A threat actor is allegedly selling 0-Day UAF in the Linux Kernel on a dark web forum. According to the post this 0-Day can be used to do a privileged code execution. The post states that the affected version is 6.6.15-amd64. In the post, the price for the alleged 0-Day is…
Tag: DARK WEB
A threat actor has emerged, claiming to possess and sell critical vulnerabilities targeting the login pages of Interpol and the FBI. The alleged vulnerabilities include XSS-DOM and prototype pollution exploits, which, according to the threat actor, can easily lead to account takeovers if exploited. Vulnerabilities Overview The threat actor asserts that…
A threat actor, under the alias AzzaSec, published a new ransomware on their Telegram channel. It is stated in their message that the ransomware code belongs to them. They presented the features of the new ransomware they developed in their message and also included a video, showcasing the detailed appearance and…
Summary: Organizations struggle to detect breaches as they become more targeted and sophisticated, with many existing security tools unable to detect breaches when they occur. Threat Actor: N/A Victim: N/A Key Point : More than 1 out of 3 organizations cite their existing security tools were unable…
A threat actor is claiming to have the source code collection from Lindex Group. According to the post published on a dark web forum, the breach occurred in June 2024. Lindex Group is an international, omnichannel retail company with focus on high-quality fashion. The threat actor indicates that the internal GitLab…
Summary: This content discusses the phenomenon of hackers selling fake data breaches, exploring the motivations behind this deceptive practice. Threat Actor: Hackers selling fake data breaches | hackers selling fake data breaches Victim: Various organizations targeted by fake data breach claims | or…
A threat actor published a post on a dark web forum, claiming to have databases from Truist Bank. The threat actor indicates that the current price is at $1M but this sale is around $75K or nearest offers in order to sell the databases quickly. According to the post, middleman is…
A threat actor claims to be selling highly sensitive data from the Badan Intelijen Strategis (Indonesian Military Strategic Intelligence Agency) and the Indonesia Automatic Fingerprint Identification System (INAFIS). Badan Intelijen Strategis Data The threat actor has allegedly posted a sample of the data for download and is offering the full dataset…
DragonForce Ransomware has emerged as a notable threat, leveraging a leaked LockBit builder and a double-extortion model to steal data before encryption. It has attacked high-profile targets such as the Ohio Lottery and Aussizz Group, with victims publicly lis…
A threat actor published a post on a dark web forum claiming to have attacked Zerto, a subsidiary of Hewlett Packard Enterprise. The company offers solutions for disaster recovery, ransomware resilience, and workload mobility, designed specifically for virtualized infrastructures and cloud environments. According to the post, the threat actor did not…
A newly registered threat actor has surfaced on forums, claiming to possess a zero-day exploit targeting VirtualBox VME. This exploit purportedly functions across all Windows versions, including recent iterations like 21H2, 22H2, 23H2, and 24H2, making it highly versatile and potentially dangerous. The threat actor has set the price for this…
A threat actor has claimed to have a database belonging to Get Licensed, a security training and staffing platform from the UK. According to the post, the database has data of 136,596 users and the leaked data is from 2024. The leaked data consists of customer ID, name, email, address, phone…
According to a post on a dark web forum, a government employee database from a company in Panama is leaked. In the post, it is stated that the leak belongs to Maxia, a service provider to the government and private organizations in Panama. The post indicates that the employee database belongs…
The dAn0n Hacker Group emerged in April 2024 and appears to function more as a data broker group than a traditional ransomware gang, with a public data-leak presence across clearnet and TOR. They list 13 victims predominantly in the United States across multip…
A threat actor shares a ransomware builder named Nevermore Ransomware Builder on a dark web forum. According to the post, attackers can customize the builder and upload their own instructions, desired wallpapers and custom icons. The threat actor also indicates that the ransomware builder gives two encryption modes. One of them…