Tag: BANK

Victim: bank.pingan.com (CN) By Babuk Locker 2.0 Country : CN Actor: babuk2 Source: http:/bxwu33iefqfc3rxigynn3ghvq4gdw3gxgxna5m4aa3o4vscdeeqhiqad.onion/blog/358c4d15c88f881a4fe9b4009fea92875bd9569160533db6cbea77d6fbdee3be/ Discovered: 2025-03-10 22:22:57.951986 Published: 2025-03-10 22:03:00.000000 Description : Sure! Here are the keypoints based on the website bank.pingan.com formatted as a list: Comprehensive banking services including savings, loans, and investment options. User-friendly online banking platform with easy navigation.…
Read More
Smishing on INPS: How to Act in Case of Data Theft
This article discusses the rise in smishing scams impersonating the Italian National Institute of Social Security (INPS), aimed at stealing personal information. It outlines the methodology used by scammers, potential consequences for victims, and preventive measures to stay safe. Affected: INPS, personal data security, online users

Keypoints :

The CERT-AGID has reported a surge in scams exploiting the INPS name.…
Read More
Quantum leap: Passwords in the new era of computing security
Summary: The National Institute of Standards and Technology (NIST) has released its first finalized post-quantum encryption standards to protect against potential threats posed by quantum computers. These new standards are essential as traditional cryptographic methods may become vulnerable to quantum attacks. Organizations need to adapt their security measures, particularly in password protection, to mitigate the risks associated with advancing quantum technologies.…
Read More
Social Engineering: The Art of Psychological Exploitation Part-2
This article explores various effective phishing techniques deployed by cybercriminals to deceive users into divulging sensitive information. Techniques discussed include homograph attacks, address bar spoofing, and others that exploit user trust and browser features. Affected: users, online platforms, digital security

Keypoints :

Website phishing is a common social engineering attack.…
Read More
U.S. Secret Service Seizes Russian Garantex Crypto Exchange Website
Summary: A coalition of international law enforcement agencies has seized the Garantex cryptocurrency exchange website, following its prior sanctions by the U.S. Treasury Department for facilitating illicit transactions. The operation involved several major law enforcement organizations, including the FBI and Europol, highlighting ongoing efforts against fraudulent crypto activities.…
Read More
Scammers Send Fake Texts From E-ZPass and Other Toll Services to Siphon Payments
Summary: A new smishing scam is targeting individuals by masquerading as toll providers demanding payment for unpaid tolls through fraudulent text messages. The messages often threaten consequences for non-payment and include suspicious links designed to harvest personal information. Victims are urged to report and delete the messages, and to take protective measures for their sensitive data if they’ve interacted with the scammers.…
Read More
Financial Organizations Urge CISA to Revise Proposed CIRCIA Implementation
Summary: A coalition of financial organizations is urging the US cybersecurity agency CISA to reconsider the proposed implementation of the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), citing its potential negative impacts. The groups argue that the current proposal diverts crucial resources from responding to cyber attacks and places undue burdens on organizations.…
Read More
Ransomware Builds Against Saudi Construction Firms
Summary: A ransomware attack by the DragonForce group has targeted Saudi construction firm Al Bawani, stealing approximately 6TB of sensitive data and highlighting increased cyber threats in the region. The attack underscores a concerning trend in which construction and real estate sectors are increasingly being targeted by cybercriminals, fueled by the proliferation of ransomware-as-a-service (RaaS) models.…
Read More
B2B Business Email Compromise: A Sophisticated Scheme Exploiting Trusted Relationships
Summary: Trend Micro has identified a complex Business Email Compromise (BEC) attack that manipulates trusted relationships between B2B partners, involving the compromise of an email server to facilitate fraud. The attack demonstrates an evolution from simple phishing attempts to sophisticated schemes where the threat actor gains full control over email conversations to divert funds.…
Read More
PrintSteal : Exposing unauthorized CSC-Impersonating Websites Engaging in Large-Scale KYC Document Generation Fraud
The report examines a widespread criminal operation involved in producing and distributing fake Indian KYC (Know Your Customer) documents via platforms like crrsg.site, which has generated over 167,391 fraudulent documents. This operation exploits a network of affiliates and illicit APIs to maintain extensive reach and profitability, with an estimated profit of ₹40 Lakh.…
Read More
Social Engineering: The Art of Psychological Exploitation Part 4
This article explores various social engineering crimes and case studies, emphasizing the significance of understanding these tactics for self-protection and cybersecurity awareness. Notable scams include QR code replacements, call forwarding scams, SIM swap scams, job fraud, phishing-as-a-service, and the notorious 2020 Twitter Bitcoin scam. These incidents highlight human vulnerability in cybersecurity and the need for continuous vigilance.…
Read More
Securing Critical Infrastructure: Industry Trends, Challenges, and Best Practices
Entities managing critical infrastructures such as energy, healthcare, and finance face increasing cyber threats that jeopardize public safety and economic stability. This vulnerability stems from outdated systems and a lack of comprehensive cybersecurity strategies. Recent attacks, notably by state-backed actors, underscore the urgent need for improved security measures across sectors.…
Read More
New Malware Campaign Uses Fake “Mods” and “Cracks” to Steal User Data
Summary: A malware campaign utilizing malicious GitHub repositories disguised as game modifications has been discovered, with over 1,100 repositories linked to Redox stealer malware. This malware engages in credential harvesting through social engineering tactics and technical obfuscation. Despite attempts by GitHub to detect and remove these threats, many repositories remain active, revealing significant gaps in monitoring.…
Read More
[Law] Three arrested for hacking hospital CCTV and selling videos of female patients
Summary: In Gujarat, India, three individuals have been arrested for hacking into a maternity hospital’s CCTV network and selling videos of female patients online. The disturbing footage, which showed medical examinations, was circulated on platforms like YouTube and Telegram for a subscription fee. The arrested persons are accused of generating revenue from these illicit activities.…
Read More

Victim: www.casinoessentials.com Country : US Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/edd499a7-cd9a-46f3-9461-14396f18ea74/ Discovered: 2025-02-28 20:36:55.305277 Published: 2025-02-28 15:42:49.000000 Description :Casino Essentials is a prominent provider of learning and performance management solutions for the gaming industry. The company offers e-learning courses on important topics such as anti-money laundering, the Bank Secrecy Act, and human trafficking prevention.…
Read More
Papua New Guinea Central Bank Successfully Thwarts Cyberattack Without Impact on Financial Data or Operations

Date Reported: 2025-02-21 Country: Papua New Guinea | PNG Victim: Banque de Papouasie-Nouvelle-Guinée | Bank of Papua New Guinea Website: bankpng.gov.pg Information :The Bank of Papua New Guinea (BPNG) successfully contained a recent cyberattack. There was no impact on financial data or banking operations. The bank’s cybersecurity team detected abnormal network activity on February 21 in an isolated test environment.…
Read More