Your trusted hub for learning, developing, and mastering the skills that shape tomorrow's digital defense.
Discover NowTA577 (Hive0118) is a financially motivated, Russian-speaking cybercrime group active since 2020, specializing in large-scale phishing, credential theft, and NTLM hash capture, with strong links to ransomware operations such as Black Basta.
RomCom, also known as Void Rabisu or Storm-0978, is a Russia-aligned advanced persistent threat active since 2022. The group is known for combining espionage-driven operations with opportunistic financial activity, leveraging zero-day exploits, sophisticated phishing infrastructure, and stealthy malware to target NATO-aligned governments and defense sectors.
RomCom, also known as Void Rabisu or Storm-0978, is a Russia-aligned advanced persistent threat active since 2022. The group is known for combining espionage-driven operations with opportunistic financial activity, leveraging zero-day exploits, sophisticated phishing infrastructure, and stealthy malware to target NATO-aligned governments and defense sectors.
APT40 is a China-aligned advanced persistent threat (APT) group known for long-term cyber espionage campaigns targeting maritime, defense, academic, and government organizations, particularly across the Indo-Pacific region.
RomCom, also known as Void Rabisu or Storm-0978, is a Russia-aligned advanced persistent threat active since 2022. The group is known for combining espionage-driven operations with opportunistic financial activity, leveraging zero-day exploits, sophisticated phishing infrastructure, and stealthy malware to target NATO-aligned governments and defense sectors.
Cactus is a financially motivated ransomware group leveraging VPN vulnerabilities, encrypted tunneling, and double extortion tactics to target enterprises across the US, UK, and Europe.
A deep-dive into Operation ForumTroll, a high-risk Russia-aligned threat actor conducting espionage, phishing, and influence operations across Eastern Europe.
PlushDaemon is a stealthy, China-aligned advanced persistent threat (APT) group focused on long-term cyber espionage. Active since the early 2010s, the group primarily targets government, defense, research, and technology organizations across Asia using low-noise persistence techniques and modular malware frameworks.
The Smishing Triad is a high-risk, financially motivated cybercrime syndicate operating smishing-as-a-service campaigns since 2022. By impersonating postal, banking, and public service brands, the group targets consumers globally using SMS lures, OTP theft, and mobile malware.
Silent Chollima (APT45), also known as Onyx Sleet, is a North Korea–linked threat actor operating at the intersection of cyber espionage and financially motivated attacks. Active since 2013, the group targets healthcare, defense, critical infrastructure, and cryptocurrency organizations using credential theft, ransomware, and stealthy cloud-based persistence techniques.
