Tag: INDONESIA

CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List
Summary: The U.S. Cybersecurity and Infrastructure Security Agency has added five critical vulnerabilities to its Known Exploited Vulnerabilities catalog, affecting Advantive VeraCore and Ivanti Endpoint Manager. These vulnerabilities, actively exploited by threat actors, include file upload and SQL injection flaws in Advantive and multiple path traversal issues in Ivanti.…
Read More
SideWinder targets the maritime and nuclear sectors with an updated toolset
SideWinder, an advanced persistent threat (APT) group, has intensified attacks targeting military, government, and logistics entities in various regions, particularly in Asia, Africa, and beyond. With sophisticated malware and exploitation techniques, including those leveraging CVE-2017-11882, their operations indicate a strategic focus on maritime infrastructures and nuclear energy sectors.…
Read More

Here’s a summary of the hacked website reports based on the attackers, including the victim countries and sectors affected:

Attacker: root./exe – Target: dewanganjbhata.gov.bd – Source: zone-h – Victim Country: Bangladesh – Sector: Government – This website appears to be part of the local government infrastructure, possibly dealing with administrative functions.…

Read More
DNS Spotlight: Rockstar2FA Shuts Down, FlowerStorm Starts Up
The article discusses the emergence of phishing-as-a-service (PhaaS) platform FlowerStorm, which gained traction following the shutdown of another operation, Rockstar2FA. Researchers identified a significant number of indicators of compromise (IoCs) linked to FlowerStorm, including domains and IP addresses, revealing its extensive infrastructure. Affected: FlowerStorm, Rockstar2FA, cybersecurity sector

Keypoints :

Phishing-as-a-service (PhaaS) offering called FlowerStorm emerged post-Rockstar2FA disruption.…
Read More
Bosowa Berlian Motor Allegedly Breached
Summary: A recent dark web post claims that PT Bosowa Berlian Motor has suffered a significant data breach, involving the compromise of its database and website source code. The exposed data reportedly exceeds 5 GB, including SQL database files and a large number of tables. This incident raises concerns about the security of sensitive information related to one of Indonesia’s major automotive companies.…
Read More

Here’s a summary of the hacked websites based on the report you provided, organized by attacker:

SABUNMANDI CYBER TEAM

Target: https://osvitalanmisto.gov.ua/hack.txt Source: zone-h.org Victim Country: Ukraine Sector: Government (local government website targeted) Description: A cyber attack targeting a Ukrainian local government website, compromising government information.…

Read More

Attacker: 0x1998

Target: http://uwc.edostate.gov.ng/kurd.html Source: zone-h.org Victim Country: Nigeria Sector: Education – The targeted URL is associated with the Universal College of Nigeria, indicating a breach in educational resources. Description: An attacker exploited security vulnerabilities in Nigeria’s educational website, compromising resources intended for students and educators.…

Read More

Here’s a summarized report based on the provided list of hacked websites, organized by attacker:

Attacker: -1 Target: https://periodicooficial.michoacan.gob.mx Source: zone-h.org Victim Country: Mexico Sector: Government – Official publication platform for state announcements and legal documents. Description: This website serves as a platform for disseminating official state information and legislation in Michoacán, Mexico.…

Read More

Certainly! Here’s the structured report based on the provided list of hacked websites, grouped by the attacker: Junin-CLS

1. Target: https://ccomp.ufsj.edu.br/media/n2/indi.html Source: Zone-H Link Victim Country: Brazil Sector: Education (Targeting a local university’s computing department) Description: This incident involved unauthorized access to a local university’s computing department, highlighting vulnerabilities within educational institutions in Brazil.…

Read More

Victim: cimenyan.desa.id Country : ID Actor: funksec Source: http://funksec.top/cimenyan.desa.id Discovered: 2025-03-04 01:57:05.713585 Published: 2025-03-04 01:55:54.524912 Description : The domain “cimenyan.desa.id” is likely associated with an Indonesian village website. Cimenyan appears to be the name of a village in Indonesia. No specific information about the company or organization under this domain was found.…
Read More

Certainly! Here’s a structured report based on the provided example list, grouping by attacker:

Attacker: KeyzNet Target: https://ayuntamientocotija.gob.mx Source: zone-h.org Victim Country: Mexico Sector: Local Government (The website is associated with a municipal government in Mexico, representing local governance and public administration.) Description: This hack targets the official municipal website of Cotija, Mexico, indicating potential disruptions in local governance and public services during the breach.…

Read More

Here is a summary of the hacked website report, organized by attackers:

Attacker: KeyzNet Target: ayuntamientocotija.gob.mx Source: zone-h.org Victim Country: Mexico Sector: Local Government – The site represents the local government of Cotija, indicating targeting of municipal services. Description: The website of the municipal government in Cotija, Mexico, was compromised, potentially affecting local governance and communication with residents.…

Read More

Here’s a breakdown of the hacked websites based on the list provided. The different groups are organized by the attacker: Attacker: Uyarı!

– Target: www.s291066.brambling.cdu.edu.au/Image%20Upload… – Source: Defacer ID – Victim Country: Australia – Sector: Education (University or educational institution website likely containing student or academic-related data) – Description: An attack on an Australian educational website aimed at compromising student data or disrupting academic services.…

Read More
2024 Malicious Infrastructure Report
In 2024, Insikt Group expanded its monitoring of malicious infrastructure, particularly focusing on malware families and infrastructure types. Key trends included the rise of malware-as-a-service infostealers, with significant activity from LummaC2, and persistent targeting of Android for mobile malware. State-sponsored groups from China and Russia adapted their tactics, leveraging legitimate internet services to enhance cybercrime efforts.…
Read More
Vo1d Botnet Evolves as It Ensnares 1.6 Million Android TV Boxes
Summary: The Vo1d botnet has significantly expanded, currently infecting 1.3 million Android TV boxes globally, with continuous enhancements in its stealth and resilience. Cybercriminals utilize advanced encryption methods to improve communication security and maintain command and control capabilities. The malicious activities associated with this botnet include anonymous proxy services and ad fraud, posing risks for massive DDoS attacks and unauthorized content distribution.…
Read More

Here’s the organized report based on the provided list of hacked websites:

Attacker: -1 Target: https://dikbud.kolutkab.go.id Source: zone-h Victim Country: Indonesia Sector: Cultural Affairs – Targeting a governmental website related to education and cultural affairs, which may hold important information about education policies in the region.…

Read More