Tag: BANK

Scammers Send Fake Texts From E-ZPass and Other Toll Services to Siphon Payments
Summary: A new smishing scam is targeting individuals by masquerading as toll providers demanding payment for unpaid tolls through fraudulent text messages. The messages often threaten consequences for non-payment and include suspicious links designed to harvest personal information. Victims are urged to report and delete the messages, and to take protective measures for their sensitive data if they’ve interacted with the scammers.…
Read More
Financial Organizations Urge CISA to Revise Proposed CIRCIA Implementation
Summary: A coalition of financial organizations is urging the US cybersecurity agency CISA to reconsider the proposed implementation of the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), citing its potential negative impacts. The groups argue that the current proposal diverts crucial resources from responding to cyber attacks and places undue burdens on organizations.…
Read More
Ransomware Builds Against Saudi Construction Firms
Summary: A ransomware attack by the DragonForce group has targeted Saudi construction firm Al Bawani, stealing approximately 6TB of sensitive data and highlighting increased cyber threats in the region. The attack underscores a concerning trend in which construction and real estate sectors are increasingly being targeted by cybercriminals, fueled by the proliferation of ransomware-as-a-service (RaaS) models.…
Read More
B2B Business Email Compromise: A Sophisticated Scheme Exploiting Trusted Relationships
Summary: Trend Micro has identified a complex Business Email Compromise (BEC) attack that manipulates trusted relationships between B2B partners, involving the compromise of an email server to facilitate fraud. The attack demonstrates an evolution from simple phishing attempts to sophisticated schemes where the threat actor gains full control over email conversations to divert funds.…
Read More
PrintSteal : Exposing unauthorized CSC-Impersonating Websites Engaging in Large-Scale KYC Document Generation Fraud
The report examines a widespread criminal operation involved in producing and distributing fake Indian KYC (Know Your Customer) documents via platforms like crrsg.site, which has generated over 167,391 fraudulent documents. This operation exploits a network of affiliates and illicit APIs to maintain extensive reach and profitability, with an estimated profit of ₹40 Lakh.…
Read More
Social Engineering: The Art of Psychological Exploitation Part 4
This article explores various social engineering crimes and case studies, emphasizing the significance of understanding these tactics for self-protection and cybersecurity awareness. Notable scams include QR code replacements, call forwarding scams, SIM swap scams, job fraud, phishing-as-a-service, and the notorious 2020 Twitter Bitcoin scam. These incidents highlight human vulnerability in cybersecurity and the need for continuous vigilance.…
Read More
Securing Critical Infrastructure: Industry Trends, Challenges, and Best Practices
Entities managing critical infrastructures such as energy, healthcare, and finance face increasing cyber threats that jeopardize public safety and economic stability. This vulnerability stems from outdated systems and a lack of comprehensive cybersecurity strategies. Recent attacks, notably by state-backed actors, underscore the urgent need for improved security measures across sectors.…
Read More
New Malware Campaign Uses Fake “Mods” and “Cracks” to Steal User Data
Summary: A malware campaign utilizing malicious GitHub repositories disguised as game modifications has been discovered, with over 1,100 repositories linked to Redox stealer malware. This malware engages in credential harvesting through social engineering tactics and technical obfuscation. Despite attempts by GitHub to detect and remove these threats, many repositories remain active, revealing significant gaps in monitoring.…
Read More
[Law] Three arrested for hacking hospital CCTV and selling videos of female patients
Summary: In Gujarat, India, three individuals have been arrested for hacking into a maternity hospital’s CCTV network and selling videos of female patients online. The disturbing footage, which showed medical examinations, was circulated on platforms like YouTube and Telegram for a subscription fee. The arrested persons are accused of generating revenue from these illicit activities.…
Read More

Victim: www.casinoessentials.com Country : US Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/edd499a7-cd9a-46f3-9461-14396f18ea74/ Discovered: 2025-02-28 20:36:55.305277 Published: 2025-02-28 15:42:49.000000 Description :Casino Essentials is a prominent provider of learning and performance management solutions for the gaming industry. The company offers e-learning courses on important topics such as anti-money laundering, the Bank Secrecy Act, and human trafficking prevention.…
Read More
Papua New Guinea Central Bank Successfully Thwarts Cyberattack Without Impact on Financial Data or Operations

Date Reported: 2025-02-21 Country: Papua New Guinea | PNG Victim: Banque de Papouasie-Nouvelle-Guinée | Bank of Papua New Guinea Website: bankpng.gov.pg Information :The Bank of Papua New Guinea (BPNG) successfully contained a recent cyberattack. There was no impact on financial data or banking operations. The bank’s cybersecurity team detected abnormal network activity on February 21 in an isolated test environment.…
Read More
Smishing INPS: New Scam Threatens Criminal Consequences
CERT-AGID has detected numerous smishing campaigns targeting INPS users. Recently, a particularly threatening scheme has emerged, where scammers are intimidating victims with alleged legal consequences related to their tax declarations. Users receive SMS messages that lead them to a phishing page designed to steal personal information, including identity documents and bank details.…
Read More
DOGE’s ‘god-tier’ access to CFPB data opens door to market manipulation, experts say
Summary: Concerns have arisen regarding the extensive data access granted to Elon Musk’s DOGE team at the Consumer Financial Protection Bureau (CFPB), which poses risks to financial institutions and sensitive corporate information. Former officials warn that this access could lead to data leaks and conflicts of interest, particularly with Musk’s diverse business interests.…
Read More

https://github.com/jivoi/awesome-osint

A curated list of amazingly awesome open source intelligence tools and resources. Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term “open” refers to overt, publicly available sources (as opposed to covert or clandestine sources).

This list is to help all of those who are into Cyber Threat Intellience (CTI), threat hunting, or OSINT.…

Read More
AI-Fueled Tax Scams on the Rise
Summary: Taxpayers are increasingly targeted by AI-driven scams this tax season, with methods including AI-generated voice impersonations of IRS agents. A report from LifeLock reveals that over half of the respondents have encountered such scams, with significant financial impacts reported. As fraud tactics evolve, preventative measures and education are essential for protecting personal and financial information.…
Read More
Australian IVF giant Genea breached by Termite ransomware gang
Summary: The Termite ransomware gang has successfully breached Genea, a leading Australian fertility service provider, stealing and leaking sensitive healthcare data of patients. The stolen data includes personal details such as names, medical histories, and Medicare card numbers. Genea is currently cooperating with Australian authorities to address the breach and secure affected systems.…
Read More
How to Rein in Identity Session Security Risk With CAEP
Summary: Continuous Access Evaluation Profile (CAEP) is an emerging framework aimed at transforming session management for enterprises by enhancing real-time communication between identity providers (IDPs) and security systems. It addresses the challenges posed by unmanaged sessions, particularly in complex environments like financial services where security breaches can have severe consequences.…
Read More