Threat Actor: Dark Web Actor | Dark Web Actor Victim: Campus.gov.il | Campus.gov.il Price: Not disclosed Exfiltrated Data Type: Sensitive information (email servers, financial records, international relations documents)
Key Points :
A dark web actor claims to have breached Campus.gov.il, leaking over 110GB of sensitive information.…A vulnerability in Roundcube Webmail, identified as CVE-2024-37383, has been exploited by threat actors to conduct phishing attacks aimed at stealing user credentials. Despite being patched, the stored XSS vulnerability poses ongoing risks, particularly in targeted attacks against government organizations in the CIS region.…
…
Short Summary:
TA866, also known as Asylum Ambuscade, is a threat actor active since at least 2020, known for conducting intrusion operations using both commodity and custom tools. Their tactics have evolved, particularly in 2023, relying on malspam and malvertising for initial access, followed by the deployment of various malware, including WasabiSeed, Screenshotter, and AHK Bot.…
Victim: Superline Country : TR Actor: monti Source: http://mblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion/blog/effd2f3a99a333472d7397332f60f208e445cb97d57df4fb019cbbc4e77be843/ Discovered: 2024-10-21 21:11:57.879931 Published: 2023-10-19 22:20:58.000000 Description : Our utmost priorities are to bring the latest trends to our customers while providing each and every one with the quality care and service that they deserve.
Ransomware Victims – ALL Other Victims by monti
Ransomware Activity Overview
Ransomware Activity OverviewVictim: SuperlineSuperline is a notable target in the recent ransomware attack.…Victim: City Of Forest Park Country : US Actor: monti Source: http://mblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion/blog/358c4d15c88f881a4fe9b4009fea92875bd9569160533db6cbea77d6fbdee3be/ Discovered: 2024-10-21 21:10:56.749042 Published: 2024-10-04 19:54:25.000000 Description : Georgia, United States
Ransomware Victims – ALL Other Victims by monti
Ransomware Incident Overview
Ransomware Incident Overview: City of Forest ParkVictim: City of Forest Park, Georgia, United States Actor: Monti, a known ransomware group targeting municipal entities Incident Type: Ransomware attack leading to data encryption and system disruptionCybersecurity ContextCountry: United States Cyber Agency: Cybersecurity and Infrastructure Security Agency (CISA) involved in response efforts Impact: Potential exposure of sensitive data and operational challenges for local government servicesRegional ImplicationsGeorgia’s Cybersecurity Landscape: Increasing focus on enhancing cybersecurity measures across local governments Response Initiatives: Collaboration between state and federal agencies to bolster defenses against ransomware threats Public Awareness: Emphasis on educating local officials and the community about cybersecurity best practices…
Notified by: ./Kal6666h05t Date: Tue, 22 Oct 2024 12:44:54 +0000 URL: https://webdev.pagaralamkota.go.id/duar.txt Country: Indonesia Sector: Government – This sector encompasses public administration and services provided by the government to its citizens, including local governance and community services.
Check It ! | source:zone-h
Web Defacement?
“There will be a delay in taking screenshots, there are a possibility of the defacement page has been removed.”…
Notified by: ./Kal6666h05t Date: Tue, 22 Oct 2024 12:44:54 +0000 URL: https://satuadmin.pagaralamkota.go.id/duar.txt Country: Indonesia Sector: Government – This sector encompasses various governmental services and information provided to the public, including administrative functions and public service announcements.
Check It ! | source:zone-h
Web Defacement?
“There will be a delay in taking screenshots, there is a possibility that the defacement page has been removed.”…
Notified by: ./Kal6666h05t Date: Tue, 22 Oct 2024 12:44:54 +0000 URL: https://satudata.pagaralamkota.go.id/duar.txt Country: Indonesia Sector: Government – This sector encompasses various public services and administrative functions provided by the government to its citizens.
Check It ! | source:zone-h
Web Defacement?
“There will be a delay in taking screenshots, there is a possibility that the defacement page has been removed.”…
Grandoreiro is a Brazilian banking trojan that has been active since at least 2016. It enables threat actors to perform fraudulent banking operations by bypassing security measures of financial institutions. Despite law enforcement efforts to disrupt its operations, Grandoreiro continues to evolve and expand its reach globally, targeting thousands of banks and crypto wallets across multiple continents.…
Notified by: M@rAz Ali Date: Tue, 22 Oct 2024 16:03:02 +0000 URL: https://cvl.gov.np Country: Nepal Sector: Government – This sector encompasses various governmental services and information for the citizens of Nepal, including public administration and governance resources.
