Summary: The “ErrorFather” campaign has been identified as a sophisticated operation utilizing an undetected variant of the Cerberus Android Banking Trojan, employing a multi-stage infection chain to evade detection. This …
Tag: full
Summary: In 2024, phishing attacks have surged, particularly those utilizing RTF files, with attackers employing sophisticated tactics to enhance their legitimacy. This report outlines the methods used in these attacks, …
Critical Vulnerabilities Found in mbNET.mini Industrial Routers Could Allow for Full System Takeover
Summary: A security advisory from CERT@VDE has disclosed multiple critical vulnerabilities in the mbNET.mini industrial router, which could allow remote code execution and unauthorized access to industrial systems. Users are …
Short Summary:
A joint analysis by AhnLab SEcurity intelligence Center (ASEC) and the National Cyber Security Center (NCSC) has uncovered a zero-day vulnerability in Microsoft Internet Explorer (IE), exploited by …
Victim: Corporate Job Bank Country : US Actor: bianlian Source: http://bianlivemqbawcco4cx4a672k2fip3guyxudzurfqvdszafam3ofqgqd.onion/companies/corporatejobbank.com/ Discovered: 2024-10-16 00:04:17.624295 Published: 2024-10-16 00:04:16.931083 Description : Founded in 1985 and headquartered in Tempe, Arizona, Corporate Job Bank …
Summary of the Video
Summary of the VideoThe video discusses the journey and experiences of a hacker attending a live hacking event in Edinburgh, Scotland, including the challenges faced …
Summary: A serious vulnerability in Zendesk’s email management system, identified as CVE-2024-49193, exposes companies to email spoofing attacks that can compromise sensitive support ticket histories. Despite initial dismissals from Zendesk, …
Summary: NCC Group experts revealed critical zero-day vulnerabilities in Phoenix Contact EV chargers at the 44CON conference, demonstrating significant cybersecurity risks associated with electric vehicle charging infrastructure. The researchers exploited …
Short Summary:
The Trend Micro Threat Hunting Team has identified EDRSilencer, a red team tool that can disrupt endpoint detection and response (EDR) solutions by blocking their communication with management …
Victim: gfm-uk.com Country : GB Actor: blackbasta Source: http://stniiomyjliimcgkvdszvgen3eaaoz55hreqqx6o77yvmpwt7gklffqd.onion/?id=gfm-uk.com Discovered: 2024-10-14 16:37:39.093756 Published: 2024-10-14 16:37:38.115696 Description : At GFM we pride ourselves on service, innovation and the ongoing relationships we …
Short Summary: SideWinder, also known as T-APT-04 or RattleSnake, is a prominent APT group that has been active since 2012, primarily targeting military and government entities in South and Southeast…
Read More
Cyber Security Framework Summary
SummaryThe video discusses the increasing need for businesses and organizations to implement robust cyber security measures due to the rising volume and sophistication of cyber …
Short Summary: Trend Micro researchers have identified a surge in spear phishing attacks by the threat actor group Water Makara, targeting Brazilian enterprises with Astaroth banking malware using obfuscated JavaScript…
Read More
Short Summary:
Read More
The “ErrorFather” campaign, identified by Cyble Research and Intelligence Labs, utilizes an undetected Cerberus Android Banking Trojan payload. This sophisticated malware employs a multi-stage infection chain, including session-based …
Victim: Wild Apple Graphics Country : US Actor: 8base Source: http://92.118.36.204/company/7890478 Discovered: 2024-10-09 20:45:46.683645 Published: 2024-09-23 00:00:00.000000 Description : Art licensing agency Wild Apple offers a diverse collection of trend-right, …
Episode Summary
Read More
The video discusses the IBM X-Force Cloud Threat Landscape Report and its seven key takeaways, shedding light on the importance of securing cloud environments as adoption rates surge.…
Threat Actor: @cyberphant0m | @cyberphant0m Victim: Verizon | Verizon Price: $200,000 Exfiltrated Data Type: Sensitive data including API credentials, personal information, server logs
Key Points :
The threat actor claims…Victim: Island Grill Country : JM Actor: 8base Source: http://92.118.36.204/company/7890474 Discovered: 2024-10-09 20:36:20.629749 Published: 2024-09-23 00:00:00.000000 Description : Jerk cooking is the soul of Island Grill , – hot, spicy …
Summary: A recent alert from Sophos X-Ops MDR highlights a surge in ransomware attacks exploiting the critical CVE-2024-40711 vulnerability in Veeam Backup & Replication software. Attackers have been leveraging this …
Threat Actor: bizmoto | bizmoto Victim: Bizmoto Philippines | Bizmoto Philippines Price: $10,000 Exfiltrated Data Type: Customer KYC files, personal identification documents
Key Points :
The threat actor demanded PHP…Summary: The content discusses the analysis of a malicious script that downloads a file named dllhope.txt from a Bitbucket repository, which is associated with AsyncRAT malware. It details the method …
Summary: ESET Research has uncovered an organized scam network utilizing the Telekopye toolkit, which has expanded its operations to target users of popular accommodation booking platforms like Booking.com and Airbnb, …
Threat Actor: Ransomware Group | Ransomware Group Victim: Casio | Casio Price: Not disclosed Exfiltrated Data Type: Personal and confidential information
Key Points :
Casio experienced a ransomware attack starting…Video Summary and Key Points
Video SummaryThe video discusses the launch of Guard Duty malware protection for Amazon S3, which significantly simplifies the process of scanning objects uploaded to …
Short Summary:
In 2024, the manufacturing sector has become a primary target for cyber attacks, particularly ransomware, leading to significant financial and operational disruptions. Key threat actors include various ransomware …
