Victim: qstartlabs.com Country : Actor: lockbit3 Source: http://lockbit3olp7oetlc4tl5zydnoluphh7fvdt5oa6arcp2757r7xkutid.onion/post/BhQslxzg6WLJo2xO6638deba23e4d Discovered: 2024-05-06 16:56:51.824552 Published: 2024-05-06 13:44:00.000000 Description : Software. Development. For. Startups. Begin your startup journey with QStart Labs, —your dedicated tech team for web, mobile, and AI application development. Better than that we also blend cutting-edge technology with strategic insight, propelling your…

Ransomware Victims – ALL Other Victims by lockbit3…

Read More

Threat Actor: Unknown | Unknown Victim: China bank customers | China bank customers Price: $12,000 for the entire set of 2.3 million records Exfiltrated Data Type: Mobile numbers, full names, ID numbers, account numbers, bank details, demographic information (province, city, mobile carrier, sex, birthday)

Additional Information :

The database allegedly contains information from various banks and is dated December 2023.…
Read More

Summary: This content discusses the continued relevance of passwords in digital authentication despite the availability of alternative methods, such as passkeys.

Threat Actor: N/A

Victim: N/A

Key Point :

The password is still widely used for digital authentication, despite predictions of its demise. A recent survey by the FIDO Alliance shows that passkeys are gaining popularity, with 22% of respondents enabling them on every account and 61% finding them more convenient than passwords.…
Read More

Summary: This content discusses the increase in financially motivated cyberattacks conducted by unidentified hackers associated with Russia in Ukraine.

Threat Actor: Unidentified hackers associated with Russia | unidentified hackers associated with Russia Victim: Ukraine | Ukraine

Key Point :

There has been an increase in financially motivated cyberattacks in Ukraine conducted by previously unidentified hackers associated with Russia.…
Read More

Summary: This content discusses the identification of vulnerabilities in Android apps from smartphone maker Xiaomi and Google’s Android Open Source Project (AOSP) by Oversecured, a business that scans mobile apps for security issues.

Threat Actor: Oversecured | Oversecured Victim: Xiaomi and Google’s Android Open Source Project (AOSP) | Xiaomi and Google’s Android Open Source Project (AOSP)

Key Point:

Oversecured has identified more than two dozen vulnerabilities in Android apps from Xiaomi and Google’s AOSP.…
Read More

Summary: This content discusses a path traversal-affiliated vulnerability pattern found in multiple popular Android applications, which could lead to arbitrary code execution and token theft.

Threat Actor: Microsoft | Microsoft Victim: Multiple popular Android applications | popular Android applications

Key Point :

A path traversal-affiliated vulnerability pattern was discovered in multiple popular Android applications, allowing a malicious application to overwrite files in the vulnerable application’s home directory.…
Read More

Published On : 2024-05-03

EXECUTIVE SUMMARY

The team at CYFIRMA recently intercepted Android malware suspected to have been delivered by a Pakistan-based APT group targeting Indian defense personnel. Surprisingly, the campaign has been active for over a year. The unidentified threat actor possibly utilized Spynote, or its modified version known by Craxs Rat, obfuscating the app with a high level of complexity, making it difficult to understand.…

Read More
Executive SummaryVoice phishing groups are building phishing pages, developing malicious Android apps to trick victims into accessing phishing sites, and installing the apps for financial fraud to steal money from victims.We named a family of voice phishing apps distributed in South Korea that impersonate law enforcement agencies, financial institutions, etc.…
Read More

Summary: The UK’s National Cyber Security Centre (NCSC) has launched a new initiative called Advanced Mobile Solutions (AMS) to enhance cyber-resilience for organizations targeted by nation-state threats on their mobile infrastructure.

Threat Actor: Nation-state threat actors | nation-state threat actors Victim: High-threat organizations | high-threat organizations

Key Point :

The NCSC’s Advanced Mobile Solutions (AMS) risk model aims to protect against the targeting of consumer-grade devices by commercial spyware, which can serve as a gateway for sophisticated threat actors to access corporate systems and data.…
Read More

Summary: The Federal Communications Commission (FCC) has fined four major U.S. wireless carriers a total of nearly $200 million for unlawfully selling access to real-time location data of their customers without consent.

Threat Actor: FCC | FCC Victim: AT&T, Sprint, T-Mobile, Verizon | AT&T, Sprint, T-Mobile, Verizon

Key Point :

The FCC has issued Notices of Apparent Liability (NAL) against AT&T, Sprint, T-Mobile, and Verizon for selling customer location data without consent.…
Read More

Summary: This content discusses the increase in credential stuffing attacks against online services and large-scale brute-force attacks against various targets.

Threat Actor: N/A

Victim: Okta | Okta

Key Points:

Okta has observed a surge in credential stuffing attacks against online services, facilitated by the availability of residential proxy services, combo lists of compromised credentials, and automation tools.…
Read More

Summary: The Russian independent news website Meduza is facing repeated attempts to disrupt its digital infrastructure, including distributed denial-of-service (DDoS) attacks, which are believed to be orchestrated by the Russian authorities.

Threat Actor: Russian authorities | Russian authorities Victim: Meduza | Meduza

Key Point :

Meduza has been targeted by a series of DDoS attacks, which have intensified and continued even after the Russian presidential election in March.…
Read More

Threat Actor: Unknown | Unknown Victim: Lucky app users | Lucky app users Price: Not specified Exfiltrated Data Type: Database and source code of Lucky app

Additional Information:

The threat actor is allegedly offering for sale the database and source code of the Lucky app. The Lucky app is a prominent app for credit products and loyalty rewards in Egypt, developed by Dsquares.…
Read More

Summary: The Godfather mobile banking Trojan, which targets hundreds of banking apps, has become one of the most widespread malware-as-a-service offerings in cybercrime, with over 1,000 samples circulating worldwide.

Threat Actor: Godfather mobile banking Trojan | Godfather mobile banking Trojan Victim: Banking apps | banking apps

Key Point :

The Godfather mobile banking Trojan has quickly become one of the most widespread malware-as-a-service offerings in cybercrime, targeting hundreds of banking apps worldwide.…
Read More
Key TakeawaysIn September 2023, we successfully sinkholed a command and control server linked to the PlugX worms. For just $7, we acquired the unique IP address tied to a variant of this worm, which had been previously documented by Sophos. Almost four years after its initial launch, between ~90,000 to ~100,000 unique public IP addresses are still infected, sending distinctive PlugX requests daily to our sinkhole.…
Read More

Victim: atriline.by Country : Belarus Actor: darkvault Source: http://mdhby62yvvg6sd5jmx5gsyucs7ynb5j45lvvdh4dsymg43puitu7tfid.onion//post/MmQ1NWE5YThhZjU0ZWVjZjk0Y2NmMm Discovered: 2024-04-25 22:26:24.765375 Published: 2024-04-25 00:00:00.000000 Description :

Online ticket sales for the Bobruisk – Minsk – Bobruisk route Purchase takes 2 minutes Check the schedule and prices Free returns Convenient mobile application SMS notifications

online ticket sales, Bobruisk – Minsk – Bobruisk route, schedule and prices…

Read More