Tag: CRYPTO

Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole .5 Billion in Bybit Heist
Summary: Safe{Wallet} disclosed details about a sophisticated cyberattack on Bybit, attributed to state-sponsored North Korean hackers. The attackers employed advanced social engineering techniques to compromise a developer’s machine and hijack AWS session tokens, enabling them to conduct covert operations. The incident highlights serious security vulnerabilities in the cryptocurrency industry, which faces record losses from hacks in 2025.…
Read More
Russian crypto exchange Garantex’s website taken down in apparent law enforcement operation
Summary: The U.S. and European law enforcement have seized the domain of the Russian cryptocurrency exchange Garantex amid allegations of its involvement in circumventing sanctions and facilitating cybercrime. This action followed Garantex’s announcement of million worth of assets being frozen by the cryptocurrency firm Tether. The exchange has been linked to illicit activities and has gained notoriety in the Russian crypto market since its founding in 2019.…
Read More
Unveiling EncryptHub: Analysis of a Multi-Stage Malware Campaign
EncryptHub, a notable cybercriminal organization, has gained increasing attention from threat intelligence teams due to its operational security missteps. These lapses have allowed analysts to gain insights into their tactics and infrastructure. The report details EncryptHub’s multi-stage attack chains, trojanized application distribution strategies, and their evolving killchain, making them a significant threat in the cyber landscape.…
Read More
Sendai Vulnlab – ESC4 & ReadGMSAPassword for AD Domination
In the latest round of Active Directory exploitation, Maverick dives into the Sendai machine, showcasing vulnerabilities in Active Directory Certificate Services, password management, and SMB enumeration. Through strategic techniques such as password spraying and privilege escalation, an impressive path to Domain Admin is laid out, emphasizing the importance of enumeration and awareness of misconfigurations in AD environments.…
Read More
Malicious Chrome extensions can spoof password managers in new attack
Summary: A new “polymorphic” attack allows malicious Chrome extensions to disguise themselves as legitimate ones, such as password managers, to steal sensitive information. Devised by SquareX Labs, the attack can manipulate installed extensions and employ phishing tactics to capture user credentials. SquareX has disclosed the attack to Google, urging for protective measures against this serious security threat.…
Read More
Call It What You Want: Threat Actor Delivers Highly Targeted Multistage Polyglot Malware
This article discusses a targeted email campaign by the threat cluster UNK_CraftyCamel, which targeted organizations in the UAE, particularly those involved in aviation and satellite communications. The attackers used sophisticated techniques, including polyglot files, to deliver a backdoor named Sosano, indicating advanced capabilities. Affected: Proofpoint customers, aviation organizations, satellite communications, transportation infrastructure, United Arab Emirates.…
Read More
North Koreans finish initial laundering stage after more than billion stolen from Bybit
Summary: North Korean hackers linked to the theft of over billion from crypto platform Bybit have completed the initial laundering stage of the stolen funds, moving them to new addresses. Experts highlight the efficient use of decentralized finance (DeFi) tools to obscure the origins of these assets, posing significant challenges for investigators.…
Read More

Victim: cimenyan.desa.id Country : ID Actor: funksec Source: http://funksec.top/cimenyan.desa.id Discovered: 2025-03-04 01:57:05.713585 Published: 2025-03-04 01:55:54.524912 Description : The domain “cimenyan.desa.id” is likely associated with an Indonesian village website. Cimenyan appears to be the name of a village in Indonesia. No specific information about the company or organization under this domain was found.…
Read More
Social Engineering: The Art of Psychological Exploitation Part 4
This article explores various social engineering crimes and case studies, emphasizing the significance of understanding these tactics for self-protection and cybersecurity awareness. Notable scams include QR code replacements, call forwarding scams, SIM swap scams, job fraud, phishing-as-a-service, and the notorious 2020 Twitter Bitcoin scam. These incidents highlight human vulnerability in cybersecurity and the need for continuous vigilance.…
Read More
RST TI Report Digest: 03 Mar 2025
This week’s threat intelligence report from RST Cloud analyzes various cybersecurity threats targeting different sectors and establishments. Noteworthy attacks include FatalRAT impacting industrial organizations in the Asia-Pacific region, with an advanced delivery mechanism utilizing DLL sideloading. The Silent Killers report discusses a large-scale exploitation of legacy drivers, while other reports cover threats like Koi Stealer, AMOS Stealer, and attackers affiliated with the Hellcat and Silver Fox groups targeting governmental and healthcare sectors, respectively.…
Read More
Securing Critical Infrastructure: Industry Trends, Challenges, and Best Practices
Entities managing critical infrastructures such as energy, healthcare, and finance face increasing cyber threats that jeopardize public safety and economic stability. This vulnerability stems from outdated systems and a lack of comprehensive cybersecurity strategies. Recent attacks, notably by state-backed actors, underscore the urgent need for improved security measures across sectors.…
Read More

Summary: The video discusses a significant cybersecurity breach involving the crypto exchange Bybit, where .5 billion was stolen by North Korean hackers. The incident was initially believed to be the CEO’s fault, but investigations revealed that vulnerabilities in the multi-signature wallet service, Safe, were compromised. Additionally, the video covers vulnerabilities in YouTube that could lead to user de-anonymization and new laws in Sweden that may require encrypted messaging apps to create back doors for law enforcement.…
Read More
Healthcare Malware Hunt, Part 1: Philips DICOM Viewers
The article discusses a campaign by the China-based Advanced Persistent Threat (APT) group Silver Fox, which exploited vulnerabilities in Philips DICOM viewers to deploy malware such as a Remote Access Tool (RAT), keyloggers, and crypto miners targeting healthcare organizations. The healthcare sector remains a significant target for cyberattacks, necessitating robust security measures.…
Read More