FINANCIAL – Cybersecurity News Everyday

Beware of Contacts through LinkedIn: They Target Your Organization’s Property, Not Yours – JPCERT/CC Eyes | JPCERT Coordination Center official Blog

January 21, 2025January 21, 2025 admin

Recent reports indicate unauthorized access in Japan, primarily using LinkedIn as an infection vector. The Lazarus attack group has been identified as responsible for these attacks, which have targeted organizations since 2019. Recommendations include restricting the use of social networking services on work devices. Affected: LinkedIn, Bitcoin.DMM.com…

Cyber Security News

ChatGPT Crawler Vulnerability Abused to Trigger Reflexive DDoS Attacks

January 21, 2025January 21, 2025 admin

Summary: Security researchers have identified a critical vulnerability in OpenAI’s ChatGPT API that can be exploited to conduct Reflective Distributed Denial of Service (DDoS) attacks. This flaw, with a CVSS score of 8.6, poses significant risks to the scalability and security of AI services on cloud platforms, particularly Microsoft Azure.…

Ransom Monitor

Ransom! PetroVietnam Exploration Production Corporation

January 21, 2025 Monitorman

Victim: PetroVietnam Exploration Production Corporation Country : VN Actor: hunters Source: https://hunters55rdxciehoqzwv7vgyv6nt37tbwax2reroyzxhou7my5ejyid.onion/companies/4004170824 Discovered: 2025-01-20 21:17:29.237592 Published: 2025-01-20 21:17:26.984396 Description : Exfiltrated data: Yes Encrypted data: Yes

About Country VN (Vietnam)

– Cybersecurity Landscape: Vietnam has been evolving rapidly in the field of cybersecurity, facing increasing threats as the country digitalizes.…

Ransom Monitor

Ransom! theurswickschool.co.uk

January 21, 2025 Monitorman

Victim: theurswickschool.co.uk Country : GB Actor: kairos Source: http://nerqnacjmdy3obvevyol7qhazkwkv57dwqvye5v46k5bcujtfa6sduad.onion/detail?code=theurswickschool-co-uk-uk-98gb Discovered: 2025-01-20 21:13:50.771920 Published: 2025-01-20 21:13:50.771920 Description : Below are key points about The Urswick School in the UK: Location: The Urswick School is located in London, UK. Type: It is a co-educational secondary school. Age Range: The school caters to students aged 11 to 16.…

Threat Research

Facilitating Phishing and Pig Butchering Activities using Zendesk Infrastructure [Bait & Switch Mode]

January 21, 2025 CloudSek

This report serves as an advisory to organizations regarding the misuse of Zendesk’s platform for creating subdomains that impersonate legitimate companies, potentially facilitating investment scams. The analysis highlights how these domains can be exploited for phishing attacks, particularly through a technique known as Pig Butchering. Organizations are urged to block or take down suspicious domains to prevent disruptions.…

Ransom Monitor

Ransom! malindoair.com

January 21, 2025 Monitorman

Victim: malindoair.com Country : MY Actor: apt73 Source: http://basherq53eniermxovo3bkduw5qqq5bkqcml3qictfmamgvmzovykyqd.onion/page_company.php?id=114 Discovered: 2025-01-20 17:41:58.153823 Published: 2025-01-20 17:41:58.153823 Description : Airlines in Bangladesh Airports in Bangladesh Air Services in Bangladesh Passenger Identification Name of Passenger Reservation Details Date of Travel

About Country MY (Malaysia)

– Cybersecurity Landscape: Malaysia has been proactive in developing its cybersecurity framework, with initiatives led by the Malaysian Communications and Multimedia Commission (MCMC) and CyberSecurity Malaysia.…

Cyber Security News

Phishing Attacks Are the Most Common Smartphone Security Issue for Consumers

January 21, 2025 CybersecurityNews

Summary: A recent consumer survey highlights that phishing attacks are the most prevalent security concern among smartphone users, followed by malware and physical theft. Testing reveals that while Samsung S24 excels in anti-phishing protection, other premium devices, including the iPhone 16 Pro, lack adequate security features.…

Threat Research

Qbot is Back Connect

January 21, 2025January 21, 2025 iocOne

QBot, a modular information stealer, has resurfaced following law enforcement actions aimed at its operators. Recent research indicates the use of DNS tunneling in conjunction with Zloader, revealing connections to new backConnect malware that may be utilized in ransomware attacks. Affected: QBot operators, financial institutions, cybersecurity sector

Keypoints :

QBot, also known as Qakbot or Pinkslipbot, has been active since 2007.…

Cyber Security News

US Ban on Automotive Components Could Curb Supply Chain

January 20, 2025 CybersecurityNews

Summary: The US Department of Commerce is set to enforce new regulations banning the import of connected-vehicle technology from China and Russia due to cybersecurity concerns. This move follows President Biden’s declaration of a national emergency over the reliance on foreign technology in the automotive sector.…

