Threat Actor: Smart TV Manufacturers | smart TV manufacturers Victim: Users of Smart TVs | users of smart TVs Price: N/A Exfiltrated Data Type: Viewing habits and content data
Key …
Threat Actor: Smart TV Manufacturers | smart TV manufacturers Victim: Users of Smart TVs | users of smart TVs Price: N/A Exfiltrated Data Type: Viewing habits and content data
Key …
Summary: The Australian Cyber Security Centre (ACSC) has released a guide titled “Principles of Operational Technology Cybersecurity,” aimed at helping organizations secure their operational technology (OT) environments, particularly in critical …
Short Summary:
CyberVolk is a politically motivated hacktivist group that has transitioned to using ransomware since June 2024. Initially operating under different names, the group has targeted Spanish institutions in …
This article discusses four recently identified DNS tunneling campaigns, highlighting the techniques used by threat actors to bypass network security and establish covert communication channels. The campaigns were …
Short Summary:
The article analyzes CyberVolk, a politically motivated hacktivist group that transitioned to using ransomware since June 2024. Initially a hacktivist organization, CyberVolk has launched ransomware attacks as a …
Short Summary:
The “Vilsa Stealer” is a newly identified malware discovered on GitHub, known for its efficiency in extracting sensitive data from various applications. It targets browser credentials, crypto wallets, …
Since mid-2023, the Sekoia Threat Detection & Research team has been investigating a sophisticated cyber attack infrastructure that utilizes compromised edge devices as Operational Relay Boxes (ORBs). This …
Victim: Shin Bet Country : IL Actor: handala Source: http://vmjfieomxhnfjba57sd6jjws2ogvowjgxhhfglsikqvvrnrajbmpxqqd.onion/?p=238 Discovered: 2024-10-03 20:30:24.809112 Published: 2024-10-03 19:23:38.000000 Description : Shin Bet, ’s comprehensive security system was hacked! Shin Bet has designed …
Meow, a ransomware group that emerged in 2022, has gained attention for its unique operational model and rising victim count. It is often linked to Meow Leaks, which …
Victim: domainindustries.com Country : US Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/67a0e25d-012a-4f4e-9dd2-173246d33c60/ Discovered: 2024-10-02 20:43:19.644961 Published: 2024-10-02 20:05:03.000000 Description : Domain Industries, Inc. is a U.S.-based company specializing in providing high-quality products and …
Victim: ironmetals.com Country : DE Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/82246316-03c2-4ee0-a5de-f6c81a9776ba/ Discovered: 2024-10-02 20:40:16.386784 Published: 2024-10-02 20:06:11.000000 Description : Ironmetals.com is a comprehensive online platform dedicated to the metal industry. It offers …
Summary: A recent Microsoft alert has revealed that the threat actor Vanilla Tempest is using a new ransomware strain, INC, to target the US healthcare sector, highlighting the ongoing cyber …
Researchers at Palo Alto Networks discovered a tool named Swiss Army Suite (S.A.S) used by attackers for automated vulnerability scanning, particularly targeting SQL injection vulnerabilities. This tool operates …
Summary: The Taiwan Computer Emergency Response Team (TWCERT/CC) has issued security advisories regarding critical vulnerabilities in various PLANET Technology switch models, which could lead to severe security risks such as …
Summary: Logpoint has acquired Muninn, a network detection and response startup, to enhance its cybersecurity offerings by integrating AI-driven detection capabilities with its existing SIEM solutions. This acquisition aims to …
Summary: The UK’s National Cyber Security Centre (NCSC) has issued a warning about Iranian cyber threats, specifically a spear phishing campaign attributed to Iran’s Islamic Revolutionary Guard Corps (IRGC). This …
Summary: Security researcher Zach Hanley from Horizon3.ai has disclosed a critical vulnerability (CVE-2024-28987) in SolarWinds Web Help Desk software, which involves hardcoded credentials that could allow unauthorized access to sensitive …
UserSec is a pro-Russian hacktivist group that emerged in early 2023, targeting Western governments and critical infrastructure, particularly those affiliated with NATO and Ukraine. Utilizing Telegram for coordination …
Short Summary:
Trend Micro’s MDR team successfully mitigated a more_eggs infection, which was initiated through a spear-phishing email that tricked a recruitment officer into downloading a malicious file disguised as …
Short Summary:
In July 2024, a ReliaQuest customer in the manufacturing sector experienced a data exfiltration attack. The threat actor exploited a Fortinet firewall and used a brute-force attack on …
Short Summary:
This research by Check Point focuses on the increasing number of vulnerable Windows drivers and their exploitation potential. It highlights the characteristics shared by these drivers, the methodologies …
Summary: Microsoft has reported a multi-staged attack by the threat actor Storm-0501, which compromised hybrid cloud environments leading to data exfiltration, credential theft, and ransomware deployment across various sectors in …
