Intrusion sets
APT groups and intrusion sets — goals, aliases, sectors, and related campaigns.
-
Confidence 100 53 CVEs 100 MITREs 25 Malwares 100 IOCs 2 Tools
[APT38](https://attack.mitre.org/groups/G0082) is a North Korean state-sponsored threat group that specializes in financial cyber operations; it has been attributed to the Reconnaissance General Bureau.(Citation: CISA AA20-239A BeagleBoyz August 2020)…
-
Confidence 100 1 CVE 123 MITREs 47 Malwares 100 IOCs 14 Tools
[APT29](https://attack.mitre.org/groups/G0016) is threat group that has been attributed to Russia's Foreign Intelligence Service (SVR).(Citation: White House Imposing Costs RU Gov April 2021)(Citation: UK Gov Malign RIS Activity April…
-
Confidence 100 3 CVEs 113 MITREs 3 Malwares 71 IOCs 16 Tools 2 Campaigns
[Volt Typhoon](https://attack.mitre.org/groups/G1017) is a People's Republic of China (PRC) state-sponsored actor that has been active since at least 2021 primarily targeting critical infrastructure organizations in the US and…
-
Confidence 100 2 CVEs 132 MITREs 40 Malwares 100 IOCs 12 Tools
[Turla](https://attack.mitre.org/groups/G0010) is a cyber espionage threat group that has been attributed to Russia's Federal Security Service (FSB). They have compromised victims in over 50 countries since at least…
-
Confidence 100 4 CVEs 144 MITREs 59 Malwares 100 IOCs 3 Tools
[Kimsuky](https://attack.mitre.org/groups/G0094) is a North Korea-based cyber espionage group that has been active since at least 2012. The group initially targeted South Korean government agencies, think tanks, and subject-matter…
-
Confidence 100 42 MITREs 12 Malwares 4 IOCs 5 Tools
[TA505](https://attack.mitre.org/groups/G0092) is a cyber criminal group that has been active since at least 2014. [TA505](https://attack.mitre.org/groups/G0092) is known for frequently changing malware, driving global trends in criminal malware distribution,…
-
APT-C-36 Blind EagleConfidence 100 1 CVE 79 MITREs 10 Malwares 95 IOCs 5 Tools
[APT-C-36](https://attack.mitre.org/groups/G0099) is a suspected South America espionage group that has been active since at least 2018. The group mainly targets Colombian government institutions as well as important corporations…
-
Confidence 100 43 MITREs 7 Malwares 75 IOCs 2 Tools
[WIRTE](https://attack.mitre.org/groups/G0090) is a threat group that has been active since at least August 2018. [WIRTE](https://attack.mitre.org/groups/G0090) has targeted government, diplomatic, financial, military, legal, and technology organizations in the Middle…
-
Confidence 100 76 MITREs 11 Malwares 101 IOCs 11 Tools
[Wizard Spider](https://attack.mitre.org/groups/G0102) is a Russia-based financially motivated threat group originally known for the creation and deployment of [TrickBot](https://attack.mitre.org/software/S0266) since at least 2016. [Wizard Spider](https://attack.mitre.org/groups/G0102) possesses a diverse arsenal…
-
Confidence 100 30 MITREs 2 Malwares 8 IOCs
No description available
-
Confidence 100 1 Malware 1 IOC
-
Confidence 100 5 CVEs 19 MITREs 7 Malwares 63 IOCs