Everest Group Alleged to have hit Kaefer
On 8 May 2025 at approximately 05:49 BST, the Everest Ransomware Group purportedly claimed responsibility for a cyber‐intrusion against Kaefer, one of the world’s leading industrial insulation and access specialists.
Stealth-State Actors: Silent Persistence, Slow Exfiltration, and Cloud-Based C2
An insights post exploring the stealthy methods of state-aligned threat actors, including Silent Ransom (Silk Typhoon), and how defenders can detect slow exfiltration and cloud-based command and control in enterprise environments.
DragonForce Threat Actor Profile
DragonForce is a cyber threat group that has rapidly evolved from hacktivist beginnings into a prolific ransomware operation. Active since mid-2023, it initially engaged in ideologically driven attacks but later shifted focus to financially motivated extortion.
APT41
A detailed threat profile of APT41, a China-based state-sponsored group known for blending cyber espionage with financially motivated attacks, targeting healthcare, telecoms, finance, and critical infrastructure globally.
APT28 (Fancy Bear)
A threat profile of APT28 (Fancy Bear), a Russian military intelligence-backed threat actor known for cyber espionage, disinformation, and targeted attacks on NATO, the UK, and global political infrastructure.
APT29 (Cozy Bear)
A threat profile of APT29 (Cozy Bear), a Russian state-sponsored cyber espionage group targeting Western governments, defence, and critical infrastructure with persistent, stealthy campaigns.
APT10 – Threat Actor Profile
A threat profile of APT10, a Chinese state-sponsored cyber espionage group known for global targeting of managed service providers, defence contractors, and research institutions through advanced supply chain compromise and credential theft.
Mustang Panda – Threat Actor Profile
A threat profile of Mustang Panda, a China-based cyber espionage group known for targeting government entities, NGOs, and think tanks across Europe and Asia using custom malware and socially engineered lures.
Ghostwriter / UNC1151
A threat profile of Ghostwriter (UNC1151), a Belarus-aligned cyber influence operation and espionage actor targeting NATO states through credential theft, disinformation, and psychological operations.
Gallium
A threat profile of Gallium, a China-based cyber espionage group known for targeting telecommunications, government, and critical infrastructure across Asia, Europe, and the Middle East.
