Threat Actor: North Korean Hackers | North Korean Hackers Victim: iOS and Android Users | iOS and Android Users Price: Not disclosed Exfiltrated Data Type: Personal and financial information
Key …
Threat Actor: North Korean Hackers | North Korean Hackers Victim: iOS and Android Users | iOS and Android Users Price: Not disclosed Exfiltrated Data Type: Personal and financial information
Key …
Summary: A large-scale fraud campaign has exploited fake trading apps on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims in a scheme …
Victim: Shin Bet Country : IL Actor: handala Source: http://vmjfieomxhnfjba57sd6jjws2ogvowjgxhhfglsikqvvrnrajbmpxqqd.onion/?p=238 Discovered: 2024-10-03 20:30:24.809112 Published: 2024-10-03 19:23:38.000000 Description : Shin Bet, ’s comprehensive security system was hacked! Shin Bet has designed …
Summary and Key Points
SummaryThis blog post discusses a long-standing issue regarding the reliance on output from webp without proper validation, highlighting the potential pitfalls associated with such trust.…
Summary and Key Points
Short SummaryThe primary mistake made by the WebP image format was over-reliance on the output from a tool called enough.c to calculate maximum possible table …
Summary: Recent cyber espionage campaigns linked to China have targeted U.S. internet service providers, with the Salt Typhoon operation focusing on intelligence gathering and potential disruptions. Investigations are ongoing to …
Check Point Research (CPR) discovered a malicious app on Google Play that targeted mobile users to steal cryptocurrency, marking a new trend in crypto draining tactics. The app …
Check Point Research (CPR) discovered a malicious app on Google Play that targeted mobile users to steal cryptocurrency, marking a significant shift in the tactics used by crypto …
ThreatWire Summary
ThreatWire Video SummaryThe video discusses recent updates on cybersecurity issues including problems related to Apple’s new operating system, incidents with a web browser company, and changes in …
Summary: The GSMA is working on implementing end-to-end encryption (E2EE) for Rich Communications Services (RCS) to enhance message security across Android and iOS platforms. This development follows Apple’s introduction of …
A new Android spyware campaign has been identified targeting individuals in South Korea since June 2024. The spyware uses an Amazon AWS S3 bucket as its Command and …
Video Summary
Video SummaryThe video discusses the increasing threat of cyber attacks and emphasizes the importance of cybersecurity for small businesses. It highlights how a single click on a …
Summary: Binance has issued a warning about an ongoing global threat involving clipper malware that targets cryptocurrency users to facilitate financial fraud. This malware monitors clipboard activity to replace legitimate …
Summary: A new Android malware named Trojan Ajina.Banker is targeting users in Central Asia by disguising itself as legitimate applications to steal banking information and intercept two-factor authentication (2FA) messages. …
Summary: The Uttar Pradesh Police arrested four individuals, including the mastermind of a cybercrime operation, for leaking the question paper of the Uttar Pradesh Police Radio Operator Recruitment Exam. The …
Summary: A vulnerability in WhatsApp’s ‘View Once’ feature allows recipients to bypass its intended privacy protections, enabling them to re-view and save media that should only be viewable once. Researchers …
Short Summary:
The article discusses the increasing prevalence of malware targeting macOS, particularly focusing on the Atomic macOS Stealer (AMOS), which is designed to steal sensitive data from infected machines. …
Summary: Cisco has addressed critical vulnerabilities in its Smart Licensing Utility (CSLU) that allowed unauthorized access through a backdoor account and the potential exposure of sensitive data. The company has …
Summary: This content discusses two distinct exploits targeting iOS and Google Chrome users, focusing on a bug in FTL JIT compilation that allows attackers to execute arbitrary code and steal …
Summary: California legislators have passed a bill mandating internet browsers and mobile operating systems to provide consumers with an easy way to opt out of sharing their private data for …
Short Summary:
The article discusses two exploits targeting iOS and Google Chrome, focusing on a bug during FTL JIT compilation. Both exploits utilize a similar framework for executing arbitrary code …
Summary: A sophisticated mobile phishing technique utilizing progressive web applications (PWA) has emerged, targeting financial institutions in the Czech Republic, Hungary, and Georgia. This method allows the installation of phishing …
Short Summary:
This blogpost discusses a novel phishing campaign targeting mobile users, particularly clients of Czech banks, through the use of Progressive Web Applications (PWAs) and WebAPKs. The campaign employs …
Summary: Microsoft researchers revealed multiple medium-severity vulnerabilities in OpenVPN during the Black Hat USA 2024 conference, which could be exploited to achieve remote code execution (RCE) and local privilege escalation …
Summary: This report analyzes the rising use of data-exfiltration tools, particularly Rclone, by threat actors in cyber incidents, highlighting their capabilities and the implications for organizations. It also provides recommendations …
Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged the disabling of the legacy Cisco Smart Install feature due to its exploitation in recent cyberattacks. Additionally, CISA has …
Summary: The U.S. Department of Justice has filed a lawsuit against TikTok and its parent company, ByteDance, for allegedly violating children’s privacy laws by collecting personal information from users under …
This post is also available in: 日本語 (Japanese)
Executive SummaryIn this post, we explore the evolution of domain registration and network attacks associated with terms related to generative AI …
Symantec reported a Daggerfly intrusion against a telecoms operator in Africa involving previously unseen plugins for MgBot.
