Threat Actor: Unknown | unknown Victim: MoneyGram | MoneyGram Price: $11.00 per share (acquisition price) Exfiltrated Data Type: Customer personal information and transaction details
Key Points :
The cyberattack occurred…Threat Actor: Unknown | unknown Victim: MoneyGram | MoneyGram Price: $11.00 per share (acquisition price) Exfiltrated Data Type: Customer personal information and transaction details
Key Points :
The cyberattack occurred…Summary: Eight suspected cybercriminals were arrested in Côte d’Ivoire for their involvement in large-scale phishing scams targeting Swiss citizens, resulting in over $1.4 million in reported financial losses. The operation, …
Summary: The U.S. Justice Department and Microsoft have taken down numerous domains linked to the Russian espionage group, Callisto Group, which is associated with the FSB, aimed at stealing sensitive …
Summary: Cisco Talos has identified a financially motivated threat actor, active since 2022, that has been deploying a variant of MedusaLocker ransomware known as “BabyLockerKZ.” This group has shifted its …
Summary: California has enacted a law requiring connected car manufacturers to allow drivers to disable remote access to their vehicles, aimed at protecting domestic violence survivors from being tracked by …
Short Summary:
ESET researchers have uncovered a series of cyberespionage attacks attributed to the APT group GoldenJackal, targeting governmental organizations in Europe. The group has utilized sophisticated tools to compromise …
Threat Actor: Unauthorized Third Party | Unauthorized Third Party Victim: MoneyGram Payment Systems, Inc. | MoneyGram Payment Systems, Inc. Price: Not disclosed Exfiltrated Data Type: Personal Information
Key Points : …
The article discusses a phishing campaign utilizing the Mamba 2FA phishing kit, which mimics Microsoft 365 login pages and employs advanced techniques to capture user credentials and multi-factor …
The article discusses a new campaign by the APT group Awaken Likho, targeting Russian government agencies and industrial enterprises. The group has shifted its tactics, now utilizing the …
Summary: A spear-phishing email campaign targeting recruiters has been identified, utilizing a JavaScript backdoor known as More_eggs to compromise systems under the pretense of fake job applications. The campaign is …
Date Reported: 2024-10-02 Country: Germany Victim: Traffics | Traffics | traffics.de Additional Information :
Traffics, a company specializing in travel technologies, detected and repelled a cyberattack on its system on…Summary: A sophisticated cyber-espionage campaign attributed to the Chinese APT group Mustang Panda utilizes malicious emails and Visual Studio Code to deploy Python-based malware, allowing unauthorized access to infected machines. …
Summary: Cybersecurity researchers are alerting organizations about active exploitation attempts of a newly disclosed vulnerability, CVE-2024-45519, in Synacor’s Zimbra Collaboration software. The flaw allows unauthenticated attackers to execute arbitrary commands, …
Victim: Broward Realty Corp Country : US Actor: everest Source: http://ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion/broward-realty-corp/ Discovered: 2024-10-07 01:36:53.982902 Published: 2024-10-07 01:36:53.197317 Description : Company must contact and resolve the issue by the end of …
Cloud Computing Security Insights
Cloud Computing Security Insights SummaryThe video discusses the expected growth of the cloud computing industry, reaching 0 billion in 2024, and highlights the increased security …
Date Reported: 2024-09-12 Country: MKD | North Macedonia Victim: Министерство за економија и труд | Ministry of Economy and Labor | economy.gov.mk Additional Information :
The Ministry of Economy and…Short Summary:
AWS has expanded its AWSCompromisedKeyQuarantine policies to include new actions aimed at preventing the misuse of compromised access keys. This proactive measure is designed to restrict certain actions …
This article discusses four recently identified DNS tunneling campaigns, highlighting the techniques used by threat actors to bypass network security and establish covert communication channels. The campaigns were …
Summary: Attackers are exploiting CVE-2024-45519, a critical vulnerability in Zimbra that allows unauthorized command execution. Despite patches being available, the exploitation began shortly after a technical write-up and proof of …
Summary: British national Robert B. Westbrook has been charged in the US for orchestrating a hacking operation that targeted American companies to illegally trade on the stock market using insider …
The BlueShark APT group has been actively targeting individuals in South Korea during the first half of 2024, utilizing various malware types and spear-phishing tactics disguised as …
Short Summary:
Cisco Talos has identified a financially motivated threat actor, active since 2022, distributing a MedusaLocker ransomware variant named “BabyLockerKZ.” The actor has targeted organizations globally, with a notable …
Threat Actor: @grep | @grep Victim: Andamen | Andamen Price: Not disclosed Exfiltrated Data Type: Personal details
Key Points :
In October 2024, a data breach affected the Indian luxury…Threat Actor: @IntelBroker, @EnergyWeaponUser | @IntelBroker, @EnergyWeaponUser Victim: Smart Buy | Smart Buy Price: Not disclosed Exfiltrated Data Type: User email addresses, transaction dates, currencies, online store information
