Welcome to the Threat Intelligence Wiki
Introduction
Stay informed and proactive with our Threat Intelligence Wiki. This collaborative platform provides up-to-date information on threat actors, vulnerabilities, and cybersecurity trends to help you navigate the complex landscape of cyber threats.
Key Threat Intelligence Threads
Gain insights into the evolving field of cyber warfare and intelligence through our key threads, which are regularly updated with comprehensive analyses and the latest developments.
- Israel-Palestine 2023 Cyber Conflict Analysis: A thorough examination of the cyber incidents and strategies between Israel and Palestine.
Actor Profiles by Country
Israel
- Israel Defense Forces (IDF): Israel’s military cyber units are highly advanced, tasked with defending against cyber threats and carrying out offensive cyber operations to secure national interests.
Iran
- Moses Staff: Believed to be an Iranian state-sponsored group that carries out cyber-espionage and disruptive cyber operations against Israeli targets.
Lebanon
- Plaid Rain (Aqua Dev 1, Polonium): Suspected of being linked to Hezbollah, this group has been implicated in cyber attacks against Israeli entities, possibly reflecting Iran’s influence in cyber operations.
Malaysia
- DragonForce Malaysia: Notorious for their cyber-attacks against Israeli websites, often involving defacement and DDoS attacks that are politically motivated.
Pakistan
- Team Insane Pakistan: This group has been known to conduct DDoS attacks against entities they perceive as adversaries, including those in support of Israeli interests.
Palestinian Territories
- Hamas: The militant wing of Hamas has developed cyber capabilities and has been implicated in various cyber-attacks against Israeli targets.
- Cyber Av3ngers: A group linked to the Palestinian territories known for compromising systems and leaking data.
- AnonGhost: A hacktivist group associated with the Palestinian cause that has carried out cyber-attacks and data leaks against Israeli targets.
- Gaza Cybergang (Molerats, TA402, Gaza Hackers Team, Moonlight, Extreme Jackal, Aluminum Saratoga, JEA/Jerusalem Electronic Army): Engages in cyber espionage and intelligence collection, primarily targeting Israeli interests.
- YourAnon T13x: A collective targeting Israeli news outlets with cyber-attacks.
- Soldiers Of Solomon: Noted for data exfiltration and encryption attacks, indicative of a more sophisticated cyber capability.
- ./CsCrew: A group that disseminates DoS tools, contributing to cyber-attacks against Israeli infrastructure.
- Islamic Cyber Corps: Released manifestos to inspire Muslim hacktivists into cyber actions.
Russia
- Russian Auxiliaries: Groups such as KillNet and others that conduct cyber operations aligned with Russian geopolitical interests, often targeting Western entities.
Sudan
- Anonymous Sudan: Targets Western and specifically U.S. media outlets with DDoS attacks, possibly in protest against what they view as misrepresentation or misinformation.
Other Groups
- Cyb3r_Drag0nz_Team: Engages in website defacement, leaving politically motivated messages.
- X7root: Conducts defacement attacks, often with political statements or messages.
Tools and Malware Encyclopedia
An extensive catalog of the cyber tools and malware used by threat actors, providing insights into their operational methods.
- Redline Stealer: A tool designed for stealing sensitive data from compromised systems.
- PrivateLoader: A payload delivery system used to spread additional malware.
- BiBi-Linux Wiper: Malware targeting systems for file corruption and disruption.
- CVE-2023-29489 Exploit: Vulnerability in cPanel hosting platforms exploited by various cyber actors.
How to Contribute
Engage with the Community: Share your insights or feedback on threat intelligence groups by joining the discussion on our Discourse forum.
Access the Masterlist: Discover more resources in our full resource masterlist.
Learn About Contributions: Find out how you can contribute by visiting How to Contribute?
About This Wiki
The Threat Intelligence Wiki is a dynamic space for the community to collaborate and enhance collective cybersecurity knowledge. By contributing to this platform, we empower ourselves and others to build a safer digital world. Please share your suggestions below or directly contribute by editing the Wiki!
