Written by: Gabby Roncone, Dan Black, John Wolfram, Tyler McLellan, Nick Simonian, Ryan Hall, Anton Prokopenkov, Luke Jenkins, Dan Perez, Lexie Aytes, Alden Wahlstrom

 

With Russia’s full-scale invasion in its third year, Sandworm (aka FROZENBARENTS) remains a formidable threat to Ukraine. The group’s operations in support of Moscow’s war aims have proven tactically and operationally adaptable, and as of today, appear to be better integrated with the activities of Russia’s conventional forces than in any other previous phase of the conflict.…

Read More

ESET researchers have discovered an active espionage campaign targeting Android users with apps primarily posing as messaging services. While these apps offer functional services as bait, they are bundled with open-source XploitSPY malware. We have named this campaign eXotic Visit and have tracked its activities from November 2021 through to the end of 2023.…

Read More

Victim: bigtoe.yoga Country : Unknown Actor: darkvault Source: http://mdhby62yvvg6sd5jmx5gsyucs7ynb5j45lvvdh4dsymg43puitu7tfid.onion//post/OWI2ZjFhOWIzZjNhNjNiOTdhZTA2Mj Discovered: 2024-04-15 19:20:07.354469 Description :

Book an in-home Massage or Private Yoga appointment with a provider in seconds! Bigtoe is the easiest way to book mobile massage appointments with a 5-star massage therapist.

massage, yoga, appointment…

Read More

Summary: Cybersecurity researchers have discovered a renewed cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy.

Threat Actor: LightSpy | LightSpy Victim: Users in South Asia | South Asia

Key Point :

The LightSpy iOS spyware campaign, dubbed “F_Warehouse,” has a modular framework with extensive spying features.…
Read More

Threat Actor: SN_Blackmeta | SN_Blackmeta Victim: Orange Israel | Orange Israel Price: Not specified Exfiltrated Data Type: Not specified

Additional Information:

SN_Blackmeta has claimed responsibility for a large-scale cyber attack on Orange Israel. Orange Israel is a telecommunications company offering mobile, internet, TV, and digital solutions.…
Read More

Summary: Organizations using Delinea Secret Server are urged to update their installations immediately to fix a critical vulnerability that could allow attackers to bypass authentication and gain admin access to extract secrets.

Threat Actor: Unknown | Unknown Victim: Organizations using Delinea Secret Server | Delinea Secret Server

Key Point :

Delinea Secret Server has a critical vulnerability in its SOAP API that allows attackers to bypass authentication and gain admin access.…
Read More

Victim: Best Reward Federal Credit Union Country : United States Actor: akira Source: Discovered: 2024-04-15 13:26:37.158397 Description :

Best Reward Federal Credit Union offers low-rate loans, deposit accounts, VISA cards, and mobile services. Lots of financial documents, personal information including thousands of members’ names, SSNs, addresses, emails, and phone numbers.…
Read More

Summary: The GSM Association’s Fraud and Security Group (FASG) has released the Mobile Threat Intelligence Framework (MoTIF), which provides a structured approach to understanding and combating mobile network-related attacks.

Threat Actor: N/A Victim: N/A

Key Point :

The Mobile Threat Intelligence Framework (MoTIF) is a new framework developed by the GSM Association’s Fraud and Security Group (FASG) to describe mobile network-related attacks.…
Read More

Summary: The Federal Bureau of Investigation (FBI) has issued a warning about a wave of SMS phishing attacks targeting Americans with fake road toll fee messages, with thousands of people already reporting being targeted by scammers.

Threat Actor: Unknown | SMS phishing attacks Victim: Americans | Americans

Key Point :

The FBI has received over 2,000 complaints about smishing texts related to road toll collection services from at least three states.…
Read More
Must-Read Cybersecurity Blogs [List of Blogs & Websites]

1. Unsupervised Learning

An experienced cybersecurity expert, consultant and writer, Miessler takes a personal approach on his blog with an “about me” page that not only details his professional interests but also his hobbies, interests and political views. His offerings include newsletters and essays on a variety of topics and a podcast called Unsupervised Learning that focuses on security and artificial intelligence.…

Read More

Summary: Apple has updated its warning system to alert users when they may have been individually targeted by mercenary spyware threats, such as the surveillance tools developed by NSO Group.

Threat Actor: NSO Group | NSO Group Victim: Individuals targeted by mercenary spyware attacks

Key Point :

Apple has revised its documentation to specifically address mercenary spyware threats and highlight their advanced capabilities, including zero-day exploits and complex obfuscation techniques.…
Read More

Victim: Nexperia Country : Netherlands Actor: dunghill Source: http://p66slxmtum2ox4jpayco6ai3qfehd5urgrs4oximjzklxcol264driqd.onion/lot12.html Discovered: 2024-04-10 21:05:37.096896 Description :

Nexperia is a global semiconductor company headquartered in the Netherlands. The company has a rich European history and operates with more than 15,000 employees in Europe, Asia, and the United States. Nexperia is a leading expert in the design and manufacture of mission-critical semiconductors.…
Read More