Summary: A resurgence of malvertising campaigns has been observed, targeting utility software like Slack and Notion to deliver malware disguised as legitimate downloads. The threat actors utilize deceptive advertising tactics …
Tag: large
Victim: pingan.com Country : CN Actor: killsec Source: http://kill432ltnkqvaqntbalnsgojqqs2wz4lhnamrqjg66tq6fuvcztilyd.onion/post/hsTX4xvV7ne7XkfZZmZhPzFSk Discovered: 2024-10-08 22:06:19.838454 Published: 2024-10-08 22:06:19.488344 Description : Ping An is a China-based conglomerate that owns and operates businesses in fields …
Short Summary:
Check Point Research has identified a cyber-enabled disinformation campaign, dubbed Operation MiddleFloor, targeting Moldova’s government and education sectors. The campaign, which began in early August, aims to influence …
Short Summary: The article discusses a newly discovered stealthy malware named perfctl that targets Linux hosts. The malware has been analyzed in a lab environment, revealing its ability to run…
Read More
Short Summary
Read More
The Dark Angels ransomware threat group, active since April 2022, employs stealthy and sophisticated strategies to execute highly targeted attacks on large companies. With a focus on minimal …
Summary: Eight suspected cybercriminals were arrested in Côte d’Ivoire for their involvement in large-scale phishing scams targeting Swiss citizens, resulting in over $1.4 million in reported financial losses. The operation, …
Summary: A cyber attack attributed to Ukrainian hackers disrupted operations at the Russian state media company VGTRK on Putin’s birthday, affecting online broadcasts and internal services. The attack reportedly involved …
Summary: Cisco Talos has identified a financially motivated threat actor, active since 2022, that has been deploying a variant of MedusaLocker ransomware known as “BabyLockerKZ.” This group has shifted its …
Short Summary:
The article discusses a resurgence of malvertising campaigns targeting utility software, particularly focusing on the Mac version of Slack. Threat actors are creating deceptive ads that impersonate legitimate …
Short Summary
Read More
The article discusses a phishing campaign utilizing the Mamba 2FA phishing kit, which mimics Microsoft 365 login pages and employs advanced techniques to capture user credentials and multi-factor …
Short Summary
Read More
The article discusses a new campaign by the APT group Awaken Likho, targeting Russian government agencies and industrial enterprises. The group has shifted its tactics, now utilizing the …
Summary: CeranaKeeper, a newly identified threat actor, has been linked to a series of data exfiltration attacks targeting governmental institutions in Southeast Asia, particularly in Thailand. The group employs sophisticated …
Summary: A large-scale fraud campaign has exploited fake trading apps on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims in a scheme …
Short Summary:
The article provides an in-depth analysis of the NOOPLDR and NOOPDOOR malware tools, focusing on their capabilities, methods of operation, and persistence mechanisms. It details how these tools …
Short Summary: In a recent malware campaign targeting Russian-speaking users, attackers have been using unconventional methods to mine cryptocurrency on victims’ devices without consent. They exploit popular software download sites,…
Read More
Summary: Recent research has revealed that a set of four vulnerabilities in the Common Unix Printing System (CUPS) not only allows for remote code execution but also enables attackers to …
Summary: Eight suspected cybercriminals were arrested in Côte d’Ivoire as part of Interpol’s Operation Contender 2.0, targeting cybercrime in West Africa. The arrests followed the dismantling of a phishing scam …
Building Your First LLM Powered Agent
SummaryThe video discusses how to build your first LLM-powered agent using the IBM framework, providing insights into using the React agent framework, integrating …
Short Summary
Read More
Since mid-2023, the Sekoia Threat Detection & Research team has been investigating a sophisticated cyber attack infrastructure that utilizes compromised edge devices as Operational Relay Boxes (ORBs). This …
Short Summary:
Cisco Talos has identified a financially motivated threat actor, active since 2022, distributing a MedusaLocker ransomware variant named “BabyLockerKZ.” The actor has targeted organizations globally, with a notable …
Short Summary:
This article discusses a vishing attack that targeted a remote employee in the hospitality sector, leading to unauthorized access to the customer’s network. Darktrace’s anomaly-based threat detection successfully …
Victim: TRC Worldwide Engineering (Trcww) Country : IN Actor: akira Source: Discovered: 2024-10-03 15:25:02.514494 Published: 2024-10-03 15:25:01.727219 Description : TRC Worldwide Engineering is an international and nationally reco gnized professional …
Short Summary: North Korea’s APT37 group has been identified conducting a campaign named SHROUDED#SLEEP, utilizing a stealthy PowerShell-based malware called VeilShell. This malware employs advanced evasion techniques to target victims…
Read More
Victim: LIFTING.COM Country : US Actor: clop Source: http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion/lifting-com Discovered: 2024-10-03 08:57:17.055336 Published: 2024-10-03 08:57:16.040716 Description : The nation’s largest rigging equipment supplier with coast-to-coast coverage. Buy Rigging Equipment & …
Short Summary
Read More
The video discusses a brief overview of REST API, explaining its foundational concepts and how it facilitates communication between web applications and servers.
