In a concerning development, a threat actor has emerged, claiming to offer unauthorized access to the database of a leading American financial company. With an annual revenue reaching a staggering $5 billion, the company’s database likely contains a wealth of sensitive financial information. The thr…
Tag: DARK WEB
According to allegations, a series of DDoS attacks orchestrated by UserSec and the Cyber Army of Russia have been revealed, aiming to disrupt the operations of multiple Luxembourg websites. Reportedly, prominent targets of these purported attacks include Luxembourg’s Lux-Airport, Ministry of Foreign…
A hacker allegedly connected to the People’s Republic of China has been exploiting two popular vulnerabilities to attack U.S. defense contractors, U.K. government entities and institutions in Asia. A new report from Google-owned security firm Mandiant spotlighted the work of a threat actor the…
Introduction In late 2023 and early 2024, the ransomware ecosystem experienced repeated disruption of its most prolific Ransomware-as-a-Service (RaaS) groups at the hands of international Law Enforcement (LE). Alphv’s dark web data leak site was seized, then unseized, then re-seized in a December 20…
RansomHub is a newly emerged ransomware group operating as a ransomware-as-a-service (RaaS) with an affiliate model and a policy aimed at rewarding partners, including a 90/10 revenue split and a decryptor promise under certain conditions. Their victimology sp…
Threat actors are attempting to compromise Social Security numbers with a tax phishing attack targeting small business owners and self-employed filers.Worryingly, the social engineering scammers are likely operating with little more than a cheap email list of self-employed US residents, according to…
In a sweeping international law enforcement operation, Nemesis Market, a notorious darknet marketplace, was seized by authorities. The Frankfurt am Main Public Prosecutor’s Office, alongside the Federal Criminal Police Office, orchestrated the takedown, securing server infrastructure in Germany and…
A threat actor is purportedly a significant selling in the realm of Managed Service Providers (MSPs), as a vast encompassing more than 3,300 computers across over 40 American companies. The offering comprises two panels from a single MSP. The first panel boasts 1,581 computers, while the second pane…
During the course of an intrusion investigation in late October 2023, Mandiant observed novel N-day exploitation of CVE-2023-46747 affecting F5 BIG-IP Traffic Management User Interface. Additionally, in February 2024, we observed exploitation of Connectwise ScreenConnect CVE-2024-1709 by the same actor. This mix of custom tooling and the SUPERSHELL framework leveraged in these…
A team of seasoned bug hunter move that highlights the perceived inadequacy of bug bounty programs, s has announced their decision to sell exclusive, exploitable vulnerabilities directly to interested parties.. Renowned for their expertise and credited by industry giants like Apple and Microsoft, th…
Ukrainian cyber police have arrested three men suspected of hijacking the accounts of over 100 million internet users.The trio, aged between 20 and 40, were arrested by police in the country’s Kharkiv region under the guidance of the regional prosecutor’s office. Operating as part of a cybercrime gr…
A cyberattacker and extortionist of a medical center has pleaded guilty to federal computer fraud and abuse charges in the US. Robert Purbeck, adopting the aliases “Lifelock” and “Studmaster” during his time as a cybercriminal, according to the Department of Justice (DoJ), stole personal data belong…
A threat actor going by the name verifiedBpp has purportedly put up for sale a significant amount of data allegedly sourced from the Saudi Ministry of Health. The dataset, spanning from 2020 to 2024, comprises 100 GB of information, including sensitive personal details such as full names, addresses,…
Allegations have emerged suggesting that NoName057(16) orchestrated a string of DDoS attacks aimed at disrupting several Polish websites. According to NoName057(16), these cyber assaults were launched in solidarity with Polish farmers who have expressed discontent with the pro-Ukrainian stances adop…
A purported leak of the Moscow Clinical Research Center’s database, attributed to a threat actor, has raised concerns over data privacy and security. The MKNC, officially known as MKNC named after A.S. Loginova, stands as a prominent multidisciplinary institution within the Moscow Department of Heal…