Tag: PHISHING

Russian Scammers Target Crypto Influencers with Infostealers
Summary: A report by Recorded Future details the operations of a Russian crypto scamming group known as Crazy Evil, which utilizes advanced techniques and malware to conduct scams on social media, targeting cryptocurrencies and digital assets. The group has been active since 2021 and is linked to multiple active scams, reportedly generating over million in illicit revenue while compromising tens of thousands of devices globally.…
Read More
GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities
Summary: A new threat actor called GamaCopy has been observed emulating tactics from the Kremlin-aligned Gamaredon group, primarily targeting Russian-speaking entities. The group is noted for using military-related content to deploy UltraVNC for remote access, closely resembling techniques used by another hacking faction, Core Werewolf. This pattern of behavior highlights an evolving landscape of cyber threats amidst ongoing geopolitical tensions stemming from the Russo-Ukrainian war.…
Read More

Victim: Kurosu & Co.SA – kurosu.com.py Country : PY Actor: babuk Source: http:/7dikawx73goypgfi4zyo5fcajxwb7agemmiwqax3p54aey4dwobcvcyd.onion/blog/9169dd48cabbf3e397e0a7a8e857dcab66598b3c22984607080f4a13b77b51e9/ Discovered: 2025-01-27 08:17:55.100458 Published: 2025-01-27 08:16:45.236899 Description : Kurosu & Co.SA – kurosu.com.py LEAKED

About Country PY (Paraguay) – Cybersecurity Perspective and Ransomware Cases

– Growing Digital Landscape: Paraguay has been rapidly adopting digital technologies, leading to increased internet usage and online services.…

Read More
Tracking a Malicious Blogspot Redirection Campaign to ApateWeb | Validin
This article explores a malicious campaign utilizing Blogspot links for redirection to various fraudulent sites, including phishing and malware distribution. The campaign targets unsuspecting users who may mistake these links for legitimate content due to their deceptive appearance on social media. It provides detailed insights on how to investigate such redirects and identifies indicators of compromise related to the threat.…
Read More
InvisibleFerret Malware: Technical Analysis – ANY.RUN’s Cybersecurity Blog
The article discusses the InvisibleFerret malware, associated with North Korean threat actors, exploiting fake job interviews to distribute itself. This malware targets sensitive files, source code, and user data in technological, financial, and cryptocurrency sectors, demonstrating high levels of sophistication and stealth. Affected: technological sector, financial sector, cryptocurrency sector

Keypoints :

North Korean activity observed using fake job interviews to spread malware.…
Read More
The article discusses a security breach at CyberHaven, where a phishing attack led to the deployment of a trojanized Chrome extension. The malicious extension was used to exfiltrate sensitive data from users by manipulating Chrome’s storage and communication mechanisms. This incident highlights the risks associated with browser-based threats and the growing relevance of malicious browser extensions.…
Read More

Victim: www.shootinghouse.com.br Country : BR Actor: babuk Source: http:/7dikawx73goypgfi4zyo5fcajxwb7agemmiwqax3p54aey4dwobcvcyd.onion/blog/c0b63c60d94025eff1accba59f0f42fd8a932576faf925c2cd5044201bd98676/ Discovered: 2025-01-27 07:40:30.365873 Published: 2025-01-27 07:39:16.857312 Description : Here are the key points about the website www.shootinghouse.com.br: Offers various shooting experiences and packages. Features a range of firearms and equipment for use during sessions. Provides safety briefings and professional instruction.…
Read More
MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks
Summary: Cybersecurity researchers have uncovered a campaign utilizing MintsLoader malware, which targets sectors like electricity and legal services in the U.S. and Europe to spread secondary payloads, including the StealC information stealer. The campaign employs phishing techniques involving fake CAPTCHA prompts to trick users into executing malicious scripts.…
Read More
The Anatomy of a Threat: Insights from an Analyst
Cyberattacks are increasingly targeting various entities including managed service providers, businesses, and home users. Understanding the stages of these attacks, which range from reconnaissance to control, is essential for strengthening cybersecurity defenses. Threat intelligence plays a crucial role in helping organizations prepare for and respond to these threats effectively.…
Read More

