Cookie Settings

This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.

Cyware x Team Cymru: Accelerated Threat Defense.

Learn More

Skip to main content

UNC 2247

UNC2247 Cyber Threat Intelligence Tracker

UNC2247 Cyber Threat Intelligence Tracker - Featured Image

Published on Aug 13, 2022

On May 24, 2022, Cisco became aware of a potential compromise, executed via compromised credentials of an employee, after an attacker gained control of a personal Google account through phishing. The victim’s credentials were saved in the browser from where the attacker stole them. The attacker conducted a series of sophisticated voice phishing attacks under the guise of various trusted organizations attempting to convince the victim to accept multi-factor authentication (MFA) push notifications initiated by the attacker. The attacker ultimately succeeded in achieving an MFA push acceptance, granting them access to the VPN of the targeted user.

The attack was attributed to UNC2247, also known as Yanluowang Ransomware Group, a financially motivated threat actor who has been previously seen conducting ransomware attacks and leveraging a technique called double extortion where data is extracted prior to data encryption.

Cyware has created a GitHub repository with actionable threat intelligence on the threat actor and the attack collected from across the internet. The repository has been created to provide a single window, and centralized access to security teams to threat intelligence on UNC 2247.

Click here to visit Cyware's UNC 2247 cyber threat intelligence tracker.

Related Blogs

No related blogs found, but here are some other blogs you might like:

Cyware Team Cymru Integration

Operationalized Threat Intelligence for Accelerated Defense with Cyware and Team Cymru

Security teams strive to outpace threats, but their efforts are often hindered by fragmented data, time-intensive manual processes, and a lack of actionable insights. These obstacles can delay critical responses and leave organizations vulnerable to sophisticated attacks. By integrating Team Cymru’s intelligence feeds into Cyware’s Threat Intelligence Exchange, security teams can overcome these challenges with an operationalized approach to threat intelligence. This seamless collaboration enables accelerated defense by providing unparalleled visibility, enriched context, and actionable insights, empowering teams to detect and mitigate threats with unmatched efficiency.

Team CymruIntel ExchangeCyware
Cybersecurity Abstract

Preparing for NIS2: Embracing a Cultural Shift Towards Collaborative Cybersecurity

Discover how the NIS2 Directive is driving a cultural shift towards collaborative cybersecurity across the EU. Learn how organizations can streamline threat intelligence sharing, enhance risk management, and ensure compliance with NIS2 using Cyware Collaborate.

NIS2ComplianceThreat IntelligenceCyware Collaborate
Cyware Team Cymru Integration

Cyware Joins Forces with Team Cymru to Accelerate Threat Intel Operationalization

In an era of increasingly pervasive and sophisticated cyber threats, organizations find themselves in a constant race against time to protect their critical assets. Traditional methods of managing threat intelligence often fall short, leaving teams overwhelmed by data but starved for actionable insights. To streamline these operational challenges, Cyware is proud to announce its integration with Team Cymru’s industry-leading threat intelligence feeds—a pivotal collaboration designed to transform how threat intelligence is consumed, correlated, and operationalized.

Team CymruIntel ExchangeCyware
Trends for 2025

Looking Ahead: Cyware’s Vision for 2025 and Beyond

Cyware CEO Anuj Goel shares a forward look at Cyware, the cybersecurity space, and how we can empower organizations with the tools and intelligence they need to predict, prevent, and respond to cyber threats with confidence.

Threat IntelligenceAICollective Defense
Abstract Analytics

What are the Latest Trends in Threat Intelligence Analytics?

From AI and machine learning innovations to proactive threat hunting and collaborative intelligence sharing, learn how what trends are shaping modern threat intelligence analytics. Explore actionable insights and cutting-edge tools like knowledge graphs and LLMs to fortify your defenses.

Threat IntelligenceSecurity Analytics
Healthcare Banner

From Data to Action: Enhancing Health Industry Cybersecurity Practices with Threat Sharing

Sophisticated, usable threat intelligence is an absolute must for the healthcare industry, but old methods of obtaining threat intel are dated, siloed, and ineffective. Learn how Cyware is improving TI management for healthcare entities.

HealthcareThreat IntelligenceThreat Intelligence SharingCyber Fusion
Cyware Healthcare Threat Intelligence Platform

Elevating Healthcare Security: Precision Threat Intelligence for Informed Decision-Making

Discover Cyware’s Healthcare Threat Intelligence Platform, designed to empower healthcare organizations with tailored threat intelligence, real-time dashboards, and automated workflows. Protect patient data, secure medical devices, and stay ahead of evolving cyber threats with a platform built for healthcare’s unique needs.

Healthcare TIPIntel ExchangeHealthcare SectorThreat Intelligence Platform
Cybersecurity impacts everyone across the globe

The Ultimate Guide to DORA Compliance

Learn how to achieve DORA compliance with actionable steps, a readiness checklist, and insights into ICT risk management, incident reporting, resilience testing, and third-party risk management.

DORACybersecurity ComplianceThreat Intelligence
Security practitioner working at his work station

Mining the Gaps for Emerging Threats: Proactive Vulnerability Management with Cyware and VulnCheck

Learn how Cyware and VulnCheck help organizations tackle the growing speed of vulnerability weaponization. Discover tools, strategies, and automation to prioritize high-risk threats and stay ahead of attackers. Watch the webinar on-demand

Vulnerability ManagementThreat IntelligenceThreat Intelligence ManagementThreat Intelligence Platform
Purple Arrows of Light

ROI of Cyber Fusion: Quantifying the Value of Threat Intelligence and Orchestration

Learn how to enhance cybersecurity with Cyber Fusion, streamlined threat intelligence, and orchestration. Break down siloes, improve SOC efficiency, and achieve cost-effective, proactive threat management.

Cyber FusionThreat IntelligenceSecurity OrchestrationCybersecurity ROI
Cyware Survey Highlights How Untapped Threat Intelligence Weakens Cybersecurity - Featured Image

Cyware Survey Highlights How Untapped Threat Intelligence Weakens Cybersecurity

It's no secret that collaboration and information sharing are key to a proactive security posture. An overwhelming 91% of survey respondents emphasized their importance, yet many organizations still find themselves struggling to effectively share threat intelligence. Seventy percent of respondents admitted their organizations could do better in this area, with 19% feeling they could share a lot more.

ISACSecurity CollaborationCyber Fusion CenterThreat Intelligence Sharing
Collective Defense in Cybersecurity: How Regulations Shape Your Supply Chain Strategy - Featured Image

Collective Defense in Cybersecurity: How Regulations Shape Your Supply Chain Strategy

In today's interconnected global economy, supply chain security has become a critical concern for businesses and governments alike. Supply chains are often larg

GDPRSupply Chain SecurityPCI DSS 4.0DORA