Victim: www.rekamy.com
Country : MY
Actor: babuk
Source: http:/7dikawx73goypgfi4zyo5fcajxwb7agemmiwqax3p54aey4dwobcvcyd.onion/blog/99b5f21e6809fa3b3992cf6ba1ef0b3cd8850ff3910cbdd76f9dd2ecd5e68dc9/
Discovered: 2025-01-27 07:33:30.744088
Published: 2025-01-27 07:32:25.115605
Description :
The domain www.rekamy.com has been previously claimed by ransomhub.
This situation may indicate a potential new cyber attack.
There could be a cross-claim occurring between brands by the same threat actor.…
Read More
Tag: PHISHING
Victim: www.go4kora.tv
Country :
Actor: babuk
