Summary:
In October 2024, the Cleafy Threat Intelligence team uncovered a new Android banking Trojan campaign named ToxicPanda, initially linked to the TgToxic family. This malware targets banking institutions in…Tag: SOCIAL ENGINEERING
Summary: LastPass has issued a critical warning regarding a social engineering campaign that targets its users through deceptive reviews on its Chrome Web Store app page, leading them to a …
Victim: LmayInteroute agency Country : ES Actor: lynx Source: http://lynxblog.net/leaks/672ad532dab69e0ba2c4b09d Discovered: 2024-11-06 03:26:53.542818 Published: 2024-11-06 02:32:18.251000 Description : Bienvenue chez INTEROUTE, soci, été de transport et logistique
Ransomware Victims – …
Summary:
This report provides an in-depth analysis of SpyNote, a sophisticated Android malware variant that disguises itself as a legitimate antivirus application. It details the malware’s techniques for gaining extensive…Summary:
This report discusses the ClickFix social engineering tactic, which utilizes deceptive web pages to trick users into executing malicious PowerShell commands, leading to system infections. The analysis highlights various…Summary:
In November 2023, North Korean threat actors were found using the Contagious Interview and WageMole campaigns to secure remote jobs in Western countries while evading financial sanctions. The Contagious…This Edureka playlist on “Cyber Security Training for Beginners” will help you learn Cyber Security from scratch. You will get to know what is the role of Cyber Security in …
Summary:
Tropic Trooper, also known as Pirate Panda and APT 23, is a Chinese state-sponsored cyber threat group that has been active since 2011. Specializing in espionage, the group targets…Victim: Pureflow Airdog Country : US Actor: play Source: http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion/topic.php?id=jNGhEMiATsjKFR Discovered: 2024-10-30 22:29:59.657874 Published: 2024-10-30 22:27:58.573863 Description : United States
Ransomware Victims – ALL Other Victims by play
Ransomware Incident …
Summary: Cybercriminals are exploiting the event management platform Eventbrite to distribute phishing emails that impersonate legitimate companies, leading to a significant increase in such attacks. Researchers report a staggering 900% …
Short Summary:
The CryptoAITools malware campaign targets cryptocurrency enthusiasts through a malicious Python package and deceptive GitHub repositories. This multi-stage malware aims to steal sensitive data and drain crypto wallets …
Summary: Ukrainian military recruitment efforts are facing a dual cyberattack from Kremlin-backed threat actors, utilizing a spoofed version of the “Civil Defense” tool to spread malware and misinformation. This campaign, …
Short Summary:
Rekoobe is a backdoor malware associated with APT31, known for its use in cyber espionage and data theft. Recent investigations revealed its deployment through open directories and potential …
Short Summary:
In September 2024, Google Threat Intelligence Group uncovered UNC5812, a suspected Russian espionage operation utilizing a Telegram persona named “Civil Defense” to distribute malware targeting Windows and Android …
Short Summary:
Proofpoint has reported a rise in cryptocurrency fraud involving job scams that impersonate reputable organizations. This new tactic, which is a shift from traditional Pig Butchering scams, targets …
Summary: The BlackBasta ransomware operation has adapted its tactics by utilizing Microsoft Teams for social engineering attacks, impersonating corporate help desks to deceive employees into granting remote access. This evolution …
Short Summary:
In October 2024, ReliaQuest identified a campaign by the ransomware group Black Basta, which has evolved its tactics to include social engineering through Microsoft Teams and QR codes. …
Victim: thebeautyclick.co.uk Country : GB Actor: apt73 Source: http://bashe4aec32kr6zbifwd5x6xgjsmhg4tbowrbx4pneqhc5mqooyifpid.onion/page_company.php?id=60 Discovered: 2024-10-24 13:48:44.476885 Published: 2024-10-21 10:00:00.000000 Description : The Beauty Click was founded in April 2018 by Chantelle Bass. A website …
Summary: A recently patched security vulnerability in Styra’s Open Policy Agent (OPA) could have allowed attackers to leak NTLM hashes, potentially leading to credential theft and relay attacks. The flaw, …
Summary: Cisco Talos has uncovered a phishing campaign utilizing the open-source toolkit Gophish, targeting Russian-speaking users with modular infection chains that lead to the deployment of PowerRAT and DCRAT malware. …
Summary: Milan State Police have arrested a 43-year-old Italian-Australian man linked to a $31 million computer fraud and money laundering scheme, targeting vulnerable individuals, especially the elderly. The suspect, wanted …
Short Summary:
In Q3 2024, APT groups from China, North Korea, Iran, and Russia intensified their cyber operations, employing sophisticated techniques and targeting critical infrastructure. Chinese APTs focused on network …
Short Summary:
In early 2024, the North Korean Lazarus APT group exploited a critical zero-day vulnerability in Google Chrome, known as CVE-2024-4947, to conduct a deceptive campaign targeting cryptocurrency users …
Victim: Iron World Manufacturing Country : US Actor: play Source: http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion/topic.php?id=yw4VkN8sb9WUrq Discovered: 2024-10-24 00:56:38.031369 Published: 2024-10-24 00:54:37.012665 Description : United States
Ransomware Victims – ALL Other Victims by play
Ransomware …
