APT40 is a China-aligned advanced persistent threat (APT) group known for long-term cyber espionage campaigns targeting maritime, defense, academic, and government organizations, particularly across the Indo-Pacific region.
APT40 is a China-aligned advanced persistent threat (APT) group known for long-term cyber espionage campaigns targeting maritime, defense, academic, and government organizations, particularly across the Indo-Pacific region.
RomCom, also known as Void Rabisu or Storm-0978, is a Russia-aligned advanced persistent threat active since 2022. The group is known for combining espionage-driven operations with opportunistic financial activity, leveraging zero-day exploits, sophisticated phishing infrastructure, and stealthy malware to target NATO-aligned governments and defense sectors.
Cactus is a financially motivated ransomware group leveraging VPN vulnerabilities, encrypted tunneling, and double extortion tactics to target enterprises across the US, UK, and Europe.
A deep-dive into Operation ForumTroll, a high-risk Russia-aligned threat actor conducting espionage, phishing, and influence operations across Eastern Europe.
PlushDaemon is a stealthy, China-aligned advanced persistent threat (APT) group focused on long-term cyber espionage. Active since the early 2010s, the group primarily targets government, defense, research, and technology organizations across Asia using low-noise persistence techniques and modular malware frameworks.
The Smishing Triad is a high-risk, financially motivated cybercrime syndicate operating smishing-as-a-service campaigns since 2022. By impersonating postal, banking, and public service brands, the group targets consumers globally using SMS lures, OTP theft, and mobile malware.
Silent Chollima (APT45), also known as Onyx Sleet, is a North Korea–linked threat actor operating at the intersection of cyber espionage and financially motivated attacks. Active since 2013, the group targets healthcare, defense, critical infrastructure, and cryptocurrency organizations using credential theft, ransomware, and stealthy cloud-based persistence techniques.
OldGremlin is a high-risk, Russian-speaking threat group operating since 2020 that blends APT-level stealth, long-term reconnaissance, and double-extortion ransomware. Its precision-driven campaigns pose significant risk to global enterprises across multiple sectors.
OilRig, also known as APT34 or Helix Kitten, is one of Iran’s most persistent cyber espionage groups. Active since 2014, the group targets energy, defense, and government organizations using spearphishing, cloud credential abuse, and long-term access operations across the Middle East and Europe.
Callisto is a long-running Russia-linked APT group specializing in cyber espionage against NATO, EU, and government organizations. This analysis explores its identity, tactics, cloud-focused operations, and strategic impact.