Cyber Threat Intelligence
Threat Reports
Explore the latest cyber threat reports published by threat researchers and government agencies.
Onyx Sleet uses array of malware to gather intelligence for North Korea
Following an indictment by the US Department of Justice linked to the intrusion set Microsoft track as Onyx Sleet, this report includes details of ...
APT45: North Korea’s Digital Military Machine
This report from threat intelligence analysts at Google's Mandiant marks the graduation of this cyber actor to a fully designated APT - APT45. The ...
North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
This cybersecurity advisory from the U.S. Federal Bureau of Investigation (FBI) and its partners, highlights the cyber espionage activities of the ...
APT40 Advisory - PRC MSS tradecraft in action
This advisory, authored by the Australian Cyber Security Centre and multiple other international cybersecurity agencies, outlines the threat posed ...
Cyber Incidents
Explore cyber incidents which have been reported publicly.
2016 cyber attack against power transmission in Ukraine
2016-12-17
Operation ShadowHammer Supply Chain Incident
2019-01-31
2015 cyber attack against power distribution in Ukraine
2015-12-23
Summer 2023 Microsoft Exchange Online Intrusion
2023-05-15
Intrusion Sets
Understand the tactics, techniques and procedures (TTPs) of cyber adversaries operating in the wild.
Storm-0530
Storm-0530 is an intrusion set tracked by researchers at Microsoft Threat Intelligence. The group calls itself H0lyGh0st and conducts ransomware ...
Onyx Sleet
Onyx Sleet, formerly known as PLUTONIUM, is a North Korean nation-state threat actor that has been active since at least 2014. Its primary targets ...
H0lyGh0st
H0lyGh0st is a ransomware actor who has been observed deploying ransomware against targets in education, finance, manufacturing, entertainment and ...
APT45
APT45 is a group observed carrying out campaigns as early as 2009 and graduated to APT status by researchers at Google's Mandiant in July 2024. ...
Threat Actors
Understand the tactics, techniques and procedures (TTPs) of real-world cyber threat actors.
North Korean Reconnaissance General Bureau 3rd Bureau
North Korea's Reconnaissance General Bureau (RGB) 3rd Bureau is reported by the FBI and other international agencies as an entity based in ...
Hainan Xiandun Technology Development Company
According to the US Department of Justice, Hainan Xiandun Technology Development Co. Ltd (Hainan Xiandun) was established as a front company by ...
People’s Liberation Army (PLA) Unit 69010
According to analysis by Recorded Future, Unit 69010 is likely the Military Unit Cover Designator (MUCD) for a Technical Reconnaissance Bureau ...
Hainan State Security Department
According to the US Department of Justice, Hainan State Security Department (HSSD) is a provincial arm of China’s Ministry of State Security ...
Exploited Vulnerabilities
Explore vulnerabilities which have been exploited 'in the wild'.