Threat Actor: Unknown | Unknown Victim: Egyptian citizens | Egyptian citizens Price: Negotiable Exfiltrated Data Type: Personal information
Additional Information :
The threat actor claims to possess a database containing personal information of 85 million Egyptian citizens. The dataset includes National Identification Numbers (NID), full names, family names, mothers’ names, insurance numbers, and mobile phone numbers.…09/04/2024
Phishing home pageA sophisticated malicious campaign is currently underway, aimed at compromising Android devices in Italy through the SpyNote malware. This is disguised as the “INPS Mobile” application, available for download on a specifically created domain yesterday, with the aim of deceiving victims.
The phishing page, reported by D3lab to CERT-AGID, is carefully designed with logos and content that reproduce the official ones of the Institute.…
Online investment scams these days are no longer an issue limited to specific nations, now becoming a social issue prevalent around the globe. Scammers (criminals) deceive their victims through illegal and immoral means, extorting financial assets including cash and virtual assets from them. They are usually a part of a structured criminal syndicate, where they devise sophisticated scenarios to commit “transnational” fraud crimes.…
Summary: MPs in the UK have been targeted in a spear-phishing attack, potentially compromising parliament’s security.
Threat Actor: Unknown | Unknown Victim: UK Parliament | UK Parliament
Key Point :
A police investigation has been launched after MPs received unsolicited messages, potentially indicating a spear-phishing attack.…Date Reported: 2024-02-20 Country: USA Victim: Continental Aerospace | continental.aero Additional Information:
Continental Aerospace, a low-based engine manufacturer located in Mobile, Alabama, is currently experiencing a cyberattack that is disrupting its operations. The company announced on its website on February 20th that it is working with experts to resolve the issue and hopes to resume normal activities soon.…Mallox, a strain of ransomware and a group with the same name, encrypts its victims’ data and subsequently demands a ransom, typically in cryptocurrency, in return for providing the decryption key, just as a usual ransomware operator. However, this ransomware exhibited more destructiveness than many other ransomware variants in some cases.…
In this report, we will conduct a comprehensive analysis of Gafgyt, which is an ELF malware. Our aim is to examine the malware’s capabilities and determine its functions:
DDoS Attack Capabilities Communication with Command and Control (C&C) Server Evade detection Network Setup and Configuration Process ManipulationGafgyt malware, which is also known as Bashlite has targeted millions of vulnerable IoT devices in the last few years.…
Threat Actor: Unknown Victim: Dr. Cafe Coffee
Key Points: * The threat actor claims responsibility for selling a database sourced from Dr. Cafe Coffee. * The attack occurred in April 2024. * The compromised data includes sensitive information such as Full Name, Full Address, Email, Phone, Mobile, City, Nickname, Gender, Device Token, Family Name, Language, Random Number, Date of Birth, Badge Expiry Date, and other confidential information.…
The authors behind Android banking malware Vultur have been spotted adding new technical features, which allow the malware operator to further remotely interact with the victim’s mobile device. Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads that are decrypted on the fly, and using the guise of legitimate applications to carry out its malicious actions.…
____________________ The FCC is investigating vulnerabilities in phone network infrastructure that can lead to cybercrime and spying. Key Point : * FCC is probing weaknesses in SS7 and Diameter protocols. * Vulnerabilities can reveal consumers’ locations to hackers and spies. * The agency is demanding providers to prevent breaches and share examples.…
______________________ Vultur banking malware for Android poses as McAfee Security app
Key Point : * Vultur banking trojan for Android has advanced remote control capabilities and an improved evasion mechanism. * Distributed over Google Play through dropper apps in late 2022. * Included in Zimperium’s top 10 most active banking trojans for targeting 122 banking apps in 15 countries.…
Threat Actor: Unknown attacker Victim: OWASP Foundation
Information:
OWASP Foundation is a nonprofit organization focused on software security.
The data breach impacted some of OWASP’s members.
The breach was a result of a misconfiguration of OWASP’s old Wiki web server.
The incident exposed old member resumes from 2006 to around 2014.…
Threat Actor: Unknown Victim: Shivaji College – University of Delhi
Information:
The threat actor allegedly breached the database of Shivaji College.
The compromised data includes student and teacher records, student cards with pictures, surveys, feedback, and additional documents containing Personally Identifiable Information (PII).
The attack occurred in March 2024.…
Open-source software’s adaptive nature ensures its durability, relevance, and compatibility with new technologies.
When I started digging deeper into the open-source cybersecurity ecosystem, I discovered an engaged community of developers working to find practical solutions to many problems, one of them being saving time.
Here are 20 essential open-source cybersecurity tools that are freely available and waiting for you to include them in your arsenal.…
____________________ Summary : Harvard Pilgrim Health Care has updated the number of people affected by a ransomware attack to nearly 2.9 million, highlighting the evolving nature of data breach investigations.
Key Point :
Data breach total increased to 2,860,795, up 12% from original figure
Incident occurred on April 17, 2023, limiting services for days
Number of people impacted by data breaches can expand as investigations evolve
Attackers were in Harvard Pilgrim’s systems from March 28, 2023 to April 17, 2023
Files involved may contain personal data and protected health information
Harvard Pilgrim serves more than 1.1 million members primarily in Massachusetts, New Hampshire, Maine, and Connecticut
Parent company Point32Health formed in 2021 from merger of Harvard Pilgrim and Tufts Health Plan
Company is second-largest insurer in Massachusetts
——————–
Harvard Pilgrim Health Care said the number of people affected by a ransomware attack last spring is larger than originally stated.…
Summary: Retail chain Hot Topic was hit by new credential stuffing attacks in November, exposing customers’ personal information and partial payment data.
Key Point: * Cybercriminals used automated tools to trigger login attempts on Hot Topic Rewards accounts. * Sensitive information such as names, email addresses, and phone numbers could have been exposed.…
____________________ Summary: Google’s latest research shows a significant increase in zero-day vulnerabilities exploited by attackers in enterprise-specific software and appliances compared to previous years.
Key Point 
:
– The number of found and exploited enterprise-specific technology zero-day vulnerabilities increased by 64% in 2023.
– End-user platforms like Windows, Safari, iOS, and Android were also targeted, with notable investments from vendors like Apple, Google, and Microsoft.…
Hot Topic, Inc. is an American fast-fashion company specializing in counterculture-related clothing and accessories, as well as licensed music.
The company was the victim of credential stuffing attacks against its website and mobile application on November 18-19 and November 25, 2023. The attackers detected suspicious login activity to certain Hot Topic Rewards accounts.…