Macma updateMacma is a macOS backdoor that was first documented by Google …
Summary: This article discusses the Konfety mobile advertising fraud campaign, which used an “evil twin” evasion method and a misused SDK called CaramelAds to operate undercover.
Threat Actor: Konfety | …
Summary: This content discusses a recent surge in phishing campaigns targeting banking users in India, with cybercriminals shifting their focus from SMS to WhatsApp for distributing phishing messages.
Threat Actor: …
Cyble Research & Intelligence Labs has observed a recent surge in phishing campaigns targeting banking users in India.
Cybercriminals have shifted their focus from SMS to WhatsApp for…
Summary: The content discusses the surge in Android financial threats, including traditional banking malware and cryptostealers, targeting victims’ mobile banking funds.
Threat Actor: ESET | ESET Victim: Android users | …
Summary: Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS …
Summary: The content discusses the decline in activity of the Predator spyware group, indicating that sanctions and exposure have impacted their operations.
Threat Actor: Predator spyware group | Predator spyware …
Summary: This content explains what overlays are, particularly on Android devices, and how cybercriminals use them to deceive users.
Threat Actor: Cybercriminals | cybercriminals Victim: Android device users | Android …
Summary: The content discusses the alarming increase in vulnerabilities across all enterprise software categories and emphasizes the need for alternative approaches to vulnerability monitoring due to delays in associating Common …
Summary: Threat actors are increasingly targeting load balancers, leading to a record exploitation rate for this category of devices over a three-year period.
Threat Actor: Unknown | Unknown Victim: Load …
Summary: China’s cybersecurity experts have become dominant players in global capture-the-flag competitions, exploit contests, and bug bounty programs, and the Chinese government is using their expertise to strengthen the nation’s …
The Hi-Tech Crime Trends report by Group-IB highlights a growing cybercriminal focus on Apple devices due to their increasing popularity. This shift has led to a rise in malware …
ESET researchers have identified five campaigns targeting Android users with trojanized apps. Most probably carried out by the Arid Viper APT group, these campaigns started in 2022 and three of …
Summary: This content discusses five cyber espionage campaigns targeting Android users in Egypt and Palestine, attributed to the Arid Viper hacking group.
Threat Actor: Arid Viper | Arid Viper Victim: …
Threat Actor: Hackers | Hackers Victim: Apple | Apple Price: Not specified Exfiltrated Data Type: iPhone iOS source code
Additional Information:
The leaked iBoot code may be exploited by hackers…Summary: Attackers have exploited a zero-day vulnerability in TikTok’s direct messages feature to hijack high-profile accounts belonging to companies and celebrities, including Sony, CNN, and Paris Hilton.
Threat Actor: Unknown …
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics
Targeted attacks Operation Triangulation: the final mysteryLast June, we published …
Summary: Researchers have discovered a macOS version of the LightSpy spyware that has been active since January 2024, with threat actors using publicly available exploits to deliver the spyware and …
In October 2023 we posted our research about the notorious surveillance framework LightSpy2. In our research, we proved with a high degree of confidence that both implants for Android and …
Summary: This article discusses concerns about the privacy of library reading material and how it relates to targeted advertising.
Threat Actor: Advertising platforms
Victim: Library users
Key Point :
An…Summary: A new banking Trojan called Antidot has been discovered by Cyble Research and Intelligence Labs, targeting Android devices with sophisticated malware features.
Threat Actor: Antidot Trojan | Antidot Trojan …