### #OperationDigitalEye #VisualStudioCodeExploitation #ChinaNexusAPT
Summary: Operation Digital Eye is a cyberespionage campaign attributed to a suspected China-nexus threat actor targeting IT service providers in Southern Europe, leveraging innovative techniques such as Visual Studio Code tunneling for command and control. The campaign highlights the strategic nature of these attacks, aiming to establish footholds within critical digital supply chains.…
### #TelecomThreats #SaltTyphoon #CyberEspionage
Summary: A joint advisory from Australia, Canada, New Zealand, and the U.S. has revealed ongoing cyber espionage activities by China-affiliated threat actors, specifically targeting telecommunications providers. The campaign, attributed to the group Salt Typhoon, has been active for several years and continues to pose risks to U.S.…
### #UKCyberThreats #NCSCAnnualReview #RansomwareRisks
Summary: The UK’s National Cyber Security Centre (NCSC) warns of increasing cyber-attack frequency and severity, highlighting the urgent need for stronger defenses across organizations. The report reveals a significant rise in incidents, particularly ransomware attacks, and emphasizes the role of nation-state actors in escalating threats.…
### #StreamingCrackdown #PiracyEnforcement #InternationalCollaboration
Summary: A significant operation led by law enforcement from multiple countries has dismantled one of the largest illegal streaming networks, impacting millions of users and resulting in substantial economic damages to copyright holders. The coordinated effort involved extensive searches and arrests targeting key players in the piracy operation.…
### #OperationSerengeti #AfricanCyberCrime #InterpolAfripol
Summary: Operation Serengeti, a collaborative effort by Interpol and Afripol, led to significant law enforcement actions across 19 African nations, resulting in over 1,000 arrests and the dismantling of extensive cybercrime networks. The operation targeted various fraudulent schemes, including credit card fraud, Ponzi schemes, and cryptocurrency scams, highlighting the growing threat of cybercrime in the region.…
### #EcommerceFraud #HolidayScams #FakeStores
Summary: The 2024 holiday shopping season is witnessing a dramatic increase in fraudulent e-commerce activities, with fake online stores exploiting consumers during peak shopping times. A report by Netcraft reveals that these scams are primarily facilitated by the SHOPYY platform, which is being misused by cybercriminals to create convincing replicas of legitimate stores.…
### #TelecomEspionage #SaltTyphoon #ChineseCyberOperations
Summary: A significant cyberespionage campaign attributed to Chinese hackers has targeted U.S. telecommunications firms, compromising sensitive communications and data. The attacks, linked to a group known as Salt Typhoon, have raised alarms over national security and the potential for long-term access to critical infrastructure.…
### #APT60 #EastAsiaCyberThreats #PhishingExploits
Summary: A sophisticated cyber-attack targeting Japanese and East Asian organizations has been linked to the threat group APT-C-60, utilizing phishing emails disguised as job applications to deploy malware. The attack highlights the evolving tactics of cybercriminals leveraging legitimate platforms for malicious purposes.…
### #HackerCollaboration #WaterSecurity #CriticalInfrastructure
Summary: The Franklin project aims to enhance the cybersecurity of America’s critical water infrastructure by engaging top hackers to identify and fix vulnerabilities in six participating water companies. Launched at DEF CON, this initiative seeks to improve resilience against cyber threats while fostering a culture of collaboration and knowledge sharing.…
### #IoTExploitation #DDoSForHire #BotnetOperations
Summary: The threat actor known as Matrix is conducting a widespread DDoS campaign by exploiting vulnerabilities in IoT devices, showcasing a DIY approach to cyberattacks. This operation highlights the accessibility of tools for executing multi-faceted attacks driven by financial motivations.
