Intruvent Technologies
Contact us

Threat Actor Intelligence

Know Your Adversary

Comprehensive profiles of ransomware groups, nation-state APTs, and cybercriminal operations. Each profile includes TTPs, MITRE ATT&CK mappings, detection rules, and actionable hunting procedures.

25+
Actor Profiles
150+
Detection Rules
100%
MITRE Mapped

Automate Threat Actor Detection

BRACE provides continuous monitoring for TTPs from all profiled threat actors.

Learn About BRACE
Critical Nation-State APT Active

UNC5221 / WARP PANDA

AKA: UNC5337 (merged), UTA0178

China-nexus state-sponsored espionage actor targeting edge devices and virtualization infrastructure. Known for BRICKSTORM backdoor, 393-day average dwell time, and 5+ zero-day exploits.

Origin: China (PRC) Targets: Government, IT/MSPs, Critical Infrastructure
🕐 Hunt: 4-6 hours 📅 December 2025
View Full Profile →
Critical Ransomware-as-a-Service Active

Qilin Ransomware

AKA: Agenda

#1 ransomware threat to US SLTT organizations. Known for GPO-based Chrome credential harvesting and BYOVD EDR evasion with dark.sys driver.

Origin: Russia (suspected) Targets: Healthcare, Manufacturing, Government
🕐 Hunt: 4-6 hours 📅 December 2024
View Full Profile →
Critical Financially Motivated Active

Scattered Spider

AKA: UNC3944, Octo Tempest, 0ktapus

Social engineering specialists targeting identity providers. Known for SIM swapping, MFA bombing, and help desk impersonation.

Origin: US/UK (primarily) Targets: Telecommunications, Technology, Gaming
🕐 Hunt: 4-6 hours 📅 December 2024
View Full Profile →
Critical Nation-State APT Active

APT44 / Sandworm

AKA: Sandworm Team, Voodoo Bear, IRIDIUM

Russian military intelligence unit responsible for NotPetya, Olympic Destroyer, and ongoing attacks against Ukraine and NATO allies.

Origin: Russia (GRU Unit 74455) Targets: Critical Infrastructure, Energy, Government
🕐 Hunt: 4-6 hours 📅 December 2024
View Full Profile →
Critical Nation-State APT Active

Volt Typhoon

AKA: VANGUARD PANDA, Bronze Silhouette

China-nexus actor pre-positioning in US critical infrastructure. Living-off-the-land techniques for long-term persistence.

Origin: China (PRC) Targets: US Critical Infrastructure
🕐 Hunt: 4-6 hours 📅 December 2024
View Full Profile →
High Hacktivism / Pro-Russian Active

Z-Pentest

AKA: ZPT

Pro-Russian hacktivist group targeting industrial control systems and critical infrastructure in NATO countries.

Origin: Russia Targets: ICS/OT, Critical Infrastructure
🕐 Hunt: 2-4 hours 📅 December 2024
View Full Profile →
High Ransomware-as-a-Service Active

SafePay Ransomware

Emerging RaaS operation with unique encryption and double extortion tactics. Growing victim count in Q4 2024.

Origin: Unknown Targets: SMB, Healthcare
🕐 Hunt: 2-4 hours 📅 December 2024
View Full Profile →

Also Explore

🔓

CVE Analysis

Vulnerability analysis with exploitation details and remediation guidance.

40+ Advisories →
🎯

Hunting Guides

Step-by-step detection playbooks for SOC teams.

50+ Guides →

Protect Against These Threat Actors

BRACE provides automated detection for all profiled threat actors, including Qilin, Scattered Spider, APT44, and more.

Get BRACE Talk to an Expert