ID | Votes | Profile Description |
---|---|---|
Wana Decrypt0r | 2 | Wana Decrypt0r, also known as WCry, WannaCry, WanaCrypt, and Wana Decryptor, is a threat actor responsible for a widespread ransomware campaign that severely impacted systems worldwide in May 2017. This malicious entity utilizes a variety of tactics to execute its intentions, including embedding an |
Wannacryptor | 2 | WannaCryptor, also known as WannaCry or Wanna Decryptor, is a threat actor that has been active since at least 2009. This group, which is aligned with North Korea, has been responsible for several high-profile cyber incidents. Notable among these are the Sony Pictures Entertainment hack in 2014, cyb |
Wcry | 2 | WCry, also known as WannaCry or WanaCryptor, is a self-propagating ransomware that was one of the most disruptive cyber attacks in history. This malware was a product of a North Korean cyber operation aimed at financial gain. The ransomware spreads through internal networks and over the public inter |
ID | Type | Votes | Profile Description |
---|---|---|---|
NotPetya | Unspecified | 8 | NotPetya is a notorious malware that emerged in 2017, widely attributed to the Russian hacking group APT28, also known as Sandworm. This malicious software was primarily an act of cyberwar against Ukraine, delivered through updates to MeDoc accounting software, a technique known as a supply chain at |
Ryuk | Unspecified | 4 | Ryuk is a type of malware known as ransomware, which has been utilized by the threat group ITG23 for several years. This group has been notorious for crypting their malware, with crypters seen in use with other malware such as Trickbot, Emotet, Cobalt Strike, and Ryuk. In 2019, most ransomware inves |
Stuxnet | Unspecified | 3 | Stuxnet, discovered in 2010, is one of the most notorious malware attacks in history, primarily targeting Windows systems, programming logic controllers (PLCs), and supervisory controls and data acquisition (SCADA) systems. The military-grade cyberweapon was co-developed by the United States and Isr |
petya | Unspecified | 3 | Petya is a type of malware, specifically ransomware, that infected Windows-based systems primarily through phishing emails. It was notorious for its ability to disrupt operations and hold data hostage for ransom. Petya, along with other types of ransomware like WannaCry, NotPetya, TeslaCrypt, and Da |
Lockbit | Unspecified | 2 | LockBit is a malicious software, or malware, that has been notably active and damaging in the cyber world. Known for its ability to infiltrate systems often without detection, it can steal personal information, disrupt operations, and even hold data hostage for ransom. In the first half of 2024, Loc |
Yashma Ransomware | Unspecified | 2 | Yashma ransomware is a malicious software that was first observed in May 2022 as a rebranded version of the Chaos ransomware builder V5, which leaked in April 2022. It infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold da |
Phobos | Unspecified | 2 | Phobos is a type of malware, specifically ransomware, that infiltrates computer systems with the intent to disrupt operations, steal personal information, or hold data hostage for ransom. The malicious software can infect devices through suspicious downloads, emails, or websites, often without the u |
Conficker | Unspecified | 2 | Conficker, also known as Kido, Downadup, and Downup, is a malicious software (malware) that emerged in November 2008. This worm rapidly spread across computer networks, exfiltrating sensitive information such as login credentials and personal data. It exploited the MS08-067 vulnerability to initiall |
LockerGoga | Unspecified | 2 | LockerGoga is a type of malware, specifically ransomware, known for its disruptive capabilities. It was notably deployed at Norsk Hydro in March 2019, causing significant operational disruption. LockerGoga differentiates itself from other types of ransomware such as EKANS due to its destructive natu |
TRITON | Unspecified | 2 | Triton is a sophisticated malware that has been historically used to target the energy sector. It was notably used in 2017 by the Russian Central Scientific Research Institute of Chemistry and Mechanics (TsNIIkhM) to attack a Middle East petrochemical facility. The malware, also known as Trisis and |
REvil | Unspecified | 2 | REvil is a type of malware, specifically ransomware, that has been linked to significant cyber attacks. It emerged as part of the Ransomware as a Service (RaaS) model that gained popularity in 2020. This model established relationships between first-stage malware and subsequent ransomware attacks, s |