Key Points …
Summary: DrayTek has patched 14 vulnerabilities across 24 router models, including critical flaws that could lead to remote code execution (RCE) or denial-of-service (DoS). The vulnerabilities were discovered by Forescout …
Summary: A critical vulnerability in the Vesta Control Panel allows attackers to take over admin accounts by exploiting the non-cryptographically secure $RANDOM variable in Bash, which is used in the …
Summary: A newly discovered zero-day vulnerability (CVE-2024-38200) in Microsoft Office poses significant risks to users by allowing unauthorized access to sensitive authentication data. Security researcher Metin Yunus Kandemir has detailed …
Threat Actor: @IntelBroker, @EnergyWeaponUser | @IntelBroker, @EnergyWeaponUser Victim: Rivoli Group AE | Rivoli Group AE Price: Not specified Exfiltrated Data Type: Order statuses, dates, countries, email addresses
Key Points : …
Summary: The article discusses the emerging threat of “phantom domains,” which are active links to unregistered dot-com domains that can be exploited by malicious actors to hijack hyperlinks and deceive …
This article discusses a sophisticated phishing campaign that utilizes HTML smuggling techniques to deliver malicious payloads. The campaign involves multiple stages of obfuscation and deception, including the use …
Meow, a ransomware group that emerged in 2022, has gained attention for its unique operational model and rising victim count. It is often linked to Meow Leaks, which …
Short Summary:
The article discusses a sophisticated credential phishing scheme targeting Microsoft accounts via legitimate Zoom Docs links. Threat actors exploit the trust associated with Zoom to trick users into …
Short Summary:
The article discusses the NetSupport RAT, a remote access trojan used by advanced persistent threat (APT) groups. It highlights the challenges in detecting and removing such malware, along …
Threat Actor: @303 | @303 Victim: Indonesian Government | Indonesian Government Price: Not disclosed Exfiltrated Data Type: Sensitive user information
Key Points :
The threat actor claimed to have breached…Summary: A UK national, Robert B. Westbrook, has been charged with a “hack-to-trade” scheme that involved breaking into the Office365 accounts of executives at publicly traded companies to obtain insider …
Summary: Attackers are exploiting a critical remote code execution vulnerability (CVE-2024-45519) in Zimbra’s SMTP server, prompting urgent patching by affected organizations. The vulnerability allows unauthenticated remote attackers to execute arbitrary …
Short Summary:
The article details various email payloads used in phishing attempts, specifically focusing on different types of attachments and the malware associated with them. The payloads target multiple users …
Short Summary:
Key Group, also known as keygroup777, is a financially motivated ransomware group that primarily targets Russian users. They utilize various ransomware builders, including Chaos and Annabelle, and communicate …
Summary: The UK’s National Cyber Security Centre (NCSC) has issued a warning about Iranian cyber threats, specifically a spear phishing campaign attributed to Iran’s Islamic Revolutionary Guard Corps (IRGC). This …
Threat Actor: Unknown | Unknown Victim: Sportstech | Sportstech Price: Not disclosed Exfiltrated Data Type: Personal information
Key Points :
Sportstech is a German fitness technology company known for high-quality…Threat Actor: Unknown | unknown Victim: KintApp | KintApp Price: Not disclosed Exfiltrated Data Type: Personal details (identification numbers, email addresses, names, mobile phone numbers)
Key Points :
The breach…Summary: Threat actors are exploiting public interest in the scandal surrounding Sean “Diddy” Combs to distribute spyware disguised as files that claim to reveal deleted social media posts. Researchers have …
Summary: Cyber criminals are increasingly exploiting platforms like Atlassian to conduct sophisticated phishing attacks targeting law firms and corporations in Australia and the APAC region, aiming to steal employee credentials. …
UserSec is a pro-Russian hacktivist group that emerged in early 2023, targeting Western governments and critical infrastructure, particularly those affiliated with NATO and Ukraine. Utilizing Telegram for coordination …
Short Summary:
Trend Micro’s MDR team successfully mitigated a more_eggs infection, which was initiated through a spear-phishing email that tricked a recruitment officer into downloading a malicious file disguised as …
Short Summary:
In July 2024, a ReliaQuest customer in the manufacturing sector experienced a data exfiltration attack. The threat actor exploited a Fortinet firewall and used a brute-force attack on …
Threat Actor: RansomHub | RansomHub Victim: Patelco Credit Union | Patelco Credit Union Price: Not disclosed Exfiltrated Data Type: Personal information including names, Social Security numbers, Driver’s License numbers, dates …
Threat Actor: Unknown | Unknown Victim: Israeli Institutions | Israeli Institutions Price: Negotiable Exfiltrated Data Type: Sensitive government and military data
Key Points :
Threat actor claims to have hacked…