Threat Actor: Just Evil
Victim: UK Defense Personnel employed by BAE Systems
Information:
– 
Just Evil hacking collective claims to have access to sensitive data from UK defense service personnel.
– The group allegedly obtained personal information such as resumes, certifications, and job roles.…
Tag: DARK WEB
Summary : UnitedHealth Group has admitted that patient data was taken in a mega attack, leading to a significant breach of sensitive personal, financial, and health information.
Key Point :
The U.S. Department of State is offering a reward of up to $10 million for information on the ransomware group behind the attack.…
Threat Actor: – Cyber_589
Victim: – Karabuk University
Information:
– 
The threat actor, Cyber_589, claims to have breached the student and teacher information system login panel of Karabuk University.
– 
The leaked database allegedly contains sensitive information such as identification details, names, surnames, emails, department affiliations, Turkish citizen identity numbers (TC), addresses, dates of birth (DoB), parental names and TCs, phone numbers, nationalities, and additional data.…
Threat Actor:
Victim:
Information: – The threat actor is offering unauthorized access to a prominent American architecture & design company. – The company has a revenue of $90+ million and employs over 400 people. – The company utilizes Sentinel EDR and offers access to Citrix, Fortinet VPN, RDP, and Anydesk connections.…
Threat Actor:
Victim:
Information: – The threat actor is offering the source code of AvEleminator software for sale. – AvEleminator is a tool designed for malicious purposes, aiming to neutralize antivirus, endpoint protection platforms, and endpoint detection and response security software. – The tool operates using certified signed drivers to bypass or disable security measures.…
Slovenia Targeted by Cyber Attacks Amidst Growing Tensions Over Support for Ukraine – Daily Dark Web
Threat Actor: – Unknowns group – CyberDragon group – Cyber Army of Russia group
Victim: – Government of Slovenia – NLB (largest commercial bank in Slovenia) – Chamber of Commerce and Industry
Information: – The Unknowns group is believed to be behind the series of disruptive DDoS attacks targeting key state websites in Slovenia.…
Summary: Apps found on Google Play are turning devices into proxy network nodes without users’ knowledge, posing a security risk.
Key Point:
Apps with hidden proxy network functionality are being removed from Google Play.
The LumiApps SDK is used to enroll devices in a residential proxy network.…
Summary : Municipalities in Texas and Georgia are facing disruptions in services due to ransomware attacks.
Key Point :
Gilmer County in Georgia is experiencing a ransomware attack affecting services for its residents.
Fulton County in Georgia is still restoring critical services after a ransomware attack in January.…
Threat Actor: – Snatch group
Victim: – Miki Travel
Information: – Miki Travel is a globally renowned travel company offering various travel services. – Miki Travel has previously suffered a ransomware attack from another threat actor. – The company promptly disclosed the previous attack to their customers.…
Email to spread AgentTesla
Read More Recently, AgentTesla operators have strengthened their malspam campaigns in Italy, confirming the trend observed in recent months towards a greater use of PDF attachments. These documents contain links that, once used, initiate the download of files with malicious JavaScript code.
The email in question urgently urges the recipient to view the attached document in the communication.…
Key FindingsExplosive AI growth: Enterprise AI/ML transactions surged by 595% between April 2023 and January 2024.Concurrent rise in blocked AI traffic: Even as enterprise AI usage accelerates, enterprises block 18.5% of all AI transactions, a 577% increase signaling rising security concerns. Primary industries driving AI traffic: manufacturing accounts for 21% of all AI transactions in the Zscaler security cloud, followed by Finance and Insurance (20%) and Services (17%).…
Read More It’s tax season, that wonderful time of year when a refund check might be showing up in your mailbox—or going out to be sent to the government.
Around the world, many countries are gearing up for tax time.
This becomes a common time for hackers to step in.…
Threat Actor: – Unknown individual or group selling the zero-day vulnerability
Victim: – Major financial institutions, including: – Cryptocurrency exchanges – Governmental organizations – Banking institutions
Information: – The zero-day vulnerability is specifically designed to target large financial services companies. – The vulnerability allows buyers to send malicious files from authentic domains.…
Threat Actor: – Unknown individual or group
Victim: – Favenorte de Mato Verde (organization)
Additional Information: – The attack occurred in March 2024. – The threat actor leaked a database containing sensitive documents. – The compromised data includes ID cards, CPF cards, diploma certificates, electoral certificates, and potentially other confidential information.…
Threat Actor: – The threat actor claiming to possess the trove of emails from UNAM IIMAS.
Victim: – UNAM IIMAS (Instituto de Investigaciones en Matemáticas Aplicadas y en Sistemas de la Universidad Nacional Autónoma de México)
Additional Information: – The emails are stored in .msg format.…
Threat Actor: – The threat actor offering unauthorized VPN access to a Chinese Telecommunication Company
Victim: – The Chinese Telecommunication Company with a revenue of $3 billion
Additional Information: – The access allows entry into Windows systems through a Windows VPN – The access provides authorization as the local administrator of the system – The company has over 5000 employees – The sale of this access is considered a significant opportunity in the domain of access transactions – The price for this illicit access is set at $5000
In a concerning development, a threat actor has surfaced, asserting the availability of unauthorized access to the VPN of a prominent Chinese Telecom Company, boasting a revenue of $3 billion.…
____________________ Summary : Ransomware gang attacks the Big Issue, a street newspaper supporting the homeless
Key Point :
The Big Issue, a street newspaper in the UK, has been impacted by a cyber incident.
The Qilin ransomware gang stole 550 gigabytes of confidential data.…
__________________________________________________ Summary : The GEOBOX tool on the Dark Web allows hackers to manipulate GPS, simulate networks, mimic Wi-Fi, and evade anti-fraud filters using Raspberry Pi devices.
Key Point :
Cybercriminals repurpose Raspberry Pi devices with GEOBOX for digital fraud
GEOBOX enables GPS manipulation, network simulation, Wi-Fi mimicry, and anti-fraud filter evasion
Threat actors use GEOBOX for cyberattack coordination, financial frauds, malware distribution, and more
Collaboration between law enforcement agencies and proactive cybersecurity measures are essential to counter such threats effectively
————————————————–
Cybercriminals now repurpose devices like Raspberry Pi into ‘plug-and-play’ weapons for digital fraud.…
Summary: The EMorocco group, also known as Evil Morocco, claims to have breached the United States Social Security Administration (SSA) and gained access to a significant amount of personal data.
Threat Actor: EMorocco Group (Evil Morocco)
Victim: United States Social Security Administration (SSA)
Additional Information: The EMorocco group, also known as Evil Morocco, has asserted that they have successfully infiltrated the systems of the United States Social Security Administration (SSA).…
The Brazilian financial sector is facing a formidable cyber threat known as CHAVECLOAK, a banking trojan that has emerged as a significant menace. This sophisticated malware is designed to breach security measures and extract sensitive financial information from potential victims.
An AI illustration of the CHAVECLOAK campaign
The CHAVECLOAK banking trojan primarily affects Microsoft Windows platforms and targets it’s users, especially those residing in Brazil.…