Check It ! | source:zone-h
Web Defacement?
“There will be a delay in taking screenshots; there is a possibility that the defacement page has been removed.”…
Victim: lpahorticole.faylbillot.educagri.fr Country : FR Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/c4a456c7-b1f6-41b6-89c7-043ee9813ad5/ Discovered: 2024-10-22 11:32:00.591538 Published: 2024-10-22 09:04:50.000000 Description : The company “lpahorticole.faylbillot.educagri.fr” is associated with an educational institution in Fayl-Billot, France, focusing on horticulture. It is part of the French national agricultural education system, offering programs that combine practical training and theoretical knowledge in horticulture and related fields.…
Victim: polypane.be Country : BE Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/fb5635cd-eb28-4bba-b525-16d23b80a3ea/ Discovered: 2024-10-22 11:22:10.287759 Published: 2024-10-22 09:52:49.000000 Description : Polypane is a company specializing in a browser designed for web developers and designers. It offers tools for responsive design, accessibility testing, and performance optimization. The browser provides features like synchronized scrolling, live reloading, and multiple viewport testing to streamline development workflows and ensure websites look and function well across different devices and conditions.…
Notified by: ./Kal6666h05t Date: Tue, 22 Oct 2024 12:41:10 +0000 URL: https://www.pagaralamkota.go.id/duar.txt Country: Indonesia Sector: Government – This sector encompasses various governmental functions and services provided to the public, including administrative, regulatory, and public service activities.
Check It ! | source:zone-h
Web Defacement?
“There will be a delay in taking screenshots, there are a possibility of the defacement page has been removed.”…
Victim: specpro-inc.com Country : US Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/bc546160-85ae-4943-af86-3179dd68984a/ Discovered: 2024-10-22 11:15:45.935728 Published: 2024-10-22 10:12:49.000000 Description : SpecPro, Inc. is a professional services company specializing in environmental, engineering, and technical solutions. They provide a range of services including environmental compliance, project management, and engineering support. Their focus is on delivering sustainable and efficient solutions to government and commercial clients, leveraging expertise to meet complex project requirements effectively.…
Summary: A new advanced persistent threat (APT) group named “IcePeony,” linked to China, has been conducting cyberattacks against government and academic institutions in countries like India, Mauritius, and Vietnam since 2023. Their sophisticated methodologies, including SQL injection and custom malware like “IceCache,” reveal a strategic alignment with China’s geopolitical interests, particularly in maritime strategy.…
Victim: 1doc.sg Country : SG Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/88d65f84-79f7-4783-9379-24d0159aa162/ Discovered: 2024-10-22 09:40:12.700690 Published: 2024-10-22 07:17:07.000000 Description : 1doc.sg is a company focused on providing telehealth services, primarily based in Singapore. It connects patients with healthcare professionals through a digital platform, enabling convenient access to medical consultations online.…
Victim: boloforms.com Country : IN Actor: killsec Source: http://kill432ltnkqvaqntbalnsgojqqs2wz4lhnamrqjg66tq6fuvcztilyd.onion/post/qwTP93S2qSDf7pUwmnKfyc1qT Discovered: 2024-10-22 02:11:52.655501 Published: 2024-10-22 02:11:51.731651 Description : We allow you to efficiently manage document workflows, send multi-recipient signatures, and receive real-time updates, significantly streamlining your operations.
Ransomware Victims – ALL Other Victims by killsec
Ransomware Case Overview
Ransomware Case Overview Victim: boloforms.com…
Notified by: L4663R666H05T Date: Fri, 18 Oct 2024 23:30:53 +0000 URL: https://sipp.pa-sukoharjo.go.id/kapanlagi.jpg Country: Indonesia Sector: Public Administration – This sector encompasses government services and functions that manage public resources and implement policies for the benefit of citizens.
Check It ! | source:zone-h
Web Defacement?
“There will be a delay in taking screenshots, there are a possibility of the defacement page has been removed.”…
Notified by: L4663R666H05T Date: Fri, 18 Oct 2024 23:30:56 +0000 URL: https://sipinter.pa-sukoharjo.go.id/kapanlagi.jpg Country: Indonesia Sector: Public Administration – This sector encompasses government services and functions that manage public resources and provide services to citizens.
Check It ! | source:zone-h
Web Defacement?
“There will be a delay in taking screenshots; there is a possibility that the defacement page has been removed.”…