ShareKhan, a prominent Indian brokerage firm, was allegedly breached by the threat actor RareData, who claims to have stolen 3.4 million user records. The exposed data includes sensitive PAN-linked information and is being offered for sale to a single buyer. #ShareKhan #DataBreach…
Tag: FINANCIAL
North Korean threat actors involved in the Contagious Interview operation have expanded their software supply chain attacks by deploying a new malware loader named XORIndex in the npm ecosystem, alongside the ongoing HexEval Loader campaign. These loaders deliver multi-stage malware including BeaverTail and InvisibleFerret backdoors, targeting developers and cryptocurrency holders with sophisticated obfuscation and data exfiltration techniques. #XORIndex #HexEvalLoader #ContagiousInterview #BeaverTail #InvisibleFerret
GLOBAL GROUP is a newly observed ransomware-as-a-service (RaaS) operation, likely a rebranding of the Black Lock RaaS, targeting multiple sectors across the US, Europe, Australia, and Brazil with advanced malware and AI-powered ransom negotiations. The group relies heavily on Initial Access Brokers to gain network entry and deploy ransomware rapidly, emphasizing high-value targets and seven-figure ransom demands. #GLOBALGROUP #BlackLock #Mamona #Ramp4u #InitialAccessBroker
Thirteen suspects in Romania and one in the U.K. were arrested for their roles in a tax fraud scheme that used stolen personal data to claim millions in fraudulently obtained refunds. The operation involved phishing attacks and highlighted the ongoing threat of organized cybercrime affecting tax authorities and retail sectors. #TaxFraud…
The ransomware incident involves the threat actor Akira, who has claimed access to 42 GB of sensitive corporate data belonging to McKenzie Commercial, including employee personal information, financial records, and confidential documents, and has facilitated easy data download via torrent technology. The impacted country is the United States.
The Qilin ransomware group has claimed responsibility for a major cyberattack on Knight Knox, a key UK property investment firm. The attack involved the exfiltration of 100 GB of data, including sensitive client and financial information, highlighting the increasing threat of ransomware targeted at valuable business data. #QilinGroup #KnightKnox #Ransomware #DataBreach…
India’s Ministry of Electronics and Information Technology, along with CERT-In and SISA, has released a whitepaper on preparing for the quantum cybersecurity revolution. The document emphasizes the need for organizations to adopt quantum-resistant algorithms to safeguard digital infrastructure against emerging threats from quantum computing. #QuantumComputing #CyberReadiness…
Rebuilding Society, a UK-based crowdfunding platform supporting social and economic projects, suffered a cybersecurity breach impacting its database. The attack involved multiple methods such as SQL injection, phishing, and man-in-the-middle techniques, leading to data leaks. #RebuildingSociety #Cyberattack…
HMRC faced a significant phishing scam affecting 100,000 customers and causing £47 million in losses. Authorities from the UK and Romania collaborated to arrest suspects involved in this organized cybercriminal operation. #HMRC #Phishing #RomanianPolice…
The ransomware claim involves www.e***.gov.eg with a demand of 2,270,000 USD, attributed to the threat actor devman. The impacted country is Egypt (#Egypt).
The threat actor devman has claimed to have compromised solidere.com, demanding a ransom of 7,250,000 USD. The incident has impacted Lebanon. #Lebanon
Cybercriminals are increasingly abusing legitimate Inno Setup installers by embedding malicious payloads using Pascal scripting to evade detection and deliver information-stealing malware such as RedLine Stealer. This campaign employs sophisticated evasion techniques including debugger checks, sandbox avoidance, DLL sideloading, and command obfuscation to persist on infected systems and steal sensitive data. #InnoSetup #HijackLoader #RedLineStealer
Qilin operates as a Ransomware-as-a-Service affiliate program using Rust-based ransomware that targets multiple operating systems with customized attacks. It employs double extortion tactics involving data encryption and exfiltration, impacting numerous global organizations and frequently adapting its methods. #Qilin #RustRansomware #NETXLOADER
The ransomware claim from the threat actor Qilin targeted fuld.com, a US-based financial research and analytics firm founded in 1978 with headquarters in Boston, Massachusetts. The attack disrupted their operations and compromised sensitive strategic information. #United States
The threat actor akira has claimed to have compromised Genesis Billing Services, a US-based pathology billing company, and threatens to release 3 GB of sensitive corporate documents, including financial files of clients. The incident potentially impacts the United States.