Short Summary:
Since mid-September 2024, there has been a notable rise in the deployment of “Lumma Stealer” malware through the “HijackLoader” malicious loader. A significant detection occurred on October 2, …
Short Summary:
Since mid-September 2024, there has been a notable rise in the deployment of “Lumma Stealer” malware through the “HijackLoader” malicious loader. A significant detection occurred on October 2, …
Threat Actor: Unknown | unknown Victim: Detsky Mir Group | Detsky Mir Group Price: Not disclosed Exfiltrated Data Type: Personal data (names, emails, phone numbers, user agents, dates)
Key Points …
Unit 42 has identified ongoing malicious activities by North Korean threat actors, known as the CL-STA-240 Contagious Interview campaign. These actors pose as recruiters to lure job seekers …
Summary: ESET researchers have uncovered a sophisticated cyberespionage campaign by the APT group GoldenJackal, targeting air-gapped systems within governmental organizations in Europe. This blogpost details previously undocumented tools used by …
Summary: Cisco Talos has identified a financially motivated threat actor, active since 2022, that has been deploying a variant of MedusaLocker ransomware known as “BabyLockerKZ.” This group has shifted its …
Short Summary:
ESET researchers have uncovered a series of cyberespionage attacks attributed to the APT group GoldenJackal, targeting governmental organizations in Europe. The group has utilized sophisticated tools to compromise …
The article discusses a new campaign by the APT group Awaken Likho, targeting Russian government agencies and industrial enterprises. The group has shifted its tactics, now utilizing the …
Summary: Cisco has issued a security advisory regarding multiple vulnerabilities in its Small Business RV340 series routers, which could allow remote attackers to escalate privileges and execute arbitrary commands. These …
Summary of Pointers in C/C++
Short SummaryThe video discusses the importance of pointers in programming languages such as C and C++. It highlights how pointers allow direct memory manipulation, …
Video Summary
SummaryThe video discusses the importance of development in enhancing skills for penetration testing. It highlights how proficiency in development can aid in various phases of testing, from …
Victim: Guerriere & Halnon Country : US Actor: play Source: http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion/topic.php?id=0pWSwOhnl7Ae1L Discovered: 2024-10-04 22:40:03.776520 Published: 2024-10-04 22:38:02.726189 Description : United States
Ransomware Victims – ALL Other Victims by play
Ransomware …
Victim: Pete’s Road Service Country : US Actor: play Source: http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion/topic.php?id=FcBg2dAvzRwMHz Discovered: 2024-10-04 21:07:09.214142 Published: 2024-10-04 21:05:07.370913 Description : United States
Ransomware Victims – ALL Other Victims by play
Ransomware …
Victim: McGaughey & Keaney CPAs Country : US Actor: qilin Source: http://kbsqoivihgdmwczmxkbovk7ss2dcynitwhhfu5yw725dboqo5kthfaad.onion/site/view?uuid=c11c3d1a-5ff5-3b5a-ae1a-6c9a82646fd3 Discovered: 2024-10-04 10:45:31.261110 Published: 2024-09-23 00:00:00.000000 Description : McGaughey & Keaney CPAs is a company that operates in …
Video Summary
Video SummaryThe video discusses the importance of exploiting vulnerabilities within a company’s structure and how advancing through various activities can lead to control over administrative domains. It …
Short Summary:
The “Vilsa Stealer” is a newly identified malware discovered on GitHub, known for its efficiency in extracting sensitive data from various applications. It targets browser credentials, crypto wallets, …
Short Summary:
Cisco Talos has identified a financially motivated threat actor, active since 2022, distributing a MedusaLocker ransomware variant named “BabyLockerKZ.” The actor has targeted organizations globally, with a notable …
Summary: DrayTek has patched 14 vulnerabilities across 24 router models, including critical flaws that could lead to remote code execution (RCE) or denial-of-service (DoS). The vulnerabilities were discovered by Forescout …
This article discusses a sophisticated phishing campaign that utilizes HTML smuggling techniques to deliver malicious payloads. The campaign involves multiple stages of obfuscation and deception, including the use …
The article discusses the critical role of machine learning (ML) in analyzing cybersecurity logs to enhance threat detection capabilities. It highlights Kaspersky’s experience in utilizing ML algorithms, particularly …
Video Summary
Short SummaryThe video discusses the development of a Mythic C2 agent, focusing on the implementation of task management, command execution, and improvements in code functionality. The narrator …
Short Summary:
Key Group, also known as keygroup777, is a financially motivated ransomware group that primarily targets Russian users. They utilize various ransomware builders, including Chaos and Annabelle, and communicate …
Victim: Keller Williams Realty Group Country : US Actor: qilin Source: http://kbsqoivihgdmwczmxkbovk7ss2dcynitwhhfu5yw725dboqo5kthfaad.onion/site/view?uuid=d0623bd7-5087-3b61-94c3-39825e481842 Discovered: 2024-09-30 16:06:28.703916 Published: 2024-09-30 00:00:00.000000 Description : Keller Williams Realty Group is a company that operates in …
