MuddyWater (APT) – Threat Actor
MuddyWater is a cyber espionage group assessed to be a subordinate element within Iran's Ministry of Intelligence and Security (MOIS).
MuddyWater is a cyber espionage group assessed to be a subordinate element within Iran's Ministry of Intelligence and Security (MOIS).
Andariel is a North Korean state-sponsored threat group that has primarily focused its operations against South Korean government agencies.
ShadowSyndicate is an opportunistic, financially-motivated threat actor, active since July 2022, who was linked with various ransomware strains such as Quantum.
Magnet Goblin is a financially motivated threat actor who quickly leverages 1-day vulnerabilities, often in edge devices, after their disclosure.
The group drops an eponymous ransomware via phishing attacks and Cobalt Strike to breach targets’ networks and deploy their payloads.
The group drops an eponymous ransomware via phishing attacks and Cobalt Strike to breach targets’ networks and deploy their payloads.
Black Basta employs a double extortion scheme that involves exfiltrating confidential data before encryption to threaten victims with public release.
Bitfrost collects the victim's hostname, IP address, and process IDs, then uses RC4 encryption to secure it before transmission to the C2.
BIFROSE malware are backdoors that often arrive on systems either downloaded by users when visiting malicious sites or downloaded by other malware/spyware.
Winter Vivern is a cyberespionage group to have been active since at least 2020 and it targets governments in Europe and Central Asia.