Mirai | Unspecified | 2 | Mirai is a type of malware that has been notably used to create botnets, networks of infected devices controlled by an attacker. In early 2022, Mirai botnets accounted for over 7 million detections, although there was a subsequent 9% quarter-on-quarter drop in detections in Hong Kong. The malware is |
ID | Type | Votes | Profile Description |
---|---|---|---|
Lazarus Group | Unspecified | 4 | The Lazarus Group, also known as APT38, is a notorious threat actor believed to be backed by the North Korean regime. This group has been associated with several high-profile cyber attacks and thefts, including the infamous $600 million Ronin sidechain exploit in 2022. Known for their sophisticated |
Shadow Brokers | Unspecified | 2 | The Shadow Brokers, a threat actor group, made headlines in the cybersecurity world for their leaks of sophisticated cyber tools believed to be developed by the Equation Group, an Advanced Persistent Threat (APT) group associated with the NSA's Tailored Access Operations unit. The most notable among |
HIDDEN COBRA | Unspecified | 2 | Hidden Cobra, also known as Lazarus Group, TEMP.Hermit, and several other names, is a threat actor attributed to the North Korean government by the U.S. Government. The group has been involved in various malicious cyber activities, including cyberespionage, ransomware attacks, and destructive operat |
Labyrinth Chollima | Unspecified | 2 | Labyrinth Chollima, a threat actor linked to North Korea, has been active since 2009 and is known for conducting operations aimed at collecting political, military, and economic intelligence on North Korea’s foreign adversaries, as well as currency generation campaigns. This group, also known by var |
Wanacryptor | Unspecified | 2 | None |
ID | Type | Votes | Profile Description |
---|---|---|---|
Eternalblue | Exploited | 8 | EternalBlue is a significant software vulnerability that exists in the design or implementation of certain systems. This flaw has been exploited by various cyber threats, with one notable instance being its use as an enabler for the widespread WannaCry ransomware attack. The exploit allows attackers |
Ms17-010 | Unspecified | 4 | MS17-010, also known as EternalBlue, EternalSynergy, or EternalRomance, is a significant remote code execution vulnerability in Microsoft's Server Message Block 1.0 (SMBv1) protocol. This flaw in software design and implementation was exploited by various malware strains, most notably the WannaCry r |
CVE-2017-0144 | Unspecified | 3 | None |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Unit42 | a day ago | Threat Assessment: North Korean Threat Groups | |
DARKReading | 12 days ago | Cyber Insurance: A Few Security Technologies, a Big Difference in Premiums | |
DARKReading | 20 days ago | Why End of Life for Applications Is the Beginning of Life for Hackers | |
Securityaffairs | a month ago | SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6 | |
Securityaffairs | a month ago | security-affairs-malware-newsletter-round-5 | |
CERT-EU | 7 months ago | Cyber Insurance Coverage Is Complex For Industrial Companies | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 3 | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 3 | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 2 | |
Securityaffairs | 2 months ago | Security Affairs Malware Newsletter - Round 1 | |
InfoSecurity-magazine | 2 months ago | New RUSI Report Exposes Psychological Toll of Ransomware, Urges Action | |
Securityaffairs | 2 months ago | Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION | |
InfoSecurity-magazine | 3 months ago | London Ransomware Attack Led to 1500 Cancelled Ops and Appointments | |
Securityaffairs | 3 months ago | Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Quick Heal Technologies Ltd. | 3 months ago | Doubt Your Vulnerability to Ransomware Attacks? Know How Quick Heal’s Protection Will Save You! | |
RIA - Information System Authority | 3 months ago | Head of RIA: last year was proof that securing the digital lifestyle requires investing in the security of information systems | |
InfoSecurity-magazine | 3 months ago | New North Korean Hacking Group Identified by Microsoft | |
Securityaffairs | 4 months ago | Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION | |
Quick Heal Technologies Ltd. | 4 months ago | Unlocking Unbeatable Cybersecurity: Your Essential Guide to the Ultimate Antivirus Solution! |