Lazarus APT, a sophisticated Korean-speaking threat actor, has been using its backdoor malware Manuscrypt since 2013 in numerous campaigns targeting various sectors. A recent incident involved a zero-day …
Summary: This research provides an update on the GHOSTPULSE malware, detailing its evolution from using the IDAT chunk of PNG files to embedding malicious payloads within the pixel structure of …
The Monthly Intelligence Insights report by Securonix Threat Labs for July highlights significant cyber threats, including the activities of the Lazarus Group and Water Bakunawa, along with various …
Short Summary:
The article discusses the Mysterious Elephant APT group, identified by Kaspersky in their Q2 2023 APT trends report. This South Asian group is linked to various APT organizations, …
This research article discusses the updates to the GHOSTPULSE malware, highlighting its evolution from using the IDAT chunk of PNG files to embedding its payload within the pixel …
Threat Actor: Unknown | unknown Victim: Various German B2B Companies | German B2B Companies Price: Free (leaked data) Exfiltrated Data Type: B2B contact information (full names, email addresses, company details, …
Victim: Vasesa Country : ES Actor: arcusmedia Source: http://arcuufpr5xxbbkin4mlidt7itmr6znlppk63jbtkeguuhszmc5g7qdyd.onion/?p=260 Discovered: 2024-10-20 18:06:05.184319 Published: 2024-10-20 15:52:14.000000 Description : www.vasesa.com.mxVasesa Vasesa is a company that…
Ransomware Victims – ALL Other Victims by …
Summary: The ClickFix campaign employs social engineering tactics to lure users into fraudulent Google Meet pages, ultimately delivering info-stealing malware for both Windows and macOS systems. This campaign has evolved …
Short Summary:
The Microsoft Digital Defense Report 2024 reveals a complex global cybersecurity landscape, with over 600 million cyberattacks occurring daily. The report highlights the rise of ransomware, phishing, and …
Victim: Dubin Group Country : US Actor: cicada3301 Source: http://cicadabv7vicyvgz5khl7v2x5yygcgow7ryy6yppwmxii4eoobdaztqd.onion/4e7l4uctoid7zzrp6e1ecny1n4i87j0y Discovered: 2024-10-18 01:47:51.429483 Published: 2024-10-17 00:00:00.000000 Description : !!! IF THE COMPANY DOES NOT CONTACT US SOON, THE DATA WILL …
Victim: RDC Control Ltd Country : GB Actor: cicada3301 Source: http://cicadabv7vicyvgz5khl7v2x5yygcgow7ryy6yppwmxii4eoobdaztqd.onion/vpfewnk955bf92mli7405amp1dedofof Discovered: 2024-10-18 01:44:45.603183 Published: 2024-10-17 00:00:00.000000 Description : !!! IF THE COMPANY DOES NOT CONTACT US SOON, THE DATA …
Summary: The ransomware threat landscape has intensified, particularly affecting healthcare institutions, with a notable increase in coordinated attacks by nation-states and cybercriminals. Despite the rise in encounters, the percentage of …
Victim: Funlab Country : AU Actor: lynx Source: http://lynxblog.net/leaks/66fdce7bcbfc63d2fbfb84b9 Discovered: 2024-10-16 21:08:47.768726 Published: 2024-10-02 22:51:39.735000 Description : Funlab is the world’s premiere creator of competitive socialising experiences
Ransomware Victims – …
Short Summary:
This report by CYFIRMA provides insights into the current landscape of malware, specifically focusing on various stealers such as Divulge, DedSec, and Duck. These stealers are primarily promoted …
Victim: Welker (welker.com) Country : US Actor: fog Source: http://xbkv2qey6u3gd3qxcojynrt4h5sgrhkar6whuo74wo63hijnn677jnyd.onion/posts/670fe499ffa6d0708588b872/ Discovered: 2024-10-16 18:03:21.153242 Published: 2024-10-16 00:00:00.000000 Description : 27,6 GB
Ransomware Victims – ALL Other Victims by fog
Ransomware Activity …
Short Summary:
The Sophos X-Ops team investigated a series of phishing attacks known as “quishing,” which utilize QR codes to trick employees into revealing sensitive information. The attackers sent emails …
Victim: Central Pennsylvania Food Bank Country : US Actor: fog Source: http://xbkv2qey6u3gd3qxcojynrt4h5sgrhkar6whuo74wo63hijnn677jnyd.onion/posts/670e83ffffa6d0708588b7a6/ Discovered: 2024-10-15 16:33:49.129536 Published: 2024-10-15 00:00:00.000000 Description : 20 GB
Ransomware Victims – ALL Other Victims by fog…
Victim: Misionero Vegetables Country : US Actor: play Source: http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion/topic.php?id=y8Ci8YPvFzjO7r Discovered: 2024-10-14 18:12:40.338876 Published: 2024-10-14 18:10:39.186624 Description : United States
Ransomware Victims – ALL Other Victims by play
Ransomware Gang …
Summary: Marriott International has agreed to enhance its information security practices and pay a $52 million penalty to settle charges related to three significant data breaches affecting 344 million individuals …
The video discusses major cybersecurity vulnerabilities and incidents including a critical exploit affecting VMware ESXi hypervisor, updates on CrowdStrike’s service outage, the discovery of a sophisticated malware distribution …
Victim: nspproteins.com Country : US Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/65b9b086-125c-4a98-ad2e-e6bff47f64a3/ Discovered: 2024-10-08 06:59:24.786851 Published: 2024-10-07 19:13:32.000000 Description : NSP Proteins is a company specializing in the production and supply of high-quality …
Short Summary:
In 2024, the manufacturing sector has become a primary target for cyber attacks, particularly ransomware, leading to significant financial and operational disruptions. Key threat actors include various ransomware …
Summary and Key Points
SummaryThe video discusses a common scenario where a person receives a phone call from what seems to be their bank, claiming there was an error …