Amibreached.com is a service developed by Cyble Inc., designed to help individuals and companies determine if their personal data has been exposed on the dark web. The platform allows users to search for various types of personal information, such as email addresses, phone numbers, and IP addresses, to see if they are present in data breaches or have been put up for sale on the dark web (Itigic).…
Tag: DARK WEB
Summary: This article discusses the rise of infostealer malware attacks and how cybercriminals are turning credential stealing into a profitable business. It highlights the increasing value of corporate credentials in the cybercrime market and the impact of these attacks on victims, particularly in the Asia-Pacific and Latin America regions.…
Threat Actor: USDoD | USDoD Victim: Various high-profile organizations and critical industries | various high-profile organizations and critical industries Price: Not specified Exfiltrated Data Type: Military data, law enforcement emails, sensitive data
Additional Information :
USDoD’s motivation for involvement in cybercrime activities is purely for fun, challenge, and exploiting the security systems of the USA and Europe.…Summary: The Akira ransomware operation has breached the networks of over 250 organizations and earned approximately $42 million in ransom payments, targeting victims across various industry verticals worldwide.
Threat Actor: Akira | Akira ransomware Victim: Various organizations | Akira ransomware victims
Key Point :
Akira ransomware has breached the networks of over 250 organizations and earned approximately $42 million in ransom payments.…At its core, threat hunting is the practice of proactively searching for signs of malicious activities or indicators of compromise (IOCs) before threat actors gain a deep foothold within your organization’s environment.
This involves observing both attacker behaviors (e.g., evidence of lateral movement, privilege escalation attempts, anomalous user activity) and indicators (e.g.,…
Summary: Cheap ransomware is being sold on dark web forums, allowing inexperienced individuals to enter the world of cybercrime without the need for affiliates, posing a challenge for defenders.
Threat Actor: Inexperienced freelancers selling cheap ransomware on dark web forums.
Victim: Small companies and individuals who are unlikely to have the resources to defend themselves effectively.…
Since its discovery in early 2023, Akira ransomware has evolved from a seemingly ordinary addition to the ransomware landscape to a significant threat affecting a wide range of businesses and critical infrastructure entities. This evolution, coupled with its unique aesthetic on its leak site and communications, has drawn attention to its operations.…
Summary: This article discusses the surge in cyberattacks using the leaked LockBit code, targeting various victims globally. It also explores the rise of new ransomware groups that are using modified versions of the leaked LockBit code.
Threat Actor: LockBit and various ransomware groups using the leaked LockBit code.…
Summary: The U.S. food and agriculture sector experienced 167 ransomware attacks in 2023, making it the seventh most targeted sector in the country. The industry continues to face cyber threats, with 40 attacks reported in the first quarter of 2024.
Threat Actor: Ransomware gangs such as LockBit, BlackCat, Play, 8Base, and Akira have targeted the food and agriculture sector.…
Summary: This blog post discusses recent cyber attacks conducted by Iranian threat actors during the “Swords of Iron War” against Hamas terrorists. It highlights the use of the “DarkBeatC2” C2 framework by MuddyWater and provides insights into the attacks and their victims.
Threat Actor: Iranian threat actors | Iranian threat actorsVictim: Israeli companies in the private sector | Israeli companies
Key Points:
Iranian threat actors have increased their “hack and leak” fake hacktivist operations against Israeli companies during the “Swords of Iron War” against Hamas terrorists.…
Executive SummaryIn this report, S2W TALON examined the trends of ransomware groups active in 2023 identifying the operational characteristics of each group and describing them from 5 perspectives:— Activity: The number of victim organizations uploaded to ransomware leak sites increased by 1.6 times in 2023 compared to 2022.…
Read More Podcasts provide an easy and effective way to stay up to date on the threat intelligence landscape. They cover a wide range of topics, including insights into the most recent developments and advice on how to protect yourself, your devices, and your business.
AI illustration by Bing
In this post, we have compiled a list of the top 10 threat intelligence podcasts.…
A hacker fakes his own death to avoid paying child support
Read More A hacker has confessed to orchestrating his own death to evade over $100,000 in child support payments to his ex-wife. Jesse E. Kipf pleaded guilty on March 29, 2024, to aggravated identity theft and computer fraud charges.…
Threat Actor: Unknown | Unknown Victim: Académie de Lyon and French Ministry of Education | Académie de Lyon and French Ministry of Education Price: Not specified Exfiltrated Data Type: Identity information, addresses, phone numbers, emails, relationships between middle school students, parents, teachers, and academic staff
Additional Information:
The data breach involves approximately 40,000 users associated with Académie de Lyon and the French Ministry of Education.…Safeguarding sensitive data, maintaining brand reputation, and cultivating customer trust pose continuous challenges for enterprise organizations. However, the dark web, a hidden corner of the internet, poses unique challenges for cybersecurity professionals. Criminal activities such as the sale of stolen credentials and plans for targeted attacks thrive in this dark section of the internet.…
Threat Actor: ShinyHunters | ShinyHunters Victim: AT&T | AT&T Price: Not mentioned Exfiltrated Data Type: Personal information (name, phone number, physical address, email address, social security number, date of birth)
Additional Information:
The data breach affected more than 51 million former and current AT&T customers. The leaked data was obtained by ShinyHunters from an unnamed AT&T division in 2021.…Check out our on-demand Annual Report webinar or read on for a summary of key topics and themes in the report.
2023 was a year in which cybercrime evolved in significant ways. Our 2023 annual report serves as a playbook of adversaries’ tactics, techniques, and procedures (TTPs) in 2023, with the goal of giving your security team a 360-degree view of the threat landscape.…
cstc-spares-vip-163.dowmload[.]net
8af93bed967925b3e5a70d0ad90eae1f13bc6e362ae3dac705e984f8697aaaad
Product.docx
Signature 1
Read More Signature 4
mofa-gov-pk.donwloaded[.]com e1ae44d26899969d520789e23c777d6c07785da23454664ad12b2783946a617c170ccf1225154fa0cd92a14219f0b912479cc4095203646c38a31bb78baafe9f
Note Verbale.docxUpdated_list.docx
Signature 1Signature 4
Signature 5
mtss.bol-south[.]org a45258389a3c0d4615f3414472c390a0aabe77315663398ebdea270b59b82a5c Leakage of Sensitive Data on Dark Web.docx Signature 1Signature 4
paknavy.defpak[.]org 7dcf935a24039dff2d084f41ab8ca318b28c53c01f9de069f087b3be15457ba9 LKGOD.docx Signature 1Signature 4
mail-dmp-navy-pk.dytt88[.]org a703c6772e8bcf7cd0aef05ecbee4c7f7f39371d45b42bf1030df2be5261717c DMP (Navy) Visit.docx Signature 1www-punjabpolice-gov-pk-sopforsecurityofforeignersandchinese.trans-aws[.]net…Threat Actor: Unknown | Unknown Victim: Spanish citizens | Spanish citizens Price: $10,000 Exfiltrated Data Type: Personal details of Spanish citizens
Additional Information :
The threat actor claims to possess a database containing the personal details of Spanish citizens. The database allegedly includes 39.8 million records.…Summary: Hackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI’s SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware.
Threat Actor: Unknown | Unknown Victim: Facebook users | Facebook
Key Point :
Hackers are using hijacked Facebook profiles to impersonate popular AI services and promote fake AI services through advertisements.…