Threat Actor: Matrix | Matrix Victim: Various IP addresses | IP addresses
Key Point :
Matrix utilizes known security flaws and weak credentials to access a wide range of internet-connected devices.…### #OperationSerengeti #CyberCrimeCrackdown #AfricanLawEnforcement
Summary: Operation Serengeti led to the arrest of over a thousand individuals across 19 African countries, targeting major cybercriminal activities that resulted in nearly $193 million in global financial losses. The coordinated effort by Interpol and Afripol dismantled numerous malicious infrastructures and networks linked to various cybercrimes.…
### #RemoteCodeExecution #CyberEspionage #VulnerabilityManagement
Summary: A critical vulnerability (CVE-2023-28461) affecting Array Networks AG and vxAG secure access gateways has been actively exploited, prompting its addition to the CISA’s Known Exploited Vulnerabilities catalog. The flaw, which allows for remote code execution due to missing authentication, has been linked to the Earth Kasha cyber espionage group targeting various entities.…
Victim: GuangDong South Land pharmaceutical Country : CN Actor: ransomhouse Source: http://zohlm7ahjwegcedoz7lrdrti7bvpofymcayotp744qhx6gjmxbuo2yid.onion/r/89583126fb1f0578b410bd88ad34d7f87d9f9d68 Discovered: 2024-11-25 10:16:47.327251 Published: 2024-10-10 00:00:00.000000 Description : Nan guo Pharmaceutical is located in Fenton Industrial Zone, Zhanjiang. It has built a digital intelligent production base, and has dozens of modern pharmaceutical production workshops.…
Victim: INFiLED Country : CN Actor: ransomhouse Source: http://zohlm7ahjwegcedoz7lrdrti7bvpofymcayotp744qhx6gjmxbuo2yid.onion/r/bad9aff23876dff0639d6b68e21a5e71e20181a8 Discovered: 2024-11-25 13:50:56.789366 Published: 2024-11-01 00:00:00.123456 Description : INFiLED is a high-tech enterprise specialized in developing and manufacturing large LED video equipment
Ransomware Victims – ALL Other Victims by ransomhouse
Ransomware Incident Overview
Ransomware Incident Overview Victim: INFiLED INFiLED is a high-tech enterprise specializing in the development and manufacturing of large LED video equipment.…Threat Actor: Unknown | unknown Victim: Fujian Provincial Government | Fujian Provincial Government Price: Not disclosed Exfiltrated Data Type: Sensitive government information
Key Points :
A database from the Fujian provincial government in China has been leaked online. The exposed data includes sensitive information that may impact individuals and organizations in the region.…### #EarthKasha #APT10 #CyberEspionage
Summary: Earth Kasha, a threat actor associated with APT10, has broadened its targeting to India, Taiwan, and Japan, employing advanced tactics such as spear-phishing and exploiting vulnerabilities in public-facing applications. Their operations involve the use of various backdoors, including NOOPDOOR, to maintain persistent access to compromised networks, posing a significant threat to organizations in advanced technology and government sectors.…
### #GelsemiumEspionage #LinuxThreats #StateSponsoredAttacks
Summary: A China-linked state-sponsored threat actor, Gelsemium, has launched a new espionage campaign targeting Linux systems with previously unknown malware strains. This marks a significant shift in their tactics, as they have primarily focused on Windows systems in the past.
Threat Actor: Gelsemium | Gelsemium Victim: Unknown | unknown victim
Key Point :
Gelsemium has been active since at least 2014, primarily targeting East Asia and the Middle East.…### #TibetanCyberEspionage #TAG112 #CobaltStrikeThreat
Summary: A China-linked threat group, TAG-112, has compromised Tibetan media and university websites to deploy the Cobalt Strike toolkit for cyber espionage. This campaign highlights ongoing attacks targeting Tibetan entities, utilizing malicious JavaScript to trick users into downloading harmful software.
Threat Actor: TAG-112 | TAG-112 Victim: Tibet Post, Gyudmed Tantric University | Tibet Post, Gyudmed Tantric University
Key Point :
TAG-112 embedded malicious JavaScript in Tibetan websites to deliver a disguised Cobalt Strike payload.…