taliban
The Taliban is an Islamist militant group and de facto governing authority in Afghanistan. The provided content describes the Taliban as having returned to power in Afghanistan and ruling the country for nearly five years. It states that the group shelters regional and international terrorist organizations, with credible international reports indicating that at least 25 terrorist organizations are active in Afghanistan under the Taliban’s umbrella. The content also describes the Taliban as imposing harsh conditions on the Afghan population, particularly targeting women, Hazaras, Shiites, Hindus, and Sikhs; enforcing hijab restrictions; carrying out arrests; and being linked in reporting to torture, lethal violence against protesters, repression in provinces including Herat and Badakhshan, and exploitation of mineral resources. Additional mentions in the content associate Taliban warlords with heroin trafficking, describe Taliban responsibility for stopping bus passengers and killing them, identify Mawlawi Mohammed Islam Mohammadi as the Taliban’s former governor of Bamiyan when the Bamiyan Buddha statues were destroyed in 2001, and state that the Taliban blocked fiber connections in multiple provinces and was linked to a nationwide internet and telecommunications shutdown in Afghanistan. No aliases or sub-groups beyond "taliban" are provided in the content.
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Targeting
Who, where, and (when attributed) which flag flies behind the operation. Pulled from open-source reporting and Mallory's analyst review.
Who they target
Sectors the actor has been observed targeting.
- Government & Administration
Where they target
Geographies tied to known operations.
- 🇦🇫 Afghanistan
Where they're from
Attributed origin per open-source reporting.
- AF
Tradecraft
7 distinct techniques observed across reporting, grouped by tactic. Hover any cell for the evidence excerpt; click through for MITRE's full description.
Recent activity
8 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
The Taliban are described as ruling Afghanistan while conducting internal repression, targeting women and minority communities, and providing shelter and operating space to regional and international terrorist groups. The content also portrays them as using humanitarian aid, migrants, and coercive governance as tools of control and external pressure.
The Taliban is responsible for orchestrating a nationwide internet and telecommunications blackout in Afghanistan, disrupting air travel, medical care, banking, and essential public services. This action follows previous partial disruptions and is part of broader efforts to control information and communication within the country.
Mentioned in connection with Taliban governance in Afghanistan and destructive extremist actions under its rule.
Described as using heroin trafficking as a form of 'chemical jihad' and as a financing mechanism tied to terrorism.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.