Victim: DINAS Corp Country : US Actor: incransom Source: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/66f972154b30850609537a5a Discovered: 2024-09-29 21:21:19.977147 Published: 2024-09-29 15:28:21.215000 Description : DINAS is a wholesale distributor specializing in the sale of Latin American …
Victim: Moeller Door and Window Country : US Actor: meow Source: http://meow6xanhzfci2gbkn3lmbqq7xjjufskkdfocqdngt3ltvzgqpsg5mid.onion/product/89 Discovered: 2024-09-29 14:23:14.070709 Published: 2024-09-29 14:23:12.076800 Description : Moeller Door and Window is a reputable company specializing in …
Summary: The content discusses the malware Trammy.dll, which downloads and extracts files to establish persistence on infected systems while disguising its activities. It highlights the use of a password-protected ZIP …
Summary: The article discusses the vulnerabilities found in Automatic Tank Gauge (ATG) systems that monitor fuel storage, highlighting the risks posed by their exposure to the Internet. It emphasizes the …
Summary: CISA has issued a warning about threat actors attempting to breach critical infrastructure networks, particularly targeting Internet-exposed industrial devices through unsophisticated methods like brute force attacks and default credentials. …
In March 2024, Elastic Security Labs uncovered a sophisticated Linux malware campaign targeting vulnerable servers. The attackers exploited an Apache2 web server to gain initial access and deployed …
Short Summary:
This report by CYFIRMA investigates the infrastructure of the APT group “Transparent Tribe,” identifying command-and-control (C2) servers linked to the group. The investigation reveals the use of Mythic …
The Patchwork APT group has launched a sophisticated campaign targeting Chinese entities and Bhutan, utilizing a malicious LNK file to initiate infections. The campaign employs DLL sideloading techniques …
Victim: English Construction Company Country : US Actor: lynx Source: http://lynxblogmx3rbiwg3rpj4nds25hjsnrwkpxt5gaznetfikz4gz2csyad.onion/leaks/66eb6403c8dfe0f702ef81ee Discovered: 2024-09-26 15:04:55.332715 Published: 2024-09-18 00:00:00.000000 Description : Founded in 1909 and headquartered in Lynchburg, Virginia, English Construction C… …
Summary: A critical vulnerability (CVE-2024-21545) has been discovered in Proxmox Virtual Environment and Proxmox Mail Gateway, allowing unauthorized access to sensitive files and potential system compromise. The issue affects multiple …
Victim: Hughes Gill Cochrane Tinetti Country : US Actor: cicada3301 Source: http://cicadabv7vicyvgz5khl7v2x5yygcgow7ryy6yppwmxii4eoobdaztqd.onion/dk479vmx76wr3bi601aamzpkgrw8ecbb Discovered: 2024-09-24 23:06:47.141357 Published: 2024-09-24 00:00:00.000000 Description : Headquartered in Walnut Creek, HGCT is a California law firm, …
Short Summary:
HTML smuggling techniques are increasingly being used in phishing attacks to deliver malicious content. This method involves encoding HTML pages in Base64 strings and using JavaScript to create …
Date Reported: 2024-09-23 Country: DEU | Germany Victim: La VBG Unfallversicherung | La VBG Accident Insurance | vbg.de Additional Information :
La VBG Accident Insurance in Hamburg was targeted in…Short Summary:
The article discusses the activities of IT workers operating on behalf of North Korea, specifically focusing on their tactics to gain employment in Western companies. These workers use …
Threat Actor: 888 | 888 Victim: Oracle Corporation | Oracle Corporation Price: Not disclosed Exfiltrated Data Type: Employee information (full names, job titles, company names, email addresses, physical addresses)
Key …
Summary: A sophisticated phishing campaign has been identified that distributes Lumma Stealer malware through deceptive human verification pages targeting Windows users. This method leverages clipboard manipulation and PowerShell commands to …
Short Summary:
Check Point Research has uncovered a new attack vector where threat actors exploit Windows Internet Shortcut files (.url) to lure users into executing remote code. By utilizing the …
Short Summary:
The article discusses the detection and response to the Poseidon Stealer malware by eSentire’s Threat Response Unit (TRU). This malware targets macOS devices and employs deceptive techniques to …
Victim: palmfs.com Country : US Actor: ElDorado Source: Discovered: 2024-09-19 19:46:48.160274 Published: 2024-09-19 19:46:46.148402 Description : Palmfs.com is a company specializing in advanced data storage solutions. It offers innovative file …
Threat Actor: Handala | Handala Victim: Israeli Industrial Batteries (IIB) | Israeli Industrial Batteries (IIB) Price: Not specified Exfiltrated Data Type: 6 TB of sensitive data
Key Points :
Handala…Summary: A critical vulnerability (CVE-2024-40711) in Veeam’s Backup & Replication software has been disclosed, allowing unauthenticated remote code execution with a CVSS score of 9.8, posing significant risks to enterprise …
Summary: GitLab has released an urgent security update to address a critical vulnerability (CVE-2024-45409) affecting both Community and Enterprise Editions, which poses a severe risk by allowing unauthenticated attackers to …