Amibreached.com is a service developed by Cyble Inc., designed to help individuals and companies determine if their personal data has been exposed on the dark web. The platform allows users to search for various types of personal information, such as email addresses, phone numbers, and IP addresses, to see if they are present in data breaches or have been put up for sale on the dark web (Itigic).…
Tag: MOBILE
Victim: hymer-alu.de Country : Germany Actor: blackbasta Source: http://stniiomyjliimcgkvdszvgen3eaaoz55hreqqx6o77yvmpwt7gklffqd.onion/?id=hymer-alu.de Discovered: 2024-04-19 12:42:29.302209 Description :
Our HYMER Automotive division offers customized system solutions all over Europe for the caravanning sector, the commercial vehicle, bus and special vehicle manufacturing industry, shipbuilding, and the agricultural industry. Our system components include driver’s cab doors and windows, cabin doors, storage compartment doors, bed systems, and fold-down beds.…Victim: fluenthome.com Country : Canada Actor: blackbasta Source: http://stniiomyjliimcgkvdszvgen3eaaoz55hreqqx6o77yvmpwt7gklffqd.onion/?id=fluenthome.com Discovered: 2024-04-19 12:44:15.596970 Description :
Fluent Home General Information The company offers home security technology, energy management, security automation, and mobile products and associated installation services, enhancing the quality of life and protecting homes and families in a user-friendly manner.…Many people make banking transactions online now. And since mobile devices are one of the most popular and convenient ways to shop and make payments, criminals are naturally drawn to this. A current example of a malware that specifically targets online banking shows how easy it is to fall for malware.…
Summary: LastPass users are being targeted by a malicious campaign using the CryptoChameleon phishing kit, which is associated with cryptocurrency theft.
Threat Actor: CryptoChameleon | CryptoChameleon Victim: LastPass users | LastPass
Key Point :
LastPass users are being targeted by a malicious campaign using the CryptoChameleon phishing kit.…TransparentTribe primarily targets Indian government organizations, military personnel, and defense contractors. Its objective is usually to gather sensitive information, conduct cyber espionage, and compromise the security of its targets.
TransparentTribe is known to have exploited various platforms, including Windows and Android, in their endeavours. The threat actors often create fake websites and documents that mimic legitimate government entities or organizations.…
Password-manager LastPass users were recently targeted by a convincing phishing campaign that used a combination of email, SMS, and voice calls to trick targets into divulging their master passwords, company officials said.
The attackers used an advanced phishing-as-a-service kit discovered in February by researchers from mobile security firm Lookout.…
Summary: The Sandworm hacking group, associated with Russian military intelligence, has been hiding their attacks and operations behind multiple online personas posing as hacktivist groups. They have been active since at least 2009 and are known for their multi-faceted attacks on critical infrastructure in Ukraine.
Threat Actor: Sandworm | Sandworm Victim: Various entities, including water utilities in the U.S.…
On April 18, 2024, the UK’s Metropolitan Police Service and others conducted an operation that succeeded in taking down the Phishing-as-a-Service provider LabHost.
LabHost takedownOn Thursday, April 18, 2024, the UK’s Metropolitan Police Service, along with fellow UK and international law enforcement, as well as several trusted private industry partners, conducted an operation that succeeded in taking down the Phishing-as-a-Service (PhaaS) provider LabHost.…
The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very popular among malicious actors who attack mobile devices.…
Summary: The article discusses the cyber attacks conducted by Russia on European railways, with a focus on the Czech Republic and Poland.
Threat Actor: Russia | Russia Victim: Czech Republic, Poland | Czech Republic, Poland
Key Points:
Russia has conducted thousands of attempts to sabotage European railways, aiming to destabilize the EU and sabotage critical infrastructure.…Summary: Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, including two critical heap overflows that can be exploited for remote command execution.
Threat Actor: Unknown | N/A Victim: Ivanti | N/A
Key Point :
Ivanti has patched 27 vulnerabilities in its Avalanche MDM solution, including two critical heap overflows that allow for remote command execution.…This report details the resurgence of the LightSpy mobile espionage campaign, which focuses on targets in Southern Asia and probably India, potentially indicating a renewed focus on political targets and tensions in the region.
Beyond our findings, the echoes of concern reach further. VirusTotal submissions from India suggest potential victims within its borders, aligning with recent warnings by Apple on detections within the same country.…
Summary: Criminals are targeting T-Mobile and Verizon employees with text messages offering cash in exchange for performing SIM swaps, a type of attack where the fraudster reroutes the victim’s service to a device they control. This surge in SIM swap attacks has led to new regulations to protect consumers.…
Written by: Gabby Roncone, Dan Black, John Wolfram, Tyler McLellan, Nick Simonian, Ryan Hall, Anton Prokopenkov, Luke Jenkins, Dan Perez, Lexie Aytes, Alden Wahlstrom
With Russia’s full-scale invasion in its third year, Sandworm (aka FROZENBARENTS) remains a formidable threat to Ukraine. The group’s operations in support of Moscow’s war aims have proven tactically and operationally adaptable, and as of today, appear to be better integrated with the activities of Russia’s conventional forces than in any other previous phase of the conflict.…
Summary: Malicious bots now account for a third of internet traffic, leading to an increase in account takeover attacks, according to Imperva’s Bad Bot Report. The report also highlights the targeting of API endpoints and the use of residential ISPs by threat actors to evade detection.…
Summary: The Federal Trade Commission (FTC) has proposed a settlement with mental telehealth service firm Cerebral Inc., restricting the company from sharing consumer data and requiring it to pay a $7 million penalty for unlawfully disclosing sensitive health information to third-party advertisers without patient consent.
Threat Actor: Cerebral Inc.…
ESET researchers have discovered an active espionage campaign targeting Android users with apps primarily posing as messaging services. While these apps offer functional services as bait, they are bundled with open-source XploitSPY malware. We have named this campaign eXotic Visit and have tracked its activities from November 2021 through to the end of 2023.…
Victim: bigtoe.yoga Country : Unknown Actor: darkvault Source: http://mdhby62yvvg6sd5jmx5gsyucs7ynb5j45lvvdh4dsymg43puitu7tfid.onion//post/OWI2ZjFhOWIzZjNhNjNiOTdhZTA2Mj Discovered: 2024-04-15 19:20:07.354469 Description :
Book an in-home Massage or Private Yoga appointment with a provider in seconds! Bigtoe is the easiest way to book mobile massage appointments with a 5-star massage therapist.massage, yoga, appointment…
Threat Actor: Unknown | Unknown Victim: Curva | Curva Price: $250 Exfiltrated Data Type: User and employee information
Additional Information:
The threat actor is selling a database associated with Curva, an Egyptian e-commerce platform. The database is 2GB in size and contains extensive information on both users and employees.…