Category: Cyber Attack

Cyberattack on KAIKATSU FRONTIER Inc. Leads to Potential Data Breach of Customer Information

Date Reported: 2025-01-18 Country: Japan | Japan Victim: KAIKATSU FRONTIER Inc. | KAIKATSU FRONTIER Inc. Website: kaikatsufrontier.co.jp Additional Information :A cyberattack targeted KAIKATSU FRONTIER Inc., a subsidiary of AOKI Holdings Inc. The incident was detected on Saturday, January 18, 2025. Immediate isolation of the affected server was implemented.…
Read More
ModiLoader Malware Leveraging CAB Header Batch Files to Evade Detection
Summary: AhnLab Security Intelligence Center (ASEC) has identified a new malware distribution tactic that utilizes Microsoft Windows CAB header batch files to deploy the ModiLoader (DBatLoader) malware. This method cleverly disguises malicious files as legitimate purchase orders in phishing emails, circumventing traditional email security measures. The innovative file structure and execution process enable the malware to evade detection and deliver its payload effectively.…
Read More
New Campaign Delivers Sliver Implants to German Targets Through DLL Sideloading and Proxying
Summary: Cyble Research and Intelligence Labs (CRIL) has identified a sophisticated cyber campaign targeting German organizations, utilizing advanced techniques such as DLL sideloading and the Sliver implant. The attack begins with spear-phishing emails containing deceptive files that lead to the execution of malicious payloads. This campaign highlights the evolving tactics of threat actors and poses significant challenges for traditional detection systems.…
Read More
Summary: A recent report from Knownsec 404 highlights the emergence of GamaCopy, a cyber espionage group imitating Gamaredon APT, targeting Russian defense and critical infrastructure. GamaCopy uses military-themed documents as bait, employing obfuscated scripts and open-source tools like UltraVNC to minimize detection. The group’s tactics reveal a sophisticated approach to cyber espionage, complicating attribution and showcasing a false flag operation.…
Read More
Summary: A sophisticated cyber campaign has been identified utilizing the fasthttp library to conduct brute-force login attempts and spam multi-factor authentication (MFA) requests targeting Azure Active Directory environments. The campaign, which began showing signs on January 6, 2025, is primarily driven by malicious traffic from Brazil and aims to overwhelm security mechanisms to gain unauthorized access to user accounts.…
Read More
Summary: A malicious campaign exploiting Blogspot redirectors has been uncovered, facilitating the distribution of phishing pages and malware. This operation, part of the larger “ApateWeb” initiative, utilizes Blogspot’s reputation to mislead users through seemingly legitimate links. Researchers have identified advanced techniques used by attackers to evade detection and enhance the effectiveness of their scams.…
Read More
North Korean Lazarus Group Exposed for Using Fake Philippine Identities on LinkedIn
Summary: Cybersecurity researcher Dominic Alvieri has identified and reported the removal of fake LinkedIn profiles linked to the North Korean Lazarus Group, which were posing as recruiters. These fraudulent accounts, claiming affiliations with various companies and universities, aimed to deceive professionals into revealing sensitive information. The situation raises concerns for job seekers in the Philippines, emphasizing the need for vigilance against such scams.…
Read More
Telegram captcha tricks you into running malicious PowerShell scripts
Summary: Threat actors are exploiting news about Ross Ulbricht to lure users into a malicious Telegram channel, tricking them into executing PowerShell commands that install malware. This new variant of the “Click-Fix” tactic masquerades as a verification process, leveraging fake accounts to gain trust. Users are warned to be cautious of executing any commands copied from online sources, especially in PowerShell or the Windows Run dialog.…
Read More
Victim: Signal, Discord | Signal, Discord Price: N/A Data: User geolocation data

Keypoints :

0-click deanonymization attack capable of exposing user locations. Targets applications including Signal and Discord. Leverages caching mechanisms in Cloudflare’s infrastructure. Can infer user geolocations within a 250-mile radius without user interaction. Demonstrated on Signal by sending an attachment via CDN.…
Read More
BreachForums admin to be resentenced after appeals court slams supervised release
Summary: Conor Fitzpatrick, the founder of the cybercrime platform BreachForums, is set to be resentenced after a three-judge panel vacated a previous lenient sentence that allowed him to serve only 17 days in prison. The appellate court criticized the district court’s decision, which was influenced by Fitzpatrick’s age and autism diagnosis, for being “substantively unreasonable” given his extensive criminal activities.…
Read More
Cyber Insights 2025: APIs – The Threat Continues
Summary: SecurityWeek’s Cyber Insights 2025 highlights expert predictions regarding the increasing vulnerabilities associated with APIs as their usage expands. As organizations adopt more SaaS applications and AI-driven tools, APIs are becoming prime targets for cybercriminals, leading to a significant rise in API-related breaches. Experts emphasize the urgent need for improved API security measures to combat these evolving threats.…
Read More
Summary: A critical security vulnerability (CVE-2024-12857) has been identified in the AdForest WordPress theme, allowing attackers to bypass authentication and gain unauthorized access. This flaw affects all versions up to 5.1.8 and poses a significant risk to site security. Users are urged to update to version 5.1.9 to mitigate this threat.…
Read More
Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks
Summary: The rise of GenAI tools and SaaS platforms has significantly increased risks related to data exposure and identity vulnerabilities in the workplace. A new complimentary risk assessment is available to help organizations evaluate their specific browsing environment and identify key risks. This assessment provides actionable insights to enhance security posture and inform decision-making for security and IT teams.…
Read More
15-Year-Old Hacker Diverts Ships in Mediterranean Sea for Fun
Summary: A 15-year-old hacker from Cesena, Italy, initially sought to change his grades but escalated his activities to altering maritime routes in the Mediterranean Sea. His actions drew the attention of authorities after he compromised critical infrastructure, leading to an investigation. The Ministry of Education and Merit confirmed that their systems were not breached, but the hacker’s unauthorized access to other systems raised significant concerns.…
Read More
Email Bombing, ‘Vishing’ Tactics Abound in Microsoft 365 Attacks
Summary: Sophos X-Ops’ Managed Detection and Response (MDR) warns of ransomware attacks that utilize email bombing and vishing tactics through Microsoft Office 365. These attacks are attributed to two threat groups, STAC5143 and STAC5777, which have been active in recent months. The researchers emphasize the need for organizations to enhance their security measures and employee awareness to combat these evolving threats.…
Read More