Software Engineering Institute (SEI) is a federally funded research and development center in Pittsburgh, Pennsylvania, United States. Founded in 1984, the institute is now sponsored by the United States Department of Defense and the Office of the Under Secretary of Defense for Research and Engineering, and administrated by Carnegie Mellon University. The activities of the institute cover cybersecurity, software assurance, software engineering and acquisition, and component capabilities critical to the United States Department of Defense.
Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim navigates the site, and transverses any additional security boundaries with the victim. As of 2020, it is the most common type of cybercrime, with the FBI's Internet Crime Complaint Center reporting more incidents of phishing than any other type of cybercrime.
Netcraft is an Internet services company based in London, England. The company provides cybercrime disruption services across a range of industries.
CERT Polska is Computer Emergency Response Team which operates within the structures of Naukowa i Akademicka Sieć Komputerowa – a research institute which conducts scientific activity, operates the national .pl domain registry and provides advanced IT network services. CERT Polska is the first Polish computer emergency response team. Active since 1996 in the environment of response teams, it became a recognised and experienced entity in the field of computer security. Since its launch, the core of the team's activity has been handling security incidents and cooperation with similar units worldwide. It also conducts extensive R&D into security topics.
Rock Phish refers to both a phishing toolkit/technique and the group behind it.
IID, previously Internet Identity, was a privately held Internet security company based in Tacoma. IID was acquired in an all-cash transaction by Infoblox on February 8, 2016. It primarily provides cyberthreat data, a platform to exchange cyberthreat data, and anti-phishing, malware and domain control security services to US federal government agencies, financial service firms, and e-commerce, social networking and Internet Service Provider(ISP) companies. Microsoft uses IID as a data feed for its anti-phishing software as well as a partner in their Domain Defense Program. Other customers include BECU, Monster.com and Yakima Valley Credit Union.
PhishTank is an anti-phishing site.
Website spoofing is the act of creating a website with the intention of misleading readers that the website has been created by a different person or organization.
DigiCert, Inc. is a digital security company headquartered in Lehi, Utah. DigiCert provides public key infrastructure (PKI) and validation required for issuing digital certificates or TLS/SSL certificates, acting as a certificate authority (CA) and trusted third party.
Avalanche was a criminal syndicate involved in phishing attacks, online bank fraud, and ransomware. The name also refers to the network of owned, rented, and compromised systems used to carry out that activity. Avalanche only infected computers running the Microsoft Windows operating system.
An insider threat is a perceived threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems.
Markus Jakobsson is a computer security researcher, entrepreneur and writer, whose work is focused on the issue of digital security.
The European Electronic Crime Task Force (EECTF) is an information sharing initiative, created in 2009 by an agreement between the United States Secret Service, the Italian Ministry of Internal Affairs and Poste Italiane. The EECTF's mission is "to support the analysis and the development of best practices against cybercrime in European countries, through the creation of a strategic alliance between public and private sectors, including Law Enforcement, the financial sector, academia, international institutions, and ICT security vendors".
Cyscon is an IT consultancy with its main headquarters in Düsseldorf, Germany, founded by Thorsten Kraft and Thomas Wolf. Cyson was a member of a group of companies in taking down the computer virus Conficker as part of the Confiker Working Group and is a founding member of Botfrei, the German anti-botnet advisory centre. Since 2013, Cyscon was a founder of the online security audit Check & Secure and is an official partner of the Bundesamt für Sicherheit in der Informationstechnik
Cozy Bear is a Russian advanced persistent threat hacker group believed to be associated with Russian foreign intelligence by United States intelligence agencies and those of allied countries. Dutch signals intelligence (AIVD) and American intelligence had been monitoring the group since 2014 and was able to link the hacker group to the Russian foreign intelligence agency (SVR) after compromising security cameras in their office. CrowdStrike and Estonian intelligence reported a tentative link to the Russian domestic/foreign intelligence agency (FSB). Various groups designate it CozyCar, CozyDuke, Dark Halo, The Dukes, Midnight Blizzard, NOBELIUM, Office Monkeys, StellarParticle, UNC2452 with a tentative connection to Russian hacker group YTTRIUM. Symantec reported that Cozy Bear had been compromising diplomatic organizations and national governments since at least 2010. Der Spiegel published documents in 2023 purporting to link Russian IT firm NTC Vulkan to Cozy Bear operations.
A threat actor, bad actor or malicious actor is either a person or a group of people that take part in an action that is intended to cause harm to the cyber realm including: computers, devices, systems, or networks. The term is typically used to describe individuals or groups that perform malicious acts against a person or an organization of any type or size. Threat actors engage in cyber related offenses to exploit open vulnerabilities and disrupt operations. Threat actors have different educational backgrounds, skills, and resources. The frequency and classification of cyber attacks changes rapidly. The background of threat actors helps dictate who they target, how they attack, and what information they seek. There are a number of threat actors including: cyber criminals, nation-state actors, ideologues, thrill seekers/trolls, insiders, and competitors. These threat actors all have distinct motivations, techniques, targets, and uses of stolen data. See Advanced persistent threats for a list of identified threat actors.
FraudWatch International Pty Ltd. is an internet security organization that was founded in 2003 by Trent Youl and mainly specializes in online fraud protection and anti-phishing activities. With Youl as its CEO, it is headquartered in Melbourne, Australia and has offices in London, Dubai, and San Francisco.
Ghostwriter, also known as UNC1151 and Storm-0257 by Microsoft, is a hacker group allegedly originating from Belarus. According to the cybersecurity firm Mandiant, the group has spread disinformation critical of NATO since at least 2016.
Fortra is an American cybersecurity company based in Eden Prairie, Minnesota. The company was founded as Help/38 in 1982, rebranded as HelpSystems in 1988, and became Fortra in 2022. Fortra is owned by private equity firms TA Associates, Harvest Partners, Charlesbank Capital Partners, and HGGC.
