Threat Actor: – Cyber_589

Victim: – Karabuk University

Information: – 💻 The threat actor, Cyber_589, claims to have breached the student and teacher information system login panel of Karabuk University. – 💼 The leaked database allegedly contains sensitive information such as identification details, names, surnames, emails, department affiliations, Turkish citizen identity numbers (TC), addresses, dates of birth (DoB), parental names and TCs, phone numbers, nationalities, and additional data.…

Read More

Threat Actor: 🔥

Victim: 🎯

Information: – The threat actor is offering the source code of AvEleminator software for sale. – AvEleminator is a tool designed for malicious purposes, aiming to neutralize antivirus, endpoint protection platforms, and endpoint detection and response security software. – The tool operates using certified signed drivers to bypass or disable security measures.…

Read More

Threat Actor: – Unknowns group – CyberDragon group – Cyber Army of Russia group

Victim: – Government of Slovenia – NLB (largest commercial bank in Slovenia) – Chamber of Commerce and Industry

Information: – The Unknowns group is believed to be behind the series of disruptive DDoS attacks targeting key state websites in Slovenia.…

Read More

Threat Actor: – Snatch group

Victim: – Miki Travel

Information: – Miki Travel is a globally renowned travel company offering various travel services. – Miki Travel has previously suffered a ransomware attack from another threat actor. – The company promptly disclosed the previous attack to their customers.…

Read More
Email to spread AgentTesla

Recently, AgentTesla operators have strengthened their malspam campaigns in Italy, confirming the trend observed in recent months towards a greater use of PDF attachments. These documents contain links that, once used, initiate the download of files with malicious JavaScript code.

The email in question urgently urges the recipient to view the attached document in the communication.…

Read More
Key FindingsExplosive AI growth: Enterprise AI/ML transactions surged by 595% between April 2023 and January 2024.Concurrent rise in blocked AI traffic: Even as enterprise AI usage accelerates, enterprises block 18.5% of all AI transactions, a 577% increase signaling rising security concerns. Primary industries driving AI traffic: manufacturing accounts for 21% of all AI transactions in the Zscaler security cloud, followed by Finance and Insurance (20%) and Services (17%).…
Read More

Threat Actor: – Unknown individual or group selling the zero-day vulnerability

Victim: – Major financial institutions, including: – Cryptocurrency exchanges – Governmental organizations – Banking institutions

Information: – The zero-day vulnerability is specifically designed to target large financial services companies. – The vulnerability allows buyers to send malicious files from authentic domains.…

Read More

Threat Actor: – Unknown individual or group

Victim: – Favenorte de Mato Verde (organization)

Additional Information: – The attack occurred in March 2024. – The threat actor leaked a database containing sensitive documents. – The compromised data includes ID cards, CPF cards, diploma certificates, electoral certificates, and potentially other confidential information.…

Read More

Threat Actor: – The threat actor offering unauthorized VPN access to a Chinese Telecommunication Company

Victim: – The Chinese Telecommunication Company with a revenue of $3 billion

Additional Information: – The access allows entry into Windows systems through a Windows VPN – The access provides authorization as the local administrator of the system – The company has over 5000 employees – The sale of this access is considered a significant opportunity in the domain of access transactions – The price for this illicit access is set at $5000

In a concerning development, a threat actor has surfaced, asserting the availability of unauthorized access to the VPN of a prominent Chinese Telecom Company, boasting a revenue of $3 billion.…

Read More

__________________________________________________ Summary : The GEOBOX tool on the Dark Web allows hackers to manipulate GPS, simulate networks, mimic Wi-Fi, and evade anti-fraud filters using Raspberry Pi devices.

Key Point : 🔒 Cybercriminals repurpose Raspberry Pi devices with GEOBOX for digital fraud 🔒 GEOBOX enables GPS manipulation, network simulation, Wi-Fi mimicry, and anti-fraud filter evasion 🔒 Threat actors use GEOBOX for cyberattack coordination, financial frauds, malware distribution, and more 🔒 Collaboration between law enforcement agencies and proactive cybersecurity measures are essential to counter such threats effectively ————————————————–

Cybercriminals now repurpose devices like Raspberry Pi into ‘plug-and-play’ weapons for digital fraud.…

Read More

Summary: The EMorocco group, also known as Evil Morocco, claims to have breached the United States Social Security Administration (SSA) and gained access to a significant amount of personal data.

Threat Actor: EMorocco Group (Evil Morocco)

Victim: United States Social Security Administration (SSA)

Additional Information: The EMorocco group, also known as Evil Morocco, has asserted that they have successfully infiltrated the systems of the United States Social Security Administration (SSA).…

Read More

The Brazilian financial sector is facing a formidable cyber threat known as CHAVECLOAK, a banking trojan that has emerged as a significant menace. This sophisticated malware is designed to breach security measures and extract sensitive financial information from potential victims.

An AI illustration of the CHAVECLOAK campaign

The CHAVECLOAK banking trojan primarily affects Microsoft Windows platforms and targets it’s users, especially those residing in Brazil.…

Read More