a financially motivated threat actor known for its sophisticated techniques and broad range of targets, including all major cloud service providers. This group seeks to maintain persistence on targeted networks, often using phishing to obtain login credentials and gain access. It | Unspecified | 3 |
The Medusa Threat Actor is associated with Ransomhub. Medusa, a prominent threat actor in the cybersecurity landscape, has been increasingly active with its ransomware attacks. The group made headlines in November 2023 when it leveraged a zero-day exploit for the Citrix Bleed vulnerability (CVE-2023-4966), leading to numerous compromises alongside othe | Unspecified | 3 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2020-1472 Vulnerability is associated with Ransomhub. CVE-2020-1472, also known as the Zerologon vulnerability, is a critical-severity flaw in Microsoft's Netlogon Remote Protocol. The vulnerability allows attackers to gain administrative access to a Windows domain controller without any authentication, effectively giving them control over a network. T | Unspecified | 2 |
The Zerologon Vulnerability is associated with Ransomhub. Zerologon (CVE-2020-1472) is a critical elevation of privilege vulnerability within Microsoft’s Netlogon Remote Protocol. This flaw in software design or implementation allows attackers to bypass authentication mechanisms and alter computer passwords within a domain controller's Active Directory, th | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
InfoSecurity-magazine | 9 hours ago | ||
BankInfoSecurity | 7 days ago | ||
Securityaffairs | 8 days ago | ||
Trend Micro | 18 days ago | ||
Checkpoint | 22 days ago | ||
Securityaffairs | 24 days ago | ||
ESET | 25 days ago | ||
DARKReading | a month ago | ||
BankInfoSecurity | a month ago | ||
DARKReading | a month ago | ||
BankInfoSecurity | a month ago | ||
ESET | a month ago | ||
Recorded Future | a month ago | ||
Securityaffairs | a month ago | ||
Checkpoint | a month ago | ||
BankInfoSecurity | a month ago | ||
Malwarebytes | a month ago | ||
BankInfoSecurity | a month ago | ||
InfoSecurity-magazine | a month ago | ||
Securityaffairs | a month ago |