Cyber Security News

EU To Launch Support Centre by 2026 to Boost Healthcare Cybersecurity

January 20, 2025 Cyware

Summary: The EU Commission has unveiled a new action plan aimed at enhancing the cybersecurity of healthcare providers, featuring the establishment of a pan-European Cybersecurity Support Centre. This initiative responds to a significant increase in cyber threats within the healthcare sector, with 309 reported incidents in 2023 alone.…

Trash

Threat Intelligence Report January 14 to January 20 2025

January 20, 2025January 20, 2025 iocOne

The Lynx ransomware, identified as a successor to the INC ransomware family, has been actively targeting various industries in the US and UK since July 2024. Operating under a ransomware-as-a-service model, Lynx employs tactics such as phishing, service termination, and double extortion. The ransomware uses robust encryption methods and has shown a significant overlap with its predecessor, INC.…

Cyber Security News

Missing Link: The Era of Ransomware Begins with a 5.25″ Floppy Disk

January 20, 2025 iocOne

This article discusses the origins and evolution of ransomware, tracing back to the first known instance involving a floppy disk labeled “AIDS Information” sent in 1989. It highlights the impact of ransomware on individuals and organizations, the methods used by cybercriminals, and the ongoing threat posed by such attacks today.…

Trash

Weekly Cybersecurity Roundup: January 13, 2025 – January 19, 2025

January 20, 2025January 20, 2025 iocOne

A series of critical vulnerabilities have been reported across various platforms, including Aviatrix Controller and Microsoft 365 applications, leading to significant security risks such as unauthorized access and data breaches. Additionally, a new phishing tactic targeting Apple iMessage users and a malicious PyPi package aimed at Discord developers have emerged, highlighting the evolving threat landscape.…

Ransom Monitor

Ransom! Richardson

January 19, 2025 Monitorman

Victim: Richardson Country : Actor: qilin Source: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=65724f36-38b3-3cab-a248-3f8c3fb1f0fe Discovered: 2025-01-19 15:32:56.228135 Published: 2025-01-19 15:31:40.339140 Description : Founded in 1978, Richardson Sales Performance is an international company specializing in sales training and performance enhancement. We are dedicated to helping you increase revenue and foster long-term customer relationships.…

Info Data Leak

Massive Data Breach Hits NBI: Millions of Records Exposed Online

January 19, 2025 LeakNews

Summary: The National Bureau of Investigation (NBI) in the Philippines has experienced a significant data breach, attributed to a threat actor known as “Zodiac Killer.” The breach, which involves over 3.6 GB of sensitive data, includes personal information of millions, potentially leading to severe privacy and security risks.…

Info Data Leak

Online Loan Platform Data Leak Raises Privacy Issues

January 19, 2025 DailyDarkWeb

Victim: Online Loan Platform | Online Loan Platform Price: Not disclosed Data: Financial data and personal user information

Keypoints :

Leaked database includes usernames, email addresses, contact numbers, and loan records. Incident raises concerns about the security of digital lending platforms. Potential risks include identity theft and fraudulent activities.…

Info Data Leak

Massive Leak of Online Loan User Data Raises Concerns

January 19, 2025 DailyDarkWeb

Victim: Online Loan Platform | Online Loan Platform Price: Not disclosed Data: Usernames, email addresses, phone numbers, loan amounts, financial transaction records

Keypoints :

Massive data breach involving an online loan platform. Exposed sensitive user information, raising concerns about data security and privacy. Leaked database includes usernames, email addresses, phone numbers, loan amounts, and financial transaction records.…

Ransom Monitor

Ransom! MassDevelopment

January 18, 2025 Monitorman

Victim: MassDevelopment Country : US Actor: bianlian Source: http://bianlianlbc5an4kgnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onion/companies/massdevelopment.com/ Discovered: 2025-01-18 11:58:56.070595 Published: 2025-01-18 11:58:56.070595 Description : MassDevelopment, the state’s development finance agency and land bank, collaborates with businesses, nonprofit organizations, banks, and communities to promote economic growth.

Ransomware Victims – ALL | Other Victims by bianlian

Understanding the Context of MassDevelopment About the Victim: MassDevelopment MassDevelopment is the state’s development finance agency and land bank.…

Ransom Monitor

Ransom! Marina Family Medical

January 18, 2025 Monitorman

Victim: Marina Family Medical Country : AU Actor: moneymessage Source: http://blogvl7tjyjvsfthobttze52w36wwiz34hrfcmorgvdzb6hikucb7aqd.onion/news.php?id=1 Discovered: 2025-01-18 12:02:43.415607 Published: 2025-01-18 12:02:43.415607 Description : Marina Family Medical is a healthcare provider that provides a wide range of medical services. Their team of experts specializes in family medicine, enabling them to offer health and wellness care to patients of all ages.…

Tag: FINANCIAL