Cosmic Lynx

Cosmic Lynx has been associated with more than 200 BEC campaigns targeting senior-level executives in 46 countries since July 2019. The group are different from […]

Read More

UNC2452

UNC2452 compromised one of the modules in the SolarWinds Orion IT monitoring and management system.

Read More

SUPERNOVA

The SUPERNOVA webshell is an anonymous code C# webshell written in .NET C# that is specifically written for usage on SolarWinds Orion servers.  It is […]

Read More

Sunburst (Backdoor)

Sunburst is a SolarWinds digitally-signed component of the Orion software framework that contains a backdoor that communicates via HTTP to third party servers. Sunburst has been […]

Read More

Charming Kittens

Charming Kitten is an Iranian cyber espionage group that has been active since approximately 2014. They appear to focus on targeting individuals of interest to Iran […]

Read More

Behzad Mesri

Mesri is a known associate of the Charming Kittens group, and a known member of the Blackhat Security Group located within Iran. In November 2017, […]

Read More