Threat_Actor_Profiles

The LockBit ransomware group has emerged as a formidable cyber threat, targeting large corporations and disrupting global operations. This blog post delves into the recent activities of LockBit, highlighting their…

In this blog post, we delve into a comprehensive analysis of a recent article published by Mandiant, a part of Google Cloud, titled “The GRU’s Disruptive Playbook”. The article, authored…

In the ever-evolving landscape of cybersecurity in 2023, the activities of state-sponsored Advanced Persistent Threat (APT) groups have become a significant area of focus. Among these, the Chinese APT group…

A new emerging threat, Abyss Locker ransomware has been making headlines for its targeted attacks on VMware’s ESXi virtualised environments. IOCs however seem sadly lacking. The Abyss Locker Ransomware Launched…

In a recent blog post by Arctic Wolf titled “Conti and Akira: Chained Together”, the authors delve into the connections between the Conti and Akira ransomware groups. The article provides…

In the ever-evolving landscape of cyber threats, a new actor has emerged on the scene: Storm-0978. This group, with its financial and espionage motives, has been conducting a series of…

Introduction Zimbra Collaboration Suite (ZCS) is an open-source email collaboration suite widely used by a variety of organizations, including government agencies, universities, and companies. It has been the target of…

APT37, also known as Reaper, Group123, Ricochet Chollima, StarCruft, and Scarcruft, is a cyber espionage group that

Introduction APT36, also known as Earth Karkaddan, is a cyber-espionage group that has been active since at least 2016. The group is believed to be based in Pakistan and has…

APT35, also known as Phosphorus, Charming Kitten, and Ajax Security Team, is an Iranian threat actor that has been active since at least 2014. The group has targeted organisations across…