Victim: TOTVS Country : BR Actor: blackbyte Source: Discovered: 2024-09-30 17:29:23.253995 Published: 2024-09-30 17:29:20.838350 Description : TOTVS is a prominent Brazilian software company specializing in enterprise resource planning (ERP) solutions. …
Victim: decalesp.com Country : ES Actor: blacksuit Source: http://weg7sdx54bevnvulapqu6bpzwztryeflq3s23tegbmnhkbpqz637f2yd.onion/?id=rOAahCwH8TuMXr8M Discovered: 2024-09-30 12:32:47.464555 Published: 2024-09-30 12:32:45.073892 Description : Decalesp.com is a company specializing in high-quality decals and stickers for various applications. …
Summary: Microsoft has reported a multi-staged attack by the threat actor Storm-0501, which compromised hybrid cloud environments leading to data exfiltration, credential theft, and ransomware deployment across various sectors in …
Video Summary and Key Points
Video SummaryThe video discusses the fundamental concepts of coding, particularly focusing on basic data types and workflows in programming. It introduces key variable types …
The Patchwork APT group has launched a sophisticated campaign targeting Chinese entities and Bhutan, utilizing a malicious LNK file to initiate infections. The campaign employs DLL sideloading techniques …
Victim: Bogdan Frasco, LLP Country : US Actor: cicada3301 Source: http://cicadabv7vicyvgz5khl7v2x5yygcgow7ryy6yppwmxii4eoobdaztqd.onion/2tu8mj3lvbtdhn7t1zu1m4wx2u12ja7a Discovered: 2024-09-24 23:08:55.426527 Published: 2024-09-15 00:00:00.000000 Description : We offer a wide range of tax and accounting services focusing …
Short Summary:
The article discusses the emergence of the Necro Trojan, which has infected various popular applications, including modified versions and those available on Google Play. The Trojan employs advanced …
Victim: savannahcandy.com Country : US Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/c8de2573-68c7-47ae-bb00-3a7d3d858392/ Discovered: 2024-09-21 14:36:42.724735 Published: 2024-09-21 12:45:05.000000 Description : Savannah Candy Kitchen, found at savannahcandy.com, is renowned for its Southern confections, particularly …
Victim: Visionary Homes Country : US Actor: incransom Source: /blog/disclosures/66edcd634b308506090d1577 Discovered: 2024-09-20 20:35:55.963805 Published: 2024-09-20 20:35:54.096627 Description : Visionary Homes is a homebuilding company known for crafting high-quality, customizable homes. …
Victim: Wilson & Lafleur Country : CA Actor: medusa Source: http://cx5u7zxbvrfyoj6ughw76oa264ucuuizmmzypwum6ear7pct4yc723qd.onion/detail?id=75c7f34b2d96a43d94d3ef9a9463f79b Discovered: 2024-09-19 20:07:45.913812 Published: 2024-09-19 14:50:19.000000 Description : Wilson & Lafleur (founded in 1909) – literary publishing house also …
Summary: Microsoft has updated its security advisory to classify CVE-2024-37985 as a zero-day vulnerability, which poses a medium-level threat to Windows systems by allowing unauthorized access to sensitive heap memory. …
Short Summary:
Unit 42 researchers have identified an ongoing campaign that delivers Linux and macOS backdoors through poisoned Python packages, named PondRAT. This campaign is linked to the Gleaming Pisces …
Short Summary:
In May 2024, a targeted cyber campaign was detected in Italy, utilizing a new Remote Access Trojan (RAT) named SambaSpy. The campaign featured a sophisticated infection chain that …
Summary: Threat actors are exploiting Internet-exposed Selenium Grid servers to hijack bandwidth for cryptomining and proxyjacking, posing significant risks to organizations. The lack of authentication in these servers makes them …
Summary: Cloud Software Group has announced two critical vulnerabilities in the Citrix Workspace app for Windows that could allow attackers to escalate privileges to SYSTEM level. Users are urged to …
Summary: Cisco Talos has revealed a new threat actor named “DragonRank,” which primarily targets web application services in Asia and Europe to manipulate search engine rankings through the deployment of …
Short Summary:
Trend Micro researchers have identified remote code execution attacks on Progress Software’s WhatsUp Gold, exploiting vulnerabilities CVE-2024-6670 and CVE-2024-6671. Despite patches being available, some organizations were slow to …
Summary: ESET researchers have analyzed the activities of the CosmicBeetle threat actor, focusing on its newly developed ScRansom ransomware and its connections to other ransomware groups, including LockBit and RansomHub. …
Short Summary:
Cisco Talos has identified a new cyber threat named “DragonRank,” which targets web application services primarily in Asia and parts of Europe. This threat utilizes the PlugX and …
ESET researchers have documented the activities of the CosmicBeetle threat actor, focusing on its newly developed ScRansom ransomware. This group has replaced its previous ransomware, Scarab, with ScRansom, …
Summary: Marsh McLennan and Zurich Insurance Group are urging government intervention to address the significant risk of catastrophic cyber events and the $900 billion gap in insurance coverage for economic …
The Sekoia TDR team has uncovered new developments related to the Quad7 botnet operators, who are compromising various SOHO routers and VPN appliances. The operators are evolving their …
Short Summary:
EclecticIQ analysts have researched ransomware operations, particularly focusing on SCATTERED SPIDER, a group targeting cloud infrastructures in the insurance and financial sectors. They employ social engineering tactics, including …