MOBILE – Cybersecurity News Everyday

Four Critical Ivanti CSA Vulnerabilities Exploited, CISA and FBI Urge Mitigation

January 23, 2025January 23, 2025 iocOne

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint advisory regarding the active exploitation of four critical vulnerabilities in Ivanti Cloud Service Appliances. These include CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380, which can lead to unauthorized access, remote code execution, and credential theft.…

Ransom Monitor

Ransom! Rees NDT Inspection Services

January 23, 2025 Monitorman

Victim: Rees NDT Inspection Services Country : CA Actor: ElDorado Source: Discovered: 2025-01-22 22:48:37.149402 Published: 2025-01-22 22:48:37.149402 Description : Industry: Energy, Utilities & Waste Location: Canada Employee Count: < 25 Employees Service Area: Northwestern Canada (Grande Prairie, Bonnyville, Vegreville, and mobile units) Specialization: Inspection and engineering certification of overhead lifting devices Equipment Covered: Cranes, pickers, sideboom pipelayers, and oilfield-related lifting equipment Revenue: < Million

About Country CA (Canada)

– Cybersecurity Framework: Canada has established a comprehensive cybersecurity framework, including the National Cyber Security Strategy aimed at safeguarding the nation’s digital infrastructure.…

Info Data Leak

Cyber Insights 2025: APIs – The Threat Continues

January 22, 2025January 23, 2025 CybersecurityNews

Summary: SecurityWeek’s Cyber Insights 2025 highlights expert predictions regarding the increasing vulnerabilities associated with APIs as their usage expands. As organizations adopt more SaaS applications and AI-driven tools, APIs are becoming prime targets for cybercriminals, leading to a significant rise in API-related breaches. Experts emphasize the urgent need for improved API security measures to combat these evolving threats.…

Cyber Security News

Mandatory MFA, Biometrics Make Headway in Middle East, Africa

January 22, 2025 CybersecurityNews

Summary: National governments and companies in the Middle East and Africa are increasingly adopting digital identity systems to enhance security and reduce cybercrime. With millions enrolled in biometric-based identity platforms, these regions are leveraging technology to improve authentication processes. Despite the rising cyber risks, investment in identity and access management technologies remains low compared to other cybersecurity priorities.…

Ransom Monitor

Ransom! JOMARSOFTCORP.COM

January 22, 2025 Monitorman

Victim: JOMARSOFTCORP.COM Country : Actor: clop Source: http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion/jomarsoftcorp-com Discovered: 2025-01-22 05:53:03.558179 Published: 2025-01-22 05:53:03.558179 Description : Company Name: JOMARSOFTCORP.COM Services Offered: Software and IT services Specializations: Custom software development, mobile app development Focus: Understanding specific business needs Benefits: Automating processes, increasing efficiency, driving growth Industries Served: Various sectors Goal: Assisting businesses in achieving technology objectives

About Country: Cybersecurity Perspective and Ransomware Cases

– Cybersecurity Framework: The country has established a national cybersecurity strategy that focuses on enhancing resilience against cyber threats and improving response mechanisms.…

Threat Research

Supercharge Your CTI: AI-Powered IOC Collection with ChatGPT, Inoreader and Google Drive

January 22, 2025January 22, 2025 iocOne

This article outlines a proof-of-concept for automating the collection and processing of Indicators of Compromise (IOCs) using Inoreader, Google Drive, and OpenAI’s GPT-4. The workflow aims to enhance the efficiency of Cyber Threat Intelligence (CTI), Incident Response (IR), and Security Operations Center (SOC) teams by transforming raw data into actionable insights.…

Cyber Security News

Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users

January 22, 2025January 22, 2025 iocOne

Mozilla Firefox and Thunderbird users are facing critical vulnerabilities that could result in arbitrary code execution and system instability. The Indian Computer Emergency Response Team (CERT-In) has issued an advisory urging immediate software updates to mitigate these risks. Affected: Mozilla Firefox, Mozilla Thunderbird

Keypoints :

High-severity vulnerabilities found in Mozilla Firefox and Thunderbird.…

Ransom Monitor

Ransom! solge.es

January 22, 2025 Monitorman

Victim: solge.es Country : ES Actor: safepay Source: http://nz4z6ruzcekriti5cjjiiylzvrmysyqwibxztk6voem4trtx7gstpjid.onion#solge Discovered: 2025-01-21 23:09:03.948527 Published: 2025-01-21 23:09:03.948527 Description : Spanish-based Information Technology company Focus on mobile application development Expertise in web design Specializes in digital marketing Aims to enhance enterprise effectiveness Offers comprehensive IT solutions Provides digital marketing strategies Includes training and consultancy services Expert guidance in web design and digital marketing

About Country ES

– Geopolitical Status: Country ES is strategically positioned in Europe, which influences its cybersecurity landscape, given the region’s focus on collaborative security measures.…