Victim: Weeks, Brucker & Coleman, Ltd | Legal Services Country : US Actor: everest Source: http://ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion/weeks-brucker-coleman-ltd-legal-services/ Discovered: 2025-01-27 01:34:10.842697 Published: 2025-01-27 01:34:10.842697 Description : Weeks, Brucker & Coleman, Ltd internal network was compromised. More than 150GB of important internal data was exfiltrated. The stolen data included internal and confidential information.…
Read More

Victim: achieverssciencejournal.org Country : NG Actor: funksec Source: http://funkxxkovrk7ctnggbjnthdajav4ggex53k6m2x3esjwlxrkb3qiztid.onion/achieverssciencejournal.org Discovered: 2025-01-26 22:12:37.658287 Published: 2025-01-26 22:12:37.658287 Description : Achievers Science Journal is an educational organization. Dedicated to producing and distributing science-related content. Focuses on assisting in the development and learning of students in the science field. Offers published scientific articles and resources for science learning.…
Read More

Victim: ransom price is 10k for all Country : Actor: funksec Source: http://funkxxkovrk7ctnggbjnthdajav4ggex53k6m2x3esjwlxrkb3qiztid.onion/Funksec2.0 Discovered: 2025-01-26 12:34:45.065024 Published: 2025-01-26 12:34:45.065024 Description : Clarification about the term “Ransom price is 10k for all” Suggests it may refer to a situation involving ransomware or a hostage scenario Indicates it’s not a valid company name Requests for actual company details if available

About Country: Cybersecurity Perspective and Ransomware Cases

1.…

Read More
The top 10 brands exploited in phishing attacks – and how to protect yourself | ZDNET
Summary: Cybercriminals are increasingly using phishing attacks that spoof well-known brands to deceive users into revealing sensitive information. A recent report from Check Point Research identifies the most commonly spoofed brands and highlights the need for vigilance against these threats. Key brands targeted include Microsoft, Apple, and Google, with specific campaigns impersonating services like PayPal and Facebook.…
Read More

Victim: welcomewagon.com Country : US Actor: safepay Source: http://nz4z6ruzcekriti5cjjiiylzvrmysyqwibxztk6voem4trtx7gstpjid.onion#welcomewagon Discovered: 2025-01-25 20:27:19.913750 Published: 2025-01-25 20:27:19.913750 Description : US-based company focused on connecting new homeowners and movers with local businesses. Specializes in welcoming new residents to their community. Utilizes direct mail marketing, digital marketing services, and gift books.…
Read More
No Honour Among Thieves: Uncovering a Trojanized XWorm RAT Builder Propagated by Threat Actors and Disrupting Its Operations
A trojanized version of the XWorm RAT builder has been weaponized and disseminated primarily through GitHub and other file-sharing services, targeting novice users in cybersecurity. The malware has compromised over 18,459 devices globally, exfiltrating sensitive data and utilizing Telegram for command-and-control operations. Disruption efforts have been made to mitigate its impact, but challenges remain due to offline devices and rate-limiting on Telegram.…
Read More
Cybersecurity News Review, Week 4 (2025)
This week’s cybersecurity overview includes critical vulnerabilities in various software and hardware, exploits of chained vulnerabilities, record-high DDoS attacks, and a notable ransomware surge, particularly impacting education and utilities. The article emphasizes the necessity for improved security measures across affected sectors. Affected: 7-Zip, Asus, Ivanti Cloud Service Appliances, Cisco, Cambium Networks, ABB, UK Education Sector, PowerSchool, US Utilities, Russia, Iran

Keypoints :

7-Zip has a critical vulnerability (CVE-2025–0411) that allows code execution by bypassing the Mark of the Web security feature.…
Read More
Malicious Software and Its Types
This article explores various types of malware, detailing their characteristics, examples, and consequences in the cybersecurity landscape. It covers viruses, worms, trojans, spyware, rootkits, ransomware, and cryptojacking, highlighting both historical examples and mitigation strategies. Affected: malware, computer systems, data security

Keypoints :

Malware is software developed to harm computer systems, steal data, or gain unauthorized access.…
Read More