Summary: Meta has launched a groundbreaking information-sharing initiative, the Fraud Intelligence Reciprocal Exchange (FIRE), in collaboration with UK banks to combat social media fraud. This program aims to enhance fraud …
Tag: SOCIAL MEDIA
The video discusses the importance of governance in the evolving landscape of technology in 2024, focusing on three main pillars: risk management, compliance management, and life cycle governance, …
Summary: A large-scale fraud campaign has exploited fake trading apps on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims in a scheme …
Threat Actor: Unknown | Unknown Victim: Red Barrels | Red Barrels Price: Not disclosed Exfiltrated Data Type: Game source code, internal builds, employee records, company credit card details
Key Points …
Summary: A series of malicious packages in the Python Package Index (PyPI) have been discovered, designed to appear as cryptocurrency wallet recovery tools but ultimately aimed at stealing sensitive data …
Threat Actor: CyberDragon | CyberDragon Victim: South Korea | South Korea Price: $200 million (humanitarian aid to Ukraine) Exfiltrated Data Type: Infrastructure disruption
Key Points :
CyberDragon has launched an…Summary: The Rhadamanthys information stealer has introduced advanced features, including AI-driven optical character recognition for extracting cryptocurrency wallet seed phrases from images, making it a significant threat to cryptocurrency users. …
Summary: In 2024, the Iran-linked threat group Handala has gained attention for its cyber activities, including a breach of Vidisco security scanners and a mass text campaign targeting Israeli citizens. …
Summary: The UK’s National Cyber Security Centre (NCSC) has issued a warning about Iranian cyber threats, specifically a spear phishing campaign attributed to Iran’s Islamic Revolutionary Guard Corps (IRGC). This …
Summary: A new malware campaign, Lumma Stealer, is targeting League of Legends fans during the World Championship, tricking users into downloading malicious software disguised as the game. The campaign has …
Summary: Threat actors are exploiting public interest in the scandal surrounding Sean “Diddy” Combs to distribute spyware disguised as files that claim to reveal deleted social media posts. Researchers have …
Summary: Cyber criminals are increasingly exploiting platforms like Atlassian to conduct sophisticated phishing attacks targeting law firms and corporations in Australia and the APAC region, aiming to steal employee credentials. …
Summary: Microsoft has reported a multi-staged attack by the threat actor Storm-0501, which compromised hybrid cloud environments leading to data exfiltration, credential theft, and ransomware deployment across various sectors in …
Summary: Security researchers have identified two critical vulnerabilities in the Jupiter X Core WordPress plugin, affecting over 90,000 websites, which could allow attackers to gain full control or hijack user …
Threat Actor: AnonSec Kerala | AnonSec Kerala Victim: Countries supporting Palestine | Countries supporting Palestine Price: Not specified Exfiltrated Data Type: Not specified
Key Points :
The cyber group AnonSec…Transcript Summary and Key Points
Short SummaryThe speaker discusses the complexities of defining security terms and concepts, particularly in the context of web security. They assert that certain practices, …
Threat Actor: Unknown | unknown Victim: Congressional Staffers | congressional staffers Price: Not applicable Exfiltrated Data Type: Personal information, passwords, IP addresses, social media information
Key Points :
Over 3,191…Short Summary:
The Cofense Phishing Defense Center has identified a new phishing campaign that utilizes TikTok URLs to redirect users to malicious sites aimed at stealing Microsoft Office 365 credentials. …
Short Summary:
The article investigates the Sniper Dz phishing-as-a-service (PhaaS) platform, which has gained popularity among phishers targeting social media and online services. Over the past year, more than 140,000 …
Threat analysts are monitoring a Russian-linked threat actor deploying domains for crypto scams targeting the US Presidential Election and major US tech brands. The scams promise fake cryptocurrency …
Summary: The GSMA is working on implementing end-to-end encryption (E2EE) for Rich Communications Services (RCS) to enhance message security across Android and iOS platforms. This development follows Apple’s introduction of …
Summary: BingX, a Singaporean crypto platform, reported a cyberattack resulting in the theft of over $44 million from its hot wallet. The company is working with blockchain security firms to …
Video Summary
Video SummaryThe video discusses the increasing threat of cyber attacks and emphasizes the importance of cybersecurity for small businesses. It highlights how a single click on a …
Threat Actor: Mr. Hamza | Mr. Hamza Victim: Turkey | Turkey Price: Not specified Exfiltrated Data Type: Sensitive data from Turkish entities, personal data of Turkish citizens
Key Points : …