Summary: Cyble researchers have discovered a new loader builder and obfuscation tool named MisterioLNK, which poses significant challenges to security systems due to its low detection rates. This open-source tool …
Summary: A critical vulnerability, CVE-2024-47823, has been discovered in Livewire, a Laravel framework, allowing attackers to exploit file uploads for Remote Code Execution (RCE). The flaw arises from improper validation …
Threat Actor: Unknown | unknown Victim: Konecta Group | Konecta Group Price: $2,000 Exfiltrated Data Type: Personal and professional information
Key Points :
The breach reportedly involves 69 million lines…
Short Summary: DarkVision RAT is a customizable remote access trojan that emerged in 2020, gaining traction among cybercriminals due to its affordability and extensive features. It has been observed in…
Read More
Threat Actor: Unknown | Unknown Victim: Israeli Ministry of Welfare | Israeli Ministry of Welfare Price: Not disclosed Exfiltrated Data Type: Personal information
Key Points :
Data breach allegedly involves…Summary: Cybercriminals are exploiting disaster relief efforts in Florida, particularly in the wake of Hurricane Helene, by targeting vulnerable individuals and organizations through scams and phishing attacks. These threats include …
Summary: A recent analysis revealed a critical local privilege escalation vulnerability (CVE-2024-9473) in Palo Alto Networks’ GlobalProtect MSI installer, allowing low-privileged attackers to gain SYSTEM-level access. This security flaw affects …
Short Summary:
The article discusses the evolving tactics of the Telekopye scam toolkit, which has expanded its operations to target users of accommodation booking platforms like Booking.com and Airbnb. ESET …
Summary and Keypoints
SummaryThe video discusses how to utilize AWS GuardDuty for monitoring threats within an AWS environment, focusing on the security of EC2 virtual servers against malicious activities. …
Threat Actor: Sarcoma Ransomware | Sarcoma Ransomware Victim: Suntrust Properties | Suntrust Properties Price: Not disclosed Exfiltrated Data Type: Personal and corporate data, including IDs and SQL databases
Key Points …
Victim: InCare Technologies Country : US Actor: sarcoma Source: Discovered: 2024-10-09 19:59:00.807036 Published: 2024-10-09 19:59:00.040661 Description : Our Story Thrive began in 2000 as a modest IT services firm in …
Victim: Richmond Auto Mall – Full Leak Country : CA Actor: monti Source: http://mblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion/blog/5bce46da119b73d1ba3d82909cd88d658342a1fee85f82c5c5e2be35e2bd2494/ Discovered: 2024-10-08 06:55:41.545873 Published: 2024-10-07 20:09:39.000000 Description : Automobile Dealers
Ransomware Victims – ALL Other Victims …
Video Summary and Keypoints
Short SummaryThe video discusses the testing and exploitation of file upload vulnerabilities, specifically focusing on a vulnerability known as “zip slip.” The presenter elaborates on …
Threat Actor: Unknown | unknown Victim: Thai Casinos | Thai Casinos Price: $3,000 (data dump), $4,000 (full access) Exfiltrated Data Type: Personal and financial information, player logs, user information in …
AWS IAM Identity Center Tutorial Summary
Short SummaryThe video discusses how to level up your AWS skills by teaching viewers about AWS Identity Center, emphasizing its importance in cloud …
Summary: Transnational criminal groups in Southeast Asia are leveraging advanced technologies like artificial intelligence and deepfake tools to enhance their cyber fraud operations, according to a report by the United …
Summary: ESET researchers have uncovered a sophisticated cyberespionage campaign by the APT group GoldenJackal, targeting air-gapped systems within governmental organizations in Europe. This blogpost details previously undocumented tools used by …
Short Summary: Trustwave’s Threat Intelligence team has identified a new malware called Pronsis Loader, which has been delivering various malware payloads, including Lumma Stealer and Latrodectus. The loader utilizes JPHP-compiled…
Read More
Threat Actor: Unknown | Unknown Victim: TopPaidSurveys UK | TopPaidSurveys UK Price: Not disclosed Exfiltrated Data Type: Personal information
Key Points :
Allegations of a significant data breach involving TopPaidSurveys…Summary: Recent research by Amit Geynis has revealed critical vulnerabilities in modern vehicles, raising alarms about the safety of connected cars. The findings indicate several zero-day exploits in Electronic Control …
Victim: corporatejobbank.com Country : US Actor: cactus Source: https://cactusbloguuodvqjmnzlwetjlpj6aggc6iocwhuupb47laukux7ckid.onion/posts/CJB Discovered: 2024-10-08 13:06:22.523283 Published: 2024-10-08 11:18:21.156000 Description :
Business Services.
“Founded in 1985 and headquartered in Tempe, Arizona, Corporate Job Bank …
Summary: This blog post provides an in-depth analysis of the LemonDuck malware, which exploits the EternalBlue vulnerability (CVE-2017-0144) in SMB services for cryptocurrency mining. It details the attack methodology, persistence …
Summary: Cisco Talos has identified a financially motivated threat actor, active since 2022, that has been deploying a variant of MedusaLocker ransomware known as “BabyLockerKZ.” This group has shifted its …
Summary: The UK National Crime Agency has sanctioned 16 members of the Russian hacker group Evil Corp, linking them to the ransomware group LockBit, as part of ongoing global law …
Short Summary:
ESET researchers have uncovered a series of cyberespionage attacks attributed to the APT group GoldenJackal, targeting governmental organizations in Europe. The group has utilized sophisticated tools to compromise …