Stay Ahead of Cyber Threats – Daily Security Insights, Powered by AI
Victim: NewsBank Country : US Actor: rhysida Source: Discovered: 2024-08-26 09:26:29.262457 Published: 2024-08-26 09:26:28.363940 Description : NewsBank NewsBank, inc. has been a premiere provider of the world’s largest repository of reliable information for more than 50 years.
Ransomware Victims – ALL Other Victims by rhysida
Victim: NewsBankEstablished over 50 years ago, NewsBank is a leading provider of comprehensive news and information services.…Summary: Equiniti Trust Company has been penalized $850,000 by the SEC for failing to secure customer assets, leading to the theft of over $6.6 million in two cyberattacks. These incidents involved hackers impersonating clients to manipulate financial transactions and stealing sensitive information.
Threat Actor: Cybercriminals | cybercriminals Victim: Equiniti Trust Company | Equiniti Trust Company
Key Point :
Equiniti Trust lost approximately $6.6 million due to two separate cyberattacks in 2022 and 2023.…Summary: Senior executives are increasingly targeted by cybercriminals, with 72% of cybersecurity professionals reporting attacks on this group in the past 18 months. The rise in sophisticated tactics, including AI-generated deepfakes, highlights the urgent need for specialized cybersecurity training for leadership teams.
Threat Actor: Cybercriminals | cybercriminals Victim: Senior Executives | senior executives
Key Point :
72% of cybersecurity professionals reported that senior executives were targeted in cyberattacks over the past 18 months.…Summary: Organizations of all sizes face significant cybersecurity threats, necessitating proactive defenses and effective management of cyber-risks. The C-suite’s involvement is crucial for fostering a culture of cybersecurity and ensuring that organizations are prepared to handle potential attacks.
Threat Actor: Various | threat actors Victim: Multiple organizations | organizations affected by cybersecurity threats
Key Point :
Four in ten US organizations rely on their executive management to assess cyber-risk, yet only 20% report high involvement from the C-suite.…Summary: YouTube has introduced an AI troubleshooting tool to assist users in recovering hacked accounts, providing a streamlined process for securing their login and undoing changes made by hackers. The tool, currently available in English, aims to enhance account security and reduce future hacking risks.
Threat Actor: Cybercriminals | cybercriminals Victim: YouTube users | YouTube users
Key Point :
YouTube’s AI chatbot assists users in recovering hacked accounts and securing their Google logins.…Victim: prasarana.com.my Country : MY Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/2b27ccbf-5997-4c38-945f-6497179f9973/ Discovered: 2024-08-26 01:30:43.774565 Published: 2024-08-25 14:58:39.000000 Description : Prasarana Malaysia Berhad is a major public transportation provider in Malaysia, managing urban rail and bus services in key metropolitan areas. The company operates the Rapid KL, Rapid Penang, and Rapid Kuantan networks, ensuring efficient and reliable transit solutions.…
Short Summary:
The article discusses the discovery of a new Linux persistence technique used by a malware called “sedexp,” identified by Stroz Friedberg. This malware employs udev rules to maintain persistence on compromised systems, making it stealthy and difficult to detect. The threat actor behind this malware is financially motivated, utilizing advanced techniques to hide its presence and execute malicious actions.…
Victim: Sable International Country : ZA Actor: bianlian Source: http://bianlianlbc5an4kgnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onion//companies/sableinternational.com/ Discovered: 2024-08-25 16:10:39.036285 Published: 2024-08-25 16:10:37.977882 Description : Citizenship and immigration services, Cross-border financial advice and expertise, Corporate services, International education services, International real estate investments.
