UNC215 is a threat actor attributed to CN. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does UNC215 exploit?

Specific CVE exploitation data for UNC215 is being tracked. Check the Strobes VI threat actor profile for updates.

UNC215

Exploited CVEs

Overview

UNC215 is a Chinese nation-state threat actor that has been active since at least 2014. They have targeted organizations in various sectors, including government, technology, telecommunications, defense, finance, entertainment, and healthcare. UNC215 has been observed using tools such as Mimikatz, FOCUSFJORD, and HYPERBRO for initial access and post-compromise activities. They have demonstrated a focus on evading detection and have employed tactics such as using trusted third parties, minimizing forensic evidence, and incorporating false flags. UNC215's targets are located globally, with a particular focus on the Middle East, Europe, Asia, and North America.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database

Quick Actions