Threat Actor Profile: Scattered Spider
Scattered Spider, also known by other names like Octo Tempest, 0ktapus, and UNC3944, has emerged as a significant threat in the cybersecurity landscape. This ransomware gang is known for its…
Profiles of criminal groups, nation-state operators and emerging clusters: motivations, targeting, tradecraft and ATT&CK mappings.
62 reports
Scattered Spider, also known by other names like Octo Tempest, 0ktapus, and UNC3944, has emerged as a significant threat in the cybersecurity landscape. This ransomware gang is known for its…
The LockBit ransomware group has emerged as a formidable cyber threat, targeting large corporations and disrupting global operations. This blog post delves into the recent activities of LockBit,…
In this blog post, we delve into a comprehensive analysis of a recent article published by Mandiant, a part of Google Cloud, titled "The GRU's Disruptive Playbook" . The article, authored by Dan…
In the ever-evolving landscape of cybersecurity in 2023, the activities of state-sponsored Advanced Persistent Threat (APT) groups have become a significant area of focus. Among these, the Chinese…
A new emerging threat, Abyss Locker ransomware has been making headlines for its targeted attacks on VMware's ESXi virtualised environments. IOCs however seem sadly lacking.
In a recent blog post by Arctic Wolf titled "Conti and Akira: Chained Together" , the authors delve into the connections between the Conti and Akira ransomware groups. The article provides a…
In the ever-evolving landscape of cyber threats, a new actor has emerged on the scene: Storm-0978. This group, with its financial and espionage motives, has been conducting a series of…
Zimbra Collaboration Suite (ZCS) is an open-source email collaboration suite widely used by a variety of organizations, including government agencies, universities, and companies. It has been the…
APT37, also known as Reaper, Group123, Ricochet Chollima, StarCruft, and Scarcruft, is a cyber espionage group that [..]
APT36, also known as Earth Karkaddan, is a cyber-espionage group that has been active since at least 2016. The group is believed to be based in Pakistan and has been linked to the Pakistani…
APT35, also known as Phosphorus, Charming Kitten, and Ajax Security Team, is an Iranian threat actor that has been active since at least 2014. The group has targeted organisations across multiple…
The cybersecurity landscape is a complex and ever-evolving space, with Advanced Persistent Threat (APT) actors and ransomware attackers continuously developing their skills and learning from their…