Info Data Leak

DONOT Group Deploys Malicious Android Apps in India

January 22, 2025 LeakNews

Summary: The DONOT Team, an advanced persistent threat (APT) group, is utilizing two deceptive Android applications, “Tanzeem” and “Tanzeem Update,” to conduct intelligence-gathering operations against individuals and organizations in India. These apps masquerade as chat applications but are designed to exploit device permissions for data harvesting.…

Cyber Security News

Researchers Found New Android Malware Linked to DoNot Team APT Group

January 21, 2025 Cyware

Summary: CYFIRMA researchers have linked a newly discovered Android malware named “Tanzeem” to the Indian APT group DoNot Team, which has been active since 2016. This malware targets government and military organizations in South Asia and utilizes the OneSignal platform to deliver phishing links. The evolving tactics of the DoNot APT group signify a persistent threat to regional cybersecurity.…

Threat Research

InvisibleFerret Malware: Technical Analysis

January 21, 2025 AnyRun

The article discusses the emergence of InvisibleFerret malware, which is being spread through fake job interviews targeting developers in the tech and cryptocurrency sectors. This malware is part of a broader campaign that includes other malware like BeaverTail. InvisibleFerret is designed to steal sensitive information and operates silently, making it difficult to detect.…

Cyber Security News

Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes

January 21, 2025 CybersecurityNews

Summary: Marco Raquan Honesty, a 28-year-old from Washington, has pleaded guilty to multiple fraud schemes resulting in over $600,000 in losses. His criminal activities included COVID relief fraud, smishing scams, and bank account takeovers, among others. Investigators seized numerous devices and materials related to his fraudulent operations during a search of his residence.…

Cyber Security News

Phishing Attacks Are the Most Common Smartphone Security Issue for Consumers

January 21, 2025 CybersecurityNews

Summary: A recent consumer survey highlights that phishing attacks are the most prevalent security concern among smartphone users, followed by malware and physical theft. Testing reveals that while Samsung S24 excels in anti-phishing protection, other premium devices, including the iPhone 16 Pro, lack adequate security features.…

Cyber Security News

Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers

January 20, 2025 CybersecurityNews

Summary: Recent research has identified significant security vulnerabilities in various tunneling protocols, potentially allowing attackers to hijack internet hosts for anonymous attacks. Approximately 4.2 million hosts, including VPN servers and routers, are at risk, particularly in countries like China, France, and the U.S. Exploiting these vulnerabilities could enable attackers to conduct denial-of-service (DoS) attacks and access private networks.…

Cyber Security News

Star Blizzard hackers abuse WhatsApp to target high-value diplomats

January 20, 2025 CybersecurityNews

Summary: Russian nation-state actor Star Blizzard has initiated a spear-phishing campaign targeting WhatsApp accounts of individuals in government, diplomacy, and organizations related to Ukraine aid. This campaign marks a tactical shift following the exposure of their previous methods, utilizing social engineering techniques to compromise accounts without malware.…

Info Data Leak

FCC orders telecoms to secure their networks after Salt Tyhpoon hacks

January 18, 2025January 18, 2025 BleepingComputer

Summary: The FCC has mandated U.S. telecommunications carriers to enhance their cybersecurity measures following the Salt Typhoon breaches that compromised multiple networks. This ruling requires telecom companies to secure their systems against cyberattacks and submit annual certifications of their cybersecurity risk management plans. The action aims to address vulnerabilities exposed by the breaches attributed to a Chinese hacking group, emphasizing the urgent need for improved defenses against nation-state threats.…

Threat Research

ANDROID MALWARE IN DONOT APT OPERATIONS

January 17, 2025 Cyfirma

The CYFIRMA research team has identified a new Android malware attributed to the Indian APT group ‘DONOT’, utilizing a seemingly benign application named “Tanzeem” to gather intelligence against internal threats. The app misuses the OneSignal platform to send phishing notifications, and its permissions allow extensive access to user data.…

Cyber Security News

U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs

January 17, 2025 TheHackerNews

Summary: The U.S. Treasury Department’s OFAC has sanctioned individuals and entities involved in North Korea’s illicit revenue generation through fraudulent IT worker schemes. These workers, who disguise their identities, provide services globally while the DPRK retains a significant portion of their earnings to fund weapons programs.…

Cyber Security News

US Announces Sanctions Against North Korean Fake IT Worker Network

January 17, 2025 SecurityWeek

Summary: The US Department of the Treasury’s OFAC has imposed sanctions on individuals and entities linked to a scheme that generates illicit funds for North Korea through fake IT workers. North Korean operatives have been using stolen identities and AI to secure jobs in Western countries, allowing the regime to circumvent sanctions and fund its weapons programs.…

Info Data Leak

US issues sanctions against companies in Laos, China tied to North Korean IT worker scheme

January 17, 2025January 18, 2025 RecordedFuture

Summary: The U.S. has imposed sanctions on two North Korean nationals and several companies in Laos and China for facilitating a scheme that deceived American firms into hiring North Korean IT workers, whose earnings fund the DPRK’s weapons programs. The Treasury Department highlighted the extensive network of North Korean IT workers operating globally, often using stolen identities to conceal their activities.…

Tag: MOBILE