Questions How do threat actors find their targets?

[BlankPiecePaper]

This could have many answers, but my question is how threat actors find their targets. Because it seems like they can have a new victim pretty often. So how do they find them? Realistically, they aren't manually testing a ton of sites. Are they scraping XYZ, using custom Shodan queries, custom google dorks?