Tag: DARK WEB

Summary: The video discusses the dark web, addressing seven frequently asked questions from viewers based on the creator’s prior video. It provides important insights into the nature of the dark web, its content, and the implications for users who might consider exploring it.

Keypoints:

The internet can be likened to an iceberg, with the surface web being only about 5% of the whole, while 95% constitutes the deep web, which is not indexed.…
Read More
PowerSchool previously hacked in August, months before data breach
Summary: PowerSchool has released a CrowdStrike investigation report detailing a significant data breach that initially occurred in August and September 2024, affecting the sensitive information of millions of students and teachers. The breach involved unauthorized access to PowerSchool’s customer support portal, exposing critical personal data and raising concerns about the lack of transparency regarding the number of individuals impacted.…
Read More
AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution
The article discusses a cybercriminal campaign using fake GitHub repositories to distribute SmartLoader, which delivers Lumma Stealer and other malware. These repositories masquerade as gaming cheats and software cracks to lure users, taking advantage of GitHub’s credibility. The use of AI-generated content makes the repositories appear legitimate, making it crucial for individuals and organizations to be vigilant.…
Read More
Smishing on INPS: How to Act in Case of Data Theft
This article discusses the rise in smishing scams impersonating the Italian National Institute of Social Security (INPS), aimed at stealing personal information. It outlines the methodology used by scammers, potential consequences for victims, and preventive measures to stay safe. Affected: INPS, personal data security, online users

Keypoints :

The CERT-AGID has reported a surge in scams exploiting the INPS name.…
Read More
Dark Web Profile: APT35
APT35, also known as Charming Kitten, is an Iranian state-sponsored cyber-espionage group targeting various sectors through sophisticated cyber campaigns. Since its emergence in 2014, APT35 has been involved in high-profile incidents such as the HBO data breach and attempted compromises of U.S. governmental and campaign-related accounts.…
Read More

Summary: The video discusses the troubling case of US Army soldier Cameron Waginas, who was arrested for unlawfully transferring confidential phone records. He faces significant prison time for his actions, which involved infiltrating telecommunications companies and leaking private data on the dark web.

Keypoints:

Cameron Waginas, a US Army soldier, pled guilty to two counts of transferring confidential phone records.…
Read More
Indian Sales & Logistics Platform Allegedly Breached
Summary: A threat actor named “JumboJet” has reportedly breached the Indian business automation platform Basiq360, claiming to have stolen a vast database that includes sensitive sales, distributor, and payment information. The breach, which affects over 3.5 million rows of data, has been announced on a dark web forum where the hacker is attempting to sell the information for cryptocurrency.…
Read More
US charges Garantex admins with money laundering, sanctions violations
Summary: The U.S. has charged Garantex crypto-exchange administrators with money laundering and violating sanctions, accusing them of laundering over billion since 2019 for criminal organizations. U.S. authorities have seized Garantex’s domains, servers, and frozen substantial funds linked to these illicit activities. The exchange has temporarily suspended operations following measures by Tether to block its digital wallets due to EU sanctions.…
Read More
Bosowa Berlian Motor Allegedly Breached
Summary: A recent dark web post claims that PT Bosowa Berlian Motor has suffered a significant data breach, involving the compromise of its database and website source code. The exposed data reportedly exceeds 5 GB, including SQL database files and a large number of tables. This incident raises concerns about the security of sensitive information related to one of Indonesia’s major automotive companies.…
Read More
Security Implications of Low-Code/No-Code Platforms: The Unseen Cyberwar
This article provides a thorough analysis of the security vulnerabilities associated with low-code/no-code (LCNC) platforms, exposing architectural flaws and real-world breaches. It outlines case studies involving significant breaches such as Microsoft Power Apps and Airtable, highlighting the negligence of platform providers. A call to action for stronger security practices and vendor accountability concludes the report.…
Read More
Who are Hellcat Ransomware Group? | Bridewell
The Hellcat Ransomware Group is a newly identified Ransomware-as-a-Service (RaaS) threat group, recognized for targeting various organizations, especially in telecommunications and government sectors. Their operations reveal sophisticated tactics, including phishing, exploitation of public-facing applications, and deployment of PowerShell for maintaining persistence. The group has shown strong ties with other ransomware actors and employs unique methods for data exfiltration.…
Read More
Emulating the Relentless RansomHub Ransomware
RansomHub is a newly emerged Ransomware-as-a-Service (RaaS) operation targeting organizations globally, implementing a double-extortion model that encrypts and steals sensitive data. The encryptor, encoded in C++ or Go, presents challenges for security analysis due to its password requirement for execution. Potential links to previous ransomware groups like Knight and BlackCat/ALPHV are noted.…
Read More
[Law] The US sanctions Iranian man behind the Nemesis Dark Web marketplace
Summary: The US Department of the Treasury has sanctioned Behrouz Parsarad, an administrator of the now-defunct Nemesis Dark Web marketplace, which trafficked in illicit goods and services. Parsarad is accused of continuing efforts to relaunch the marketplace despite prior shutdown attempts by authorities. The sanctions have frozen his assets in the US, prohibiting any financial transactions and warning institutions against dealings with his associated cryptocurrency addresses.…
Read More
Dark Web Profile: Ghost (Cring) Ransomware – SOCRadar® Cyber Intelligence Inc.
The Ghost (Cring) ransomware is a critical cybersecurity threat primarily targeting organizations with vulnerable systems, including healthcare, finance, government, and education sectors. This ransomware employs sophisticated techniques such as exploiting vulnerabilities, lateral movement, and advanced evasion methods to encrypt sensitive data and demand ransom payments. Affected: healthcare, financial services, government, critical infrastructure, manufacturing, education, professional services, retail, e-commerce

Keypoints :

Ghost (Cring) ransomware has been active since at least 2021, targeting vulnerable internet-facing systems.…
Read More