Ransomware Victims – ALL Other Victims by bianlian
Ransomware Case Overview
Ransomware Case Overview: Sable InternationalVictim: Sable InternationalProvides cross-border financial advice and expertise.…Victim: Wallace Construction Specialties (wcs.local)) Country : US Actor: lynx Source: http://lynxblogmx3rbiwg3rpj4nds25hjsnrwkpxt5gaznetfikz4gz2csyad.onion/leaks/66c26db8a3128b53534381e9 Discovered: 2024-08-24 15:57:55.851046 Published: 2024-08-18 00:00:00.000000 Description : WALLACE CONSTRUCTION SPECIALTIES LTD. is a leading distributor of specialty cons…
Ransomware Victims – ALL Other Victims by lynx
Ransomware Case Overview
Ransomware Case Overview: Wallace Construction SpecialtiesVictim: Wallace Construction Specialties (wcs.local)…Victim: nwcsb.com Country : GB Actor: blacksuit Source: http://weg7sdx54bevnvulapqu6bpzwztryeflq3s23tegbmnhkbpqz637f2yd.onion/?id=83kqZGVpeNE5GFa9 Discovered: 2024-08-24 21:05:32.993588 Published: 2024-08-24 21:05:30.938672 Description : Northwestern Community Services Board (nwcsb.com) is a mental health organization dedicated to providing comprehensive behavioral health, developmental disability, and substance use services. They serve individuals and families in the northwestern region, aiming to enhance the quality of life through accessible, person-centered care and community-based support programs.…
Victim: ingotbrokers.com Country : SC Actor: darkvault Source: http://mdhby62yvvg6sd5jmx5gsyucs7ynb5j45lvvdh4dsymg43puitu7tfid.onion//post/NjBiZDVhNmU4ZmNmOGYyYWNhZGUwNT Discovered: 2024-08-24 15:08:54.802189 Published: 2024-08-24 00:00:00.000000 Description : INGOT Brokers is a premium multi-asset brokerage firm aimed at making financial markets easily available and accessible to traders of all kinds and experience levels. The company is regulated by the Financial Services Authority Mahe, Seychelles.,…
Victim: Hofmann Malerei AG Country : CH Actor: cicada3301 Source: http://cicadabv7vicyvgz5khl7v2x5yygcgow7ryy6yppwmxii4eoobdaztqd.onion/sb1b3wokm5ai55wctfd4v1u17s7hgbz5 Discovered: 2024-08-24 15:05:43.650795 Published: 2024-08-24 00:00:00.000000 Description : Areas of specialization: General painting, specialty techniques, monument preservation and color consultation. Project partners: 1 Switzerland’s flagship project at Zurich Airport. 2. painting from St.Gallen on the Paris catwalk.…
Summary: Greasy Opal is a developer operating in the cybercrime-as-a-service industry, providing sophisticated CAPTCHA bypass tools that enable automated attacks on various organizations. The actor has been active for nearly two decades, catering to a range of customers, including cybercriminal groups, with a focus on financial gain.…
Summary: UK political donation websites are vulnerable to account attacks, exposing donors’ personal and financial information due to inadequate security measures. Researchers from DataDome found that critical protections against bots and credential stuffing are missing across platforms used by major political parties.
Threat Actor: Cybercriminals | cybercriminals Victim: Political donors | political donors
Key Point :
Only two of the seven political party websites use reCAPTCHA, and even then, it’s limited to account creation pages, leaving login pages vulnerable.…Victim: terralogs.com.br Country : BR Actor: killsec Source: http://kill432ltnkqvaqntbalnsgojqqs2wz4lhnamrqjg66tq6fuvcztilyd.onion/post/tW7Nf72VJuaUuQwG557kB0OQH.php Discovered: 2024-08-23 19:59:24.411545 Published: 2024-08-23 19:59:23.592128 Description : TerraLogs is a digital platform specializing in financing solutions for the agribusiness sector in Brazil. The company focuses on providing farmers and agribusinesses with tailored financial solutions, leveraging advanced algorithms to assess property values and potential credit.…
Summary: ESET researchers have uncovered a sophisticated crimeware campaign targeting clients of three Czech banks, utilizing a novel Android malware named NGate to relay payment card data for unauthorized ATM withdrawals. This attack combines social engineering, phishing, and advanced malware techniques, marking a significant evolution in cybercrime tactics.…
Summary: The report discusses the use of the Steam gaming platform by threat actors to host command and control (C2) domains, utilizing a simple substitution cipher for encryption. It highlights the discovery of new indicators of compromise (IOCs) linked to a Russian-origin threat actor and their automated domain registration practices.…
Summary: Researchers have identified a new macOS malware strain named TodoSwift, which shares characteristics with known North Korean malware linked to the BlueNoroff group. This malware, distributed as a signed application, is designed to exfiltrate data and execute commands on infected devices.
Threat Actor: BlueNoroff | BlueNoroff Victim: Cryptocurrency exchanges | cryptocurrency exchanges
Key Point :
TodoSwift is distributed as a signed file named TodoTasks, which includes a dropper component that downloads a second-stage binary.…Summary: Threat actors are increasingly using file-sharing phishing attacks, masquerading as trusted colleagues or legitimate services to trick victims into revealing sensitive information or downloading malware. The finance industry is particularly vulnerable, with a significant rise in these sophisticated attacks over the past year.
Threat Actor: Cybercriminals | cybercriminals Victim: Various industries | finance industry, construction industry, real estate industry
Key Point :
File-sharing phishing attacks have increased by 350% from June 2023 to June 2024, with many exploiting legitimate domains.…