Author: DailyDarkWeb

Threat Actor: 🔥

Victim: 🎯

Information: – The threat actor is offering the source code of AvEleminator software for sale. – AvEleminator is a tool designed for malicious purposes, aiming to neutralize antivirus, endpoint protection platforms, and endpoint detection and response security software. – The tool operates using certified signed drivers to bypass or disable security measures.…

Read More

Threat Actor: – Unknowns group – CyberDragon group – Cyber Army of Russia group

Victim: – Government of Slovenia – NLB (largest commercial bank in Slovenia) – Chamber of Commerce and Industry

Information: – The Unknowns group is believed to be behind the series of disruptive DDoS attacks targeting key state websites in Slovenia.…

Read More

Threat Actor: – Snatch group

Victim: – Miki Travel

Information: – Miki Travel is a globally renowned travel company offering various travel services. – Miki Travel has previously suffered a ransomware attack from another threat actor. – The company promptly disclosed the previous attack to their customers.…

Read More

Threat Actor: – Unknown individual or group selling the zero-day vulnerability

Victim: – Major financial institutions, including: – Cryptocurrency exchanges – Governmental organizations – Banking institutions

Information: – The zero-day vulnerability is specifically designed to target large financial services companies. – The vulnerability allows buyers to send malicious files from authentic domains.…

Read More

Threat Actor: – Unknown individual or group

Victim: – Favenorte de Mato Verde (organization)

Additional Information: – The attack occurred in March 2024. – The threat actor leaked a database containing sensitive documents. – The compromised data includes ID cards, CPF cards, diploma certificates, electoral certificates, and potentially other confidential information.…

Read More

Threat Actor: – The threat actor offering unauthorized VPN access to a Chinese Telecommunication Company

Victim: – The Chinese Telecommunication Company with a revenue of $3 billion

Additional Information: – The access allows entry into Windows systems through a Windows VPN – The access provides authorization as the local administrator of the system – The company has over 5000 employees – The sale of this access is considered a significant opportunity in the domain of access transactions – The price for this illicit access is set at $5000

In a concerning development, a threat actor has surfaced, asserting the availability of unauthorized access to the VPN of a prominent Chinese Telecom Company, boasting a revenue of $3 billion.…

Read More

Summary: The EMorocco group, also known as Evil Morocco, claims to have breached the United States Social Security Administration (SSA) and gained access to a significant amount of personal data.

Threat Actor: EMorocco Group (Evil Morocco)

Victim: United States Social Security Administration (SSA)

Additional Information: The EMorocco group, also known as Evil Morocco, has asserted that they have successfully infiltrated the systems of the United States Social Security Administration (SSA).…

Read More

A threat actor has emerged, claiming to offer unauthorized access to databases (MySQL) of mobile loan applications operating in Indonesia. It is claimed that there are a total of 11 databases associated with various applications. These databases contain vast amounts of diverse information, including daily application records ranging from 2 to approximately 37 million entries, consisting of names and phone numbers, albeit with some duplicates.…

Read More

Allegedly, a threat actor has emerged claiming to have offered for sale databases purportedly belonging to AllTech and CWU companies. These databases, allegedly compromised, contain sensitive information potentially posing significant risks to the affected organizations and individuals.

The attacker claims to have obtained sensitive user information of AllTech, including details of:

14,800 Client/Employee Users Data: Name, Company, Phone, Email, Password, Salt 20 Employee/Client Users Data: Fullname, Phone, Email, UserName, Password 15 System Admin Users Data: Fullname, Email, Password

In addition, this actor purportedly breached a critical data involving the Communication Workers Union (CWU), a prominent membership organization.…

Read More

A threat actor has purportedly leaked 91GB of data that has affected Konica Minolta. This breach encompasses a variety of critical information related to healthcare X-ray products, including specifications, documentation, and potentially sensitive data regarding their functionality and operation. The unauthorized access by hackers poses a grave threat to the integrity and confidentiality of systems and the information they contain.…

Read More

Sapphire Clan, alongside other Russian hacker collectives, has purportedly initiated a series of DDoS attacks against Ukrainian websites. These cyber assaults are reportedly carried out in response to a recent terrorist attack in Moscow. Among the targeted sites are critical Ukrainian entities such as the Ministry of Foreign Affairs (mfa.gov.ua),…

Read More

NoName057(16) has purportedly initiated a series of distributed denial-of-service (DDoS) attacks targeting several Dutch websites in response to the announcement made by the Dutch Defense Ministry regarding the transfer of planes to Ukraine. The alleged cyber assaults were directed towards prominent entities such as the Province of Groningen, the Province of North Brabant, the Province of North Holland, and the Province of Overijssel.…

Read More

A threat actor has purportedly leaked data that has affected ECB.co.uk, the online platform of the England and Wales Cricket Board (ECB). This breach has had significant repercussions, leading to the unauthorized access and exposure of sensitive personal information belonging to an estimated 43,000 users. The compromised data encompasses a considerable time frame, ranging from 2014 to 2021.…

Read More

A threat actor has claimed responsibility for leaking a database purportedly sourced from Russian CityMed Medical Centers, accessible through the domain medcentr-sitimed.ru. The leak, dated March 17, 2024, is reported to be in CSV format and comprises approximately 826,000 lines of data. Among the leaked information are individuals’ full names, dates of birth, ages, insurance numbers (СНИЛС), phone numbers (253K unique), and email addresses (82K unique), along with details such as medical center branch, passport information, employer, job title, and registration and living addresses (often identical).…

Read More

Unknowns group has announced its intention to launch cyber attacks against Ukraine, initiating a campaign called “Tsunami” and citing it as retaliation for the terrorist attack in Moscow. The group allegedly conducted DDoS attacks on hosts in Ukraine, as well as on websites of Ukrainian hospitals and banks.…

Read More

A threat actor has emerged, claiming to offer unauthorized access to the Fortinet accesses of many companies. This threat actor is providing information regarding the sale based on the valuations of these companies without providing information about the sectors. From the samples presented, it’s evident that although the majority of compromised entities are small-scale enterprises, the threat actor asserts accessibility to the networks of larger corporations as well.…

Read More

Alarming reports have surfaced indicating that a threat actor is purportedly offering for sale a substantial cache of data, totaling 30 GB, allegedly obtained from Keller Williams Realty’s website (kw.com). Established in 1983, Keller Williams Realty stands as a prominent international real estate company, boasting over 600 offices throughout the United States and Canada.…

Read More