Alias Description | Votes |
---|---|
Vice Society is a possible alias for Rhysida. Vice Society, a threat actor or hacking team with malicious intent, has been active since 2022 and has made significant waves in the cybersecurity world. The group is known for deploying various forms of ransomware, including BlackCat, Quantum Locker, Zeppelin, and their own branded variant of Zeppe | 7 |
Alias Description | Association Type | Votes |
---|---|---|
The Rhysida Ransomware Malware is associated with Rhysida. The Rhysida ransomware group, a malicious software entity, has been actively launching cyberattacks since May 2023. Their modus operandi involves infiltrating systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, they exploit and damage the system, st | Unspecified | 11 |
The Lockbit Malware is associated with Rhysida. LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It typically enters through suspicious downloads, emails, or websites without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or hold data hostage for | Unspecified | 4 |
The Systembc Malware is associated with Rhysida. SystemBC is a type of malware that has been heavily utilized in various cyber attacks, including those involving the BlackBasta ransomware group in 2023. The Play ransomware actors have also been known to use SystemBC alongside other command and control (C2) applications such as Cobalt Strike and to | Unspecified | 2 |
The 3am Malware is associated with Rhysida. 3AM is a new ransomware family that emerged in the cyber threat landscape, as discovered by Symantec's Threat Hunter Team in September 2023. This malicious software, written in Rust, is designed to exploit and damage computer systems, often infiltrating them without the user's knowledge through susp | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Alphv Threat Actor is associated with Rhysida. AlphV, also known as BlackCat, is a notorious threat actor that has been active since November 2021. This group pioneered the public leaks business model and has been associated with various ransomware families, including Akira, LockBit, Play, and Basta. AlphV gained significant attention for its la | Unspecified | 5 |
The Medusa Threat Actor is associated with Rhysida. Medusa, a prominent threat actor in the cybersecurity landscape, has been increasingly active with its ransomware attacks. The group made headlines in November 2023 when it leveraged a zero-day exploit for the Citrix Bleed vulnerability (CVE-2023-4966), leading to numerous compromises alongside othe | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Zerologon Vulnerability is associated with Rhysida. Zerologon, officially known as CVE-2020-1472, is a critical vulnerability within Microsoft's Netlogon Remote Protocol. This flaw allows attackers to bypass authentication mechanisms and alter computer passwords within a domain controller's Active Directory, enabling them to escalate privileges to do | Unspecified | 2 |
The CVE-2020-1472 Vulnerability is associated with Rhysida. CVE-2020-1472, also known as the "ZeroLogon" vulnerability, is a critical-severity flaw in Microsoft's Netlogon Remote Protocol. This vulnerability, which was patched on August 11, 2020, allows attackers to escalate privileges and gain administrative access to a Windows domain controller without any | Exploited | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
BankInfoSecurity | 6 days ago | ||
Checkpoint | 11 days ago | ||
BankInfoSecurity | a month ago | ||
Securityaffairs | a month ago | ||
DARKReading | a month ago | ||
Securityaffairs | a month ago | ||
BankInfoSecurity | 2 months ago | ||
DARKReading | 2 months ago | ||
Malwarebytes | 2 months ago | ||
InfoSecurity-magazine | 2 months ago | ||
Securityaffairs | 3 months ago | ||
CERT-EU | 10 months ago | ||
Securityaffairs | 3 months ago | ||
BankInfoSecurity | 4 months ago | ||
BankInfoSecurity | 4 months ago | ||
DARKReading | 4 months ago | ||
Securelist | 6 months ago | ||
Malwarebytes | 7 months ago | ||
Malwarebytes | 7 months ago | ||
BankInfoSecurity | 7 months ago |