Victim: patricksanderscompany.com Country : US Actor: ElDorado Source: Discovered: 2024-09-19 19:53:02.977224 Published: 2024-09-19 19:53:00.581331 Description : Patrick Sanders Company specializes in offering bespoke digital marketing solutions tailored to businesses of …
Summary: The cybercrime group Marko Polo has compromised tens of thousands of devices globally through scams targeting online gaming personalities and cryptocurrency influencers. Their tactics include impersonating legitimate companies and …
The Summer Intelligence Insights report by Securonix Threat Labs highlights significant cyber threats identified over the last three months, including phishing campaigns, cyber-espionage efforts, and ransomware attacks. The …
Summary: Users of social media platform X (formerly Twitter) are at risk of account takeovers despite using two-factor authentication methods, as hackers can exploit vulnerabilities in these security measures. Researchers …
In mid-2023, Black Lotus Labs uncovered a significant botnet named “Raptor Train,” believed to be operated by the Chinese threat actors known as Flax Typhoon. This botnet has …
The “Marko Polo” group represents a significant cybercriminal threat, employing sophisticated infostealer malware and social engineering tactics to target individuals and businesses, particularly in the cryptocurrency and online …
Summary: Cybersecurity researchers are alerting about North Korean threat actors using LinkedIn to deliver malware named RustDoor, targeting individuals in the cryptocurrency sector under the guise of recruitment. This multi-faceted …
Summary: A Russian media outlet, RT, is accused of conducting covert influence operations globally, supported by a cyber unit linked to Russian intelligence, which aids in military procurement and information …
Summary: The article discusses the alarming rise of cybercriminal groups that not only engage in traditional hacking but also exploit and extort vulnerable teens, leading to severe psychological and physical …
Short Summary:
On September 3, 2024, the FBI warned the crypto industry about North Korea’s use of social engineering techniques to deliver malware. Jamf Threat Labs has observed targeted attacks …
Summary: Cybersecurity researchers have identified ongoing phishing campaigns that exploit HTTP header refresh entries to deliver fake email login pages aimed at stealing user credentials. These sophisticated attacks have targeted …
Summary: Ireland’s data protection authorities are investigating Google’s AI model, PaLM 2, to determine if it complies with GDPR regulations regarding data processing and impact assessments. The inquiry focuses on …
Summary: Two Nigerian brothers were sentenced to 17 years in prison for a sextortion scheme that led to the suicide of a 17-year-old victim. They used social media to manipulate …
Summary: Cisco Talos has revealed a new threat actor named “DragonRank,” which primarily targets web application services in Asia and Europe to manipulate search engine rankings through the deployment of …
The report from Cyfirma provides an in-depth analysis of the Gomorrah Stealer, a sophisticated information-stealing malware operating within a malware-as-a-service (MaaS) framework. It targets sensitive data from various …
Medusa is a ransomware group that emerged in 2023, known for its unique presence on both the surface and dark web. By 2024, they have intensified their cyberattacks, …
This article discusses a code injection vulnerability (CVE-2024-5932) in the GiveWP WordPress plugin, highlighting a malicious Proof of Concept (POC) that targets cybersecurity professionals. The POC can lead …
Short Summary:
Kimsuky, a North Korean hacking group active since 2018, focuses on espionage and financially motivated cybercrime. They target various technologies and countries, employing sophisticated tactics and exploiting vulnerabilities …
Short Summary:
Cisco Talos has identified a new cyber threat named “DragonRank,” which targets web application services primarily in Asia and parts of Europe. This threat utilizes the PlugX and …
Summary: Cryptocurrency scams have surged in the U.S., with victims reporting $5.6 billion in losses in 2023, a 45% increase from the previous year. The FBI highlighted that investment scams …
Summary: The Gallup polling company addressed critical cross-site scripting (XSS) vulnerabilities on its website, which could have allowed malicious actors to manipulate user actions, particularly concerning during the upcoming US …
Summary: A new variant of sextortion email scams is targeting spouses by falsely claiming that their partner is cheating, complete with links to alleged proof. These scams have evolved since …
Threat Actor: CyberVolk Group | CyberVolk Victim: Shenzhen Ruizhicheng Technology Co., Ltd. | Shenzhen Ruizhicheng Technology Co., Ltd. Price: Not specified Exfiltrated Data Type: Website server data
Key Points : …
The report by CYFIRMA details the discovery of a sophisticated dropper binary known as BLX Stealer (or XLABB Stealer), designed to steal sensitive information from compromised systems. This …