Stay Ahead of Cyber Threats – Daily Security Insights, Powered by AI
Summary: A new banking Trojan called Antidot has been discovered by Cyble Research and Intelligence Labs, targeting Android devices with sophisticated malware features.
Threat Actor: Antidot Trojan | Antidot Trojan Victim: Android users | Android users
Key Point :
The Antidot Trojan disguises itself as a Google Play update application and displays a fake update page in multiple languages to target Android users in different regions.…Threat Actor: Unknown | Unknown Victim: France Solar | France Solar Price: $1,000 Exfiltrated Data Type: Personal information of users
Additional Information :
The leaked database contains information on approximately 42,000 users. The full dump size is specified to be 200 MB. Key data fields include user IDs, client IDs, personal details such as names, addresses, contact numbers, emails, birthdays, nationalities, and more.…Summary: The National Cyber Security Centre (NCSC) in the UK has launched a new platform called Share and Defend to help disrupt cybercrime and online fraud across the country by providing a list of malicious domains to communications providers for blocking.
Threat Actor: N/A Victim: N/A
Key Point :
The NCSC’s Share and Defend system aims to enhance cybersecurity in the UK by sharing a list of malicious domains with communications providers, allowing them to add these domains to blocklists.…Summary: Apple and Google have announced an industry specification for Bluetooth tracking devices that will alert users to unwanted tracking.
Threat Actor: Unwanted tracking | unwanted tracking Victim: Users | users
Key Point :
Apple and Google have collaborated on a specification called “Detecting Unwanted Location Trackers” to alert users if their device is being used to track them.…Summary: The Federal Trade Commission (FTC) is warning auto manufacturers about their data collection and sales activities, specifically regarding the sharing of sensitive car data with advertisers.
Threat Actor: None identified.
Victim: Auto manufacturers.
Key Point:
The FTC is closely monitoring the data collection and sales practices of auto manufacturers, particularly the sale of geolocation data and the disclosure of sensitive information.…Summary: The Avast Q1/2023 Threat Report highlights the increase in social engineering scams and the evolving tactics used by cybercriminals to exploit deepfakes, YouTube, malvertising, and phishing.
Threat Actor: Cybercriminals | Cybercriminals Victim: Individuals and organizations | Individuals and organizations
Key Point :
Social engineering scams have increased by 61% on mobile and 23% on desktop.…Threat Actor: Centre | Centre Victim: Patriot Mobile | Patriot Mobile Price: Unknown Exfiltrated Data Type: Personal information of approximately 65,000 users
Additional Information :
The breach occurred in 2022. The compromised data includes Account PINs, full names, email addresses, credit scores, physical locations, dates of birth, the last four digits of Social Security Numbers (SSNs), account balances, and enrollment types.…Research by: Antonis Terefos
IntroductionPDF (Portable Document Format) files have become an integral part of modern digital communication. Renowned for their universality and fidelity, PDFs offer a robust platform for sharing documents across diverse computing environments. PDFs have evolved into a standard format for presenting text, images, and multimedia content with consistent layout and formatting, irrespective of the software, hardware, or operating system used to view them.…
Summary: The content discusses the rise of insider threats, specifically in the context of work-from-home employees and increasing financial pressures.
Threat Actor: Insider Threats | Insider Threats Victim: Various organizations and businesses | organizations and businesses
Key Point:
Filings to anti-fraud non-profit Cifas have increased by 14% due to insider threats, with work-from-home employees and financial pressures being contributing factors.…Summary: This content discusses a phone scam where cybercriminals pose as the PayPal security team and trick victims into giving them access to their online accounts.
Threat Actor: Cybercriminals | cybercriminals Victim: PayPal users | PayPal users
Key Point :
Cybercriminals pretend to be the PayPal security team and call victims, claiming there is unusual activity on their accounts.…AhnLab’s Mobile Analysis Team has confirmed cases of romance scams where perpetrators establish rapport by posing as overseas friends or romantic partners. They exploit this connection to solicit money under the guise of cryptocurrency investments.
A romance scam is a type of fraud that involves emotional manipulation to solicit money through various means. …
Summary: This content discusses a technique called GhostStripe that can interfere with autonomous vehicles by exploiting their reliance on camera-based computer vision, causing them to not recognize road signs.
Threat Actor: Unknown | GhostStripe Victim: Tesla and Baidu Apollo drivers | Tesla, Baidu Apollo
Key Point:
A technique called GhostStripe exploits the reliance of autonomous vehicles on camera-based computer vision to interfere with their ability to recognize road signs.…Affected Platforms: Microsoft WindowsImpacted Users: Microsoft WindowsImpact: The stolen information can be used for future attackSeverity Level: High
Many game makers allow users to alter a game’s appearance or behavior to increase its enjoyment and replay value. Players can often also download packages created by others.…
In late 2023 and early 2024, the NCC Group Hardware and Embedded Systems practice undertook an engagement to reverse engineer baseband firmware on several smartphones. This included MediaTek 5G baseband firmware based on the nanoMIPS architecture. While we were aware of some nanoMIPS modules for Ghidra having been developed in private, there was no publicly available reliable option for us to use at the time, which led us to develop our own nanoMIPS disassembler and decompiler module for Ghidra.…
Threat Actor: Unknown | Unknown Victim: Australian citizens | Australian citizens Price: $3,500 Exfiltrated Data Type: Australian citizenship data
Additional Information :
The threat actor is allegedly selling a database containing Australian citizenship data for the year 2024. The database is reported to contain 14 million records, each potentially containing sensitive personal information.…Date Reported: 2024-05-06 Country: USA Victim: DocGo | docgo.com Additional Information:
The mobile healthcare company, DocGo, has fallen victim to a cyberattack. During the attack, protected health data was stolen from a limited number of medical records. The company has taken measures to contain the incident and has hired cybersecurity experts to investigate.…Summary: AT&T has completed the divestiture of its cybersecurity services group and formed a joint venture called LevelBlue, which will focus on managed cybersecurity services.
Threat Actor: N/A
Victim: N/A
Key Point :
AT&T has formed a joint venture called LevelBlue, which will provide managed cybersecurity services.…Victim: qstartlabs.com Country : Actor: lockbit3 Source: http://lockbit3olp7oetlc4tl5zydnoluphh7fvdt5oa6arcp2757r7xkutid.onion/post/BhQslxzg6WLJo2xO6638deba23e4d Discovered: 2024-05-06 16:56:51.824552 Published: 2024-05-06 13:44:00.000000 Description : Software. Development. For. Startups. Begin your startup journey with QStart Labs, —your dedicated tech team for web, mobile, and AI application development. Better than that we also blend cutting-edge technology with strategic insight, propelling your…
Ransomware Victims – ALL Other Victims by lockbit3…