3C-INT logo [Cyber]Crime Characterization for Intelligence FREE PREVIEW
You are exploring the Free preview. To unlock full read-only access to all public profiles and in-app notifications, create a free research account. For analyst / premium plans capabilities (editing, advanced tabs, exports), please contact us

Threat Actor Characterization

Back
You’re viewing the read-only version. Sign in for analyst tools (editors, promote draft, file/relations management, etc.)
Volatile Cedar

Volatile Cedar

ID: 77ed43b67a33989e513b731aa8fc88b548528
Cybercrime State-Sponsored
Threat types: Intrusion, Malware, Espionage
Lebanon UNKNOWN
Updated: 2026-01-13
Created: 2025-10-20
Progress: 35% Completeness: 28% Freshness: 50%
Operation zone: UNKNOWN
Aliases Limited alias preview
No aliases registered.
Actor Network Graph
Open Network Graph
Read-only preview for anonymous visitors. Sign in with a free Research account for full workspace.
MITRE ATT&CK®
confidence: medium
Actor Techniques page ATT&CK® Diagram

Volatile Cedar is a Lebanese threat group that has targeted individuals, companies, and institutions worldwide. Volatile Cedar has been operating since 2012 and is motivated by political and ideological interests. Ref: https://attack.mitre.org/groups/G0123/


Technique Technique name Tactics Evidence
T1505.003 Web Shell TA0003
  • Server Software Component: Web Shell - Volatile Cedar can inject web shell code into a server. · ref
T1595.002 Vulnerability Scanning TA0043
  • Active Scanning: Vulnerability Scanning - Volatile Cedar has performed vulnerability scans of the target server. · ref
T1595.003 Wordlist Scanning TA0043
  • Active Scanning: Wordlist Scanning - Volatile Cedar has used DirBuster and GoBuster to brute force web directories and DNS subdomains. · ref
Strategic Intelligence
Limited preview
No content.
Full strategic intelligence is available in Analyst and Premium plans.
Executive Analyst Brief for CISO
Empty Limited preview
No content yet.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Executive brief now
Saved successfully.
Hunting Playbook
Empty Limited preview
No content yet.
Tip: Hover the section title to learn what’s included in Analyst / Premium plans.
Hunting Playbook now
Saved successfully.
IOC Appendix
Empty Limited preview
No content yet.
IOC Appendix now
Saved successfully.
OSINT Library
Empty Limited preview
No content yet.
OSINT Library now
Saved successfully.
Social Medial & Communication
SOCMINT integrated: 0/0
No social links registered for this profile.
Notes: preview mode hides sensitive social/contact details.
Reference Images/Associated Evidence Limited
No images found for this threat.