Summary: Cybersecurity researchers have discovered almost 30 phishing websites that are impersonating the electronic toll collection service E-ZPass, following an FBI warning about smishing attacks targeting road toll collection services.

Threat Actor: Unknown threat actor | Unknown threat actor Victim: E-ZPass customers and users of road toll collection services

Key Point :

Cybersecurity researchers have identified nearly 30 newly created domains related to tolls, 15 of which are likely to be used for phishing, malware, or spam.…
Read More

Curated bookmark list categorized by area and event monitoring, person of interest search, corporate profiling, mapping, AI, intelligence analysis, reporting tools, collective tools, cryptocurrency, country specific, verification and fact-checking.

They are broken down into appropriate categories such as:

area and event monitoringperson of interest searchcorporate profilingmappingartificial intelligenceintelligence analysisreporting toolscollective toolscryptocurrencycountry specificverification and fact-checking.…
Read More

Victim: www.drlincoln.com.br Country : Brazil Actor: qiulong Source: http://62brsjf2w77ihz5paods33cdgqnon54gjns5nmag3hmqv6fcwamtkmad.onion/?p=50 Discovered: 2024-04-22 04:36:40.432900 Description :

If you are a patient of Dr. Lincoln Graça Neto, you should know that he doesn’t care about your data and your privacy. The clinic is located in Curitiba, in the Batel neighborhood, a noble area of the capital of Paraná, with easy access and a modern and pleasant physical structure.…
Read More

As the digital landscape continues to evolve, the United States finds itself at the forefront of emerging cybersecurity challenges. With its critical infrastructure, extensive government networks, and vibrant economy, the nation remains a prime target for a myriad of cyber threats. From state-sponsored actors seeking to undermine national security to sophisticated cybercriminal organizations aiming to exploit vulnerabilities for financial gain, the USA’s threat landscape is diverse and complex.…

Read More

In early 2024, Group-IB’s Threat Intelligence team observed a surge in phishing URLs targeting INTERAC, a Canadian payment service. Subsequently, a client operating in Canada reported an uptick in phishing attempts against their customers and shared a suspicious URL, lab-host[.]ru, prompting an investigation.

This inquiry unveiled a connection between the shared URL and INTERAC phishing pages, all originating from the LabHost Phishing-as-a-Service (PhaaS) platform.…

Read More

Amibreached.com is a service developed by Cyble Inc., designed to help individuals and companies determine if their personal data has been exposed on the dark web. The platform allows users to search for various types of personal information, such as email addresses, phone numbers, and IP addresses, to see if they are present in data breaches or have been put up for sale on the dark web​ (Itigic)​.…

Read More

Victim: hymer-alu.de Country : Germany Actor: blackbasta Source: http://stniiomyjliimcgkvdszvgen3eaaoz55hreqqx6o77yvmpwt7gklffqd.onion/?id=hymer-alu.de Discovered: 2024-04-19 12:42:29.302209 Description :

Our HYMER Automotive division offers customized system solutions all over Europe for the caravanning sector, the commercial vehicle, bus and special vehicle manufacturing industry, shipbuilding, and the agricultural industry. Our system components include driver’s cab doors and windows, cabin doors, storage compartment doors, bed systems, and fold-down beds.…
Read More

Victim: fluenthome.com Country : Canada Actor: blackbasta Source: http://stniiomyjliimcgkvdszvgen3eaaoz55hreqqx6o77yvmpwt7gklffqd.onion/?id=fluenthome.com Discovered: 2024-04-19 12:44:15.596970 Description :

Fluent Home General Information The company offers home security technology, energy management, security automation, and mobile products and associated installation services, enhancing the quality of life and protecting homes and families in a user-friendly manner.…
Read More

TransparentTribe primarily targets Indian government organizations, military personnel, and defense contractors. Its objective is usually to gather sensitive information, conduct cyber espionage, and compromise the security of its targets.  

TransparentTribe is known to have exploited various platforms, including Windows and Android, in their endeavours. The threat actors often create fake websites and documents that mimic legitimate government entities or organizations.…

Read More
Enlarge Getty Images

Password-manager LastPass users were recently targeted by a convincing phishing campaign that used a combination of email, SMS, and voice calls to trick targets into divulging their master passwords, company officials said.

The attackers used an advanced phishing-as-a-service kit discovered in February by researchers from mobile security firm Lookout.…

Read More

Summary: The Sandworm hacking group, associated with Russian military intelligence, has been hiding their attacks and operations behind multiple online personas posing as hacktivist groups. They have been active since at least 2009 and are known for their multi-faceted attacks on critical infrastructure in Ukraine.

Threat Actor: Sandworm | Sandworm Victim: Various entities, including water utilities in the U.S.…

Read More

On April 18, 2024, the UK’s Metropolitan Police Service and others conducted an operation that succeeded in taking down the Phishing-as-a-Service provider LabHost.

LabHost takedown

On Thursday, April 18, 2024, the UK’s Metropolitan Police Service, along with fellow UK and international law enforcement, as well as several trusted private industry partners, conducted an operation that succeeded in taking down the Phishing-as-a-Service (PhaaS) provider LabHost.…

Read More

Summary: The article discusses the cyber attacks conducted by Russia on European railways, with a focus on the Czech Republic and Poland.

Threat Actor: Russia | Russia Victim: Czech Republic, Poland | Czech Republic, Poland

Key Points:

Russia has conducted thousands of attempts to sabotage European railways, aiming to destabilize the EU and sabotage critical infrastructure.…
Read More

Summary: Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, including two critical heap overflows that can be exploited for remote command execution.

Threat Actor: Unknown | N/A Victim: Ivanti | N/A

Key Point :

Ivanti has patched 27 vulnerabilities in its Avalanche MDM solution, including two critical heap overflows that allow for remote command execution.…
Read More
Summary

This report details the resurgence of the LightSpy mobile espionage campaign, which focuses on targets in Southern Asia and probably India, potentially indicating a renewed focus on political targets and tensions in the region.

Beyond our findings, the echoes of concern reach further. VirusTotal submissions from India suggest potential victims within its borders, aligning with recent warnings by Apple on detections within the same country.…

Read More