2,004 indexed
ACTORSThreat actors
2004 threat-actor records from MISP-Galaxy v341. Filter by attributed country, or for country / sector / MITRE-Group facets see /explore/actors. Authored by Adam Lundqvist.
Showing 51–59 of 59 in IR · page 2 of 2
| ID | Title | Summary |
|---|---|---|
| TA453 | TA453 IR | TA453 is a Iranian-attributed threat actor catalogued by MISP-Galaxy (MISP-Galaxy v341). Original record: TA453 has employed the use of compromised accounts, m… |
| TA455 | TA455 IR | TA455 is an Iranian APT group targeting the aerospace industry through a campaign known as the “Iranian Dream Job Campaign,” utilizing deceptive job offers to … |
| TAG-56 | TAG-56 IR | TAG-56 is a threat actor group that shares similarities with the APT42 group. They use tactics such as fake registration pages and spearphishing to target vict… |
| Tortoiseshell | Tortoiseshell IR | A previously undocumented attack group is using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain … |
| TRACER KITTEN | TRACER KITTEN IR | In April 2020, Crowstrike Falcon OverWatch discovered Iran-based adversary TRACER KITTEN conducting malicious interactive activity against multiple hosts at a … |
| UNC1549 | UNC1549 IR | UNC1549 is an Iranian threat actor linked to Tortoiseshell and potentially the IRGC. They have been active since at least June 2022, targeting entities worldwi… |
| UNC1860 | UNC1860 IR | UNC1860 is a persistent and opportunistic Iranian state-sponsored threat actor that is likely affiliated with Iran’s Ministry of Intelligence and Security (MOI… |
| UNC3890 | UNC3890 IR | A suspected Iranian threat activity cluster has been linked to attacks aimed at Israeli shipping, government, energy, and healthcare organizations, in a campai… |
| Void Manticore | Void Manticore IR | Void Manticore is an Iranian APT group affiliated with MOIS, known for conducting destructive wiping attacks and influence operations. They collaborate with Sc… |