Threat Actor Encyclopedia
Stay ahead of adversaries with the context you need to anticipate, respond to, and neutralize threats. Powered by FortiGuard Labs, our Threat Actor Encyclopedia provides actionable insights, helping security teams prepare and streamline advanced threat hunting and response.
MoleRATs
MoleRATs is a threat actor aligned with interests in the Middle East, specifically the occupied areas of...
Muddy Water
MuddyWater is a government-sponsored advanced persistent threat (APT) actor. Since 2018, it has been...
Fox Kitten
Fox Kitten is a suspected threat actor operating out of Iran. Fox Kitten has been observed targeting the...
Sweet Specter
Sweet Specter is a group with alleged ties to The People's Republic of China. In October of 2024, a report...
APT41
APT41 (also known as BARIUM, BRASS TYPHOON, WICKED PANDA) is attributed to The People's Republic of China....
Volt Typhoon
Volt Typhoon, also known as Vanguard Panda, BRONZE SILHOUETTE, Dev-0391, UNC3236, Voltzite, and Insidious...
CyberAv3ngers
The CyberAv3ngers is an arm of the Iranian government's Islamic Revolutionary Guard Corps (IRGC). The...
Flax Typhoon
Flax Typhoon is one of the most active APT groups, carrying out information theft and espionage activities...
Salt Typhoon
Salt Typhoon is believed to be a threat actor connected to The People's Republic of China and has been in...
Rhadamanthys
Rhadamanthys is a commodity infostealer that steals a variety of data from cryptowallets, email/FTP...
Redline Stealer
RedLine Stealer is commodity malware. It is available for sale via underground forums and various chat...
Royal Ransomware
Royal is a ransomware group that has been around since at least the beginning of 2022. The group has been...