| ID | Votes | Profile Description |
|---|---|---|
| Clop | 9 | Clop, also known as Cl0p, is a notorious ransomware group responsible for several high-profile cyberattacks. The group specializes in exploiting vulnerabilities in software and systems to gain unauthorized access, exfiltrate sensitive data, and then extort victims by threatening to release the stole |
| fin11 | 5 | FIN11, a threat actor group also known as Lace Tempest or TA505, has been linked to the development and deployment of Cl0p ransomware. This malicious software is believed to be a variant of another ransomware, CryptoMix, and is typically used by FIN11 to encrypt files on a victim's network after ste |
| CVE-2023-34362 | 4 | CVE-2023-34362 is a critical software vulnerability found in Progress Software's managed file transfer (MFT) solution, MOVEit Transfer. This flaw was an SQL injection vulnerability that allowed for escalated privileges and unauthorized access. The vulnerability became active on May 27, 2023, when it |
| Truebot | 3 | Truebot is a highly potent malware used by the threat actor group CL0P, which has been linked to various malicious activities aimed at exploiting and damaging computer systems. It can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once embedded, |
| cl0p | 3 | Cl0p is a threat actor group that has emerged as the most used ransomware in March 2023, dethroning LockBit. The group has successfully exploited zero-day vulnerabilities in the past, but such attacks are relatively rare. Recent research by Malwarebytes highlights the bias of ransomware gangs for at |
| Lace Tempest | 3 | Lace Tempest, a threat actor known for executing actions with malicious intent, has been identified as the orchestrator behind a series of cyber attacks exploiting a zero-day vulnerability in SysAid. The exploit was first brought to light by SysAid and further detailed in a blog post on TuxCare. Thi |
| Snakefly | 2 | Snakefly, also known as FIN11 and TA505, is a threat actor known for its malicious activities primarily aimed at organizations in North America and Europe. The group is financially motivated and has been active since at least early 2019. Snakefly is particularly associated with the deployment of Cl0 |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Get2 | Unspecified | 4 | Get2 is a type of malware, harmful software designed to infiltrate and damage computer systems or devices. It can be unknowingly downloaded through suspicious emails, downloads, or websites, enabling it to steal personal information, disrupt operations, or hold data hostage for ransom. Among the mos |
| FlawedGrace | Unspecified | 4 | FlawedGrace is a notorious malware, a remote access trojan (RAT), that has been used extensively in cyberattacks. It was first brought to light in June 2023 when The DFIR Report revealed its use in Truebot operations. In these operations, following the successful download of a malicious file, Truebo |
| Dridex | Unspecified | 4 | Dridex is a well-known malware, specifically a banking Trojan, that has been utilized by cybercriminals to exploit and damage computer systems. The malware infiltrates systems through dubious downloads, emails, or websites, often unbeknownst to the user, and can steal personal information, disrupt o |
| Lobshot | Unspecified | 3 | Lobshot is a stealthy remote access malware that has been used by cybercriminals, notably Russian threat actors, in various malicious campaigns. It was featured alongside other well-known malware samples like DarkGate infostealer, Ducktail, and Redline in deceptive campaigns where it was embedded in |
| truebot malware | Unspecified | 2 | Truebot malware is a malicious software that infiltrates computer systems, often without the user's knowledge, to exploit and damage the device. It was primarily delivered by cyber threat actors via malicious phishing email attachments, but newer versions observed in 2023 also gained initial access |
| Dewmode | Unspecified | 2 | DEWMODE is a malicious web shell malware, written in PHP, designed to interact with MySQL databases and specifically target Accellion FTA devices. It operates by infiltrating the compromised network and exfiltrating data. During 2020-2021, threat actor group TA505 exploited several zero-day vulnerab |
| Sdbot | Unspecified | 2 | SDBot is a malicious software, or malware, that has been leveraged by threat actors known as TA505 and CL0P to exploit vulnerabilities in computer systems. It is used as a backdoor to enable the execution of commands and functions in the compromised computer, often without the user's knowledge. The |
| Raspberry Robin | Unspecified | 2 | Raspberry Robin is a sophisticated piece of malware that uses a variety of tactics to infiltrate and exploit computer systems. It employs the CPUID instruction to conduct several checks, enabling it to assess the system's characteristics and vulnerabilities. Furthermore, Raspberry Robin has been obs |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| Evil Corp | Unspecified | 4 | Evil Corp, a threat actor group based in Russia, has been identified as a significant cybercrime entity responsible for the execution of malicious actions. The alleged leader of this group is Maksim Yakubets, who is notably associated with Dridex malware operations. The U.S. Treasury imposed sanctio |
| FIN7 | Unspecified | 2 | FIN7, a prominent threat actor in the cybercrime landscape, has been noted for its malicious activities and innovative tactics. Known for their relentless attacks on large corporations, FIN7 recently targeted a significant U.S. carmaker with phishing attacks, demonstrating their continued evolution |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| CVE-2023-27351 | Unspecified | 2 | None |
| CVE-2023-27350 | Unspecified | 2 | CVE-2023-27350 is a significant software vulnerability discovered in PaperCut NG/MF, a popular print management software. This flaw in software design or implementation allows attackers to bypass authentication and execute code with system privileges, posing a serious threat to both server and inter |
| Preview | Source Link | CreatedAt | Title |
|---|---|---|---|
| DARKReading | 7 months ago | Raspberry Robin Jumps on 1-Day Bugs to Nest Deep in Windows Networks | |
| Checkpoint | 7 months ago | Raspberry Robin Keeps Riding the Wave of Endless 1-Days - Check Point Research | |
| Checkpoint | 7 months ago | 12th February – Threat Intelligence Report - Check Point Research | |
| Unit42 | 7 months ago | Ransomware Retrospective 2024: Unit 42 Leak Site Analysis | |
| CERT-EU | 8 months ago | The Top 10 Ransomware Groups of 2023 | |
| InfoSecurity-magazine | 9 months ago | 2023 Cyber Threats: 26,000+ Vulnerabilities, 97 Beyond CISA List | |
| CERT-EU | 9 months ago | CyberTalk with Ray Canzanese | |
| CERT-EU | 10 months ago | Threat Spotlight: Data Extortion Ransomware: Key Trends in 2023 | |
| CERT-EU | 10 months ago | Cyber Security Week In Review: November 17, 2023 | |
| CERT-EU | 10 months ago | SysAid Zero-Day Vulnerability Exploited by Threat Actors | |
| CERT-EU | 10 months ago | Clop ransomware gang targets SysAid server bug | |
| CERT-EU | 10 months ago | CVE-2023-47246: SysAid Flaw Used in Clop Ransomware Attacks | |
| InfoSecurity-magazine | 10 months ago | MOVEit Gang Targets SysAid Customers With Zero-Day Attacks | |
| CERT-EU | a year ago | Netskope Threat Labs report says highest percentage of cybercrime activity originates in Russia | |
| CERT-EU | a year ago | Criminal groups focus on Australia and US | |
| CERT-EU | a year ago | TA505 Hacker's Sneaky RMS Tool Phishing Campaign Detected | |
| CERT-EU | a year ago | Clop at the top – but for how long? | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | |
| CERT-EU | a year ago | Clop at the top – but for how long? | |
| CERT-EU | a year ago | Cyber Security Week in Review: September 8, 2023 | |
| CERT-EU | a year ago | Illinois a victim of CL0P's MOVEit ransomware attack | #ransomware | #cybercrime | National Cyber Security Consulting |