Stay Ahead of Cyber Threats – Daily Security Insights, Powered by AI
Summary: The notorious cybercriminal group Smishing Triad is targeting smartphone users in Pakistan with a large-scale smishing campaign aimed at stealing personal and financial information.
Threat Actor: Smishing Triad | Smishing Triad Victim: Smartphone users in Pakistan | Pakistan
Key Point :
The Smishing Triad, originating from China, has been targeting online banking, e-commerce, and payment systems in various regions, including the US, EU, UAE, KSA, and now Pakistan.…Summary: A former employee of Singapore-based NCS Group was sentenced to prison for accessing the company’s software test environment and wiping 180 virtual servers after his employment ended.
Threat Actor: Kandula Nagaraju | Kandula Nagaraju Victim: NCS Group | NCS Group
Key Point :
A former employee of NCS Group, Kandula Nagaraju, accessed the company’s software test environment and wiped 180 virtual servers after his employment ended.…Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.
Resecurity researchers have recently revealed that the Smishing Triad group has launched a fresh smishing campaign targeting Pakistani mobile users.
The gang members send harmful messages pretending to be Pakistan Post via iMessage and SMS in an attempt to steal personal and financial information.…
FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants.…
Threat Actor: Unknown | Unknown Victim: Cryptocurrency Exchange | Cryptocurrency Exchange Price: $30,000 USD Exfiltrated Data Type: User database, user portfolios, emails, and phone numbers
Additional Information:
The threat actor is offering access to a cryptocurrency exchange’s system administrator panel for $30,000 USD. The access includes RDP via a VPN and provides view-only access to the user database, including user portfolios, emails, and phone numbers.…Threat Actor: Unknown | Unknown Victim: Anand Lab | Anand Lab Price: Not indicated, negotiable Exfiltrated Data Type: Patient data
Additional Information:
The threat actor is selling 7,677,998 records of private patient information from Anand Lab. The total breach size is 1.02 TB. The database includes patient name, contact number, email, and sex.…Resecurity has identified a new activity of Smishing Triad, which has expanded its operations to Pakistan. The group’s latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile carriers via iMessage and SMS. The goal is to steal their personal and financial information.…
Threat Actor: Dark web threat actor | Dark web threat actor Victim: South African manufacturing company | South African manufacturing company Price: $1400 Exfiltrated Data Type: Not specified
Additional Information:
The threat actor claims to have access to a South African manufacturing company operating in the chemicals and manufacturing sectors.…Threat Actor: Unknown | Unknown Victim: Israeli Government | Israeli Government Price: Free Exfiltrated Data Type: Personal information (names, phone numbers, plates, date of birth, address)
Additional Information:
The threat actor uploaded an alleged database of www.gov.il to a dark web forum. The leaked data is from a website used by Israeli citizens for government affairs and bureaucratic tasks.…Summary: This article discusses the discovery of 24 vulnerabilities in a biometric access system manufactured by a Chinese company, highlighting the potential security risks associated with biometrics.
Threat Actor: N/A Victim: N/A
Key Point :
A biometric access system manufactured by a Chinese company was found to have 24 vulnerabilities, raising concerns about the security of biometric authentication.…Secure SHell (SSH) is a standard protocol for secure terminal connections and is generally used for controlling remote Linux systems. Unlike Windows OS that individual users use for desktops, Linux systems mainly fulfill the role of servers providing web, database, FTP, DNS, and other services. Of course, Windows also supports these services as a server.…
Threat Actor: Sp1d3r | Sp1d3r Victim: Cylance | Cylance Price: $750,000 Exfiltrated Data Type: Customer and employee emails, customer/prospect email and PII, products used by organizations, sales prospect list with activity status, Cylance partners list, and users list.
Additional Information:
The stolen data includes 34 million customer and employee emails, customer/prospect email and PII, products used by organizations, sales prospect list with activity status, Cylance partners list, and users list.…Threat Actor: Unknown | Unknown Victim: Metro Group of Hospitals | Metro Group of Hospitals Price: Not specified (negotiable) Exfiltrated Data Type: Patient data
Additional Information:
The threat actor claims to have patient data from India’s Metro Group of Hospitals. The database is 379 GB in size and contains approximately 1.5 million records of IPD patient private data and 1.3 million records of OPD patient private data.…Through the course of our incident response engagements and threat intelligence collections, Mandiant has identified a threat campaign targeting Snowflake customer database instances with the intent of data theft and extortion. Snowflake is a multi-cloud data warehousing platform used to store and analyze large amounts of structured and unstructured data.…
Threat Actor: Unknown | Unknown Victim: OpenCart | OpenCart Price: Not mentioned Exfiltrated Data Type: Not mentioned
Additional Information:
The threat actor claims to have identified two critical 0-day vulnerabilities in the most recent version of OpenCart. The vulnerabilities include an SQL injection flaw and a broken access control issue.…Summary: A Russian hacktivist crew threatens to attack European internet infrastructure in retaliation for European Parliament-issued sanctions and opposition to the invasion of Ukraine.
Threat Actor: NoName57(16) | NoName57(16) Victim: European Union (EU) | European Union
Key Point :
A Russian hacktivist crew, NoName57(16), along with seven other groups, threatens to launch cyber attacks on European internet infrastructure.…Threat Actor: Unknown | Unknown Victim: Egyptian Universities | Egyptian Universities Price: Not mentioned Exfiltrated Data Type: Not mentioned
Additional Information:
The threat actor claims to have WebShell access to the web systems of four universities in Egypt. The WebShell grants NT Authority or www-data access.…Adversaries don’t work 9-5 and neither do we. At eSentire, our 24/7 SOCs are staffed with Elite Threat Hunters and Cyber Analysts who hunt, investigate, contain and respond to threats within minutes.
We have discovered some of the most dangerous threats and nation state attacks in our space – including the Kaseya MSP breach and the more_eggs malware.…
Summary: A Romanian citizen named Vlad Terebes has been charged with identity theft and bank fraud for conducting card skimming at several large retail stores in Puerto Rico.
Threat Actor: Vlad Terebes | Vlad Terebes Victim: Multiple customers of large retail stores in Manatí, Canóvanas, Caguas, and Carolina, Puerto Rico.…
This staggering amount underscores the imminent need for cyber security to be treated as a global priority. Moreover, with the explosion of generative AI (besides chatGPT as well!), the current 2200 daily attacks, are expected to not only multiply manifold but become far more individualized.…