Key Points REST stands for…Generative AI Overview
Generative AI OverviewThe video discusses the essentials of generative AI (Gen AI), covering key terminologies, model APIs, how to build AI applications, and methods for customizing …
Apache Kafka Use Cases Summary
Short SummaryThe video discusses the top five use cases of Apache Kafka and how it addresses critical challenges in modern software architecture. Originally developed …
Short Summary
Read More
This article discusses a sophisticated phishing campaign that utilizes HTML smuggling techniques to deliver malicious payloads. The campaign involves multiple stages of obfuscation and deception, including the use …
Victim: ironmetals.com Country : DE Actor: ransomhub Source: http://ransomxifxwc5eteopdobynonjctkxxvap77yqifu2emfbecgbqdw6qd.onion/82246316-03c2-4ee0-a5de-f6c81a9776ba/ Discovered: 2024-10-02 20:40:16.386784 Published: 2024-10-02 20:06:11.000000 Description : Ironmetals.com is a comprehensive online platform dedicated to the metal industry. It offers …
Victim: ETC Companies Country : JO Actor: akira Source: Discovered: 2024-10-02 17:32:09.922940 Published: 2024-10-02 17:32:08.751408 Description : ETC Companies is a General Contractor with a primary focus on lar ge …
Short Summary
Read More
The article discusses the critical role of machine learning (ML) in analyzing cybersecurity logs to enhance threat detection capabilities. It highlights Kaspersky’s experience in utilizing ML algorithms, particularly …
Short Summary: The Sekoia Threat Detection & Research team has been investigating a sophisticated cyber attack infrastructure since mid-2023, focusing on compromised edge devices used as Operational Relay Boxes (ORBs).…
Read More
Short Summary:
capa Explorer Web is a new browser-based tool developed by Mandiant’s FLARE team that enables users to visualize and analyze program capabilities identified by the capa reverse engineering …
Short Summary:
Key Group, also known as keygroup777, is a financially motivated ransomware group that primarily targets Russian users. They utilize various ransomware builders, including Chaos and Annabelle, and communicate …
Summary: Cyber criminals are increasingly exploiting platforms like Atlassian to conduct sophisticated phishing attacks targeting law firms and corporations in Australia and the APAC region, aiming to steal employee credentials. …
Short Summary
Read More
UserSec is a pro-Russian hacktivist group that emerged in early 2023, targeting Western governments and critical infrastructure, particularly those affiliated with NATO and Ukraine. Utilizing Telegram for coordination …
Victim: mctas.org.au Country : AU Actor: threeam Source: http://threeamkelxicjsaf2czjyz2lc4q3ngqkxhhlexyfcp2o6raw4rphyad.onionpost.php?id=38 Discovered: 2024-09-30 17:46:11.152081 Published: 2024-09-30 17:46:10.632345 Description : mctas.org.au (respect.com.au) Providing better living in Australia for over a century As a …
Short Summary
Read More
The Gorilla Botnet, a new botnet family, emerged in September 2024, launching over 300,000 DDoS attack commands across 113 countries, with China and the U.S. being the most …
Short Summary:
In July 2024, a ReliaQuest customer in the manufacturing sector experienced a data exfiltration attack. The threat actor exploited a Fortinet firewall and used a brute-force attack on …
Short Summary:
This report discusses a series of cyberattacks attributed to the 8220 Gang, targeting Oracle WebLogic servers through the exploitation of critical vulnerabilities. The attackers deployed various malware, including …
Summary: Microsoft has reported a multi-staged attack by the threat actor Storm-0501, which compromised hybrid cloud environments leading to data exfiltration, credential theft, and ransomware deployment across various sectors in …
Victim: Divine Interprises INC Country : US Actor: incransom Source: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/66f970cd4b308506095370e2 Discovered: 2024-09-29 21:22:20.026949 Published: 2024-09-29 15:22:53.602000 Description : Divine Enterprises Inc., is a growing transportation company, that specializes in …
Victim: DINAS Corp Country : US Actor: incransom Source: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/66f972154b30850609537a5a Discovered: 2024-09-29 21:21:19.977147 Published: 2024-09-29 15:28:21.215000 Description : DINAS is a wholesale distributor specializing in the sale of Latin American …
Summary: The National Institute of Standards and Technology (NIST) has proposed new guidelines aimed at improving password security by eliminating outdated and ineffective password requirements. The guidelines advocate for more …
Victim: Classic Business Products Country : US Actor: play Source: http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion/topic.php?id=OZAmjFN03ky0mS Discovered: 2024-09-29 21:29:54.886086 Published: 2024-09-29 21:27:53.827259 Description : United States
Ransomware Victims – ALL Other Victims by play
Ransomware …
Victim: G/S Solutions Country : US Actor: play Source: http://k7kg3jqxang3wh7hnmaiokchk7qoebupfgoik6rha6mjpzwupwtj25yd.onion/topic.php?id=EuI17UoqqqUYhS Discovered: 2024-09-29 21:39:04.282295 Published: 2024-09-29 21:37:03.396860 Description : United States
Ransomware Victims – ALL Other Victims by play
Ransomware Activity …
Short Summary:
This article discusses the challenges of identifying attack vectors in human-operated ransomware attacks and highlights the potential of using Windows event logs to trace ransomware activities. It details …
Compliance Standards
Read More
The webpage from Device42 provides a comprehensive guide to various IT compliance standards, highlighting key frameworks and checklists, including PCI DSS, NIST CSF, SOC 2, ISO 27001, and …
Summary: Recent cyber espionage campaigns linked to China have targeted U.S. internet service providers, with the Salt Typhoon operation focusing on intelligence gathering and potential disruptions. Investigations are ongoing to …
Summary: The content discusses the malware Trammy.dll, which downloads and extracts files to establish persistence on infected systems while disguising its activities. It highlights the use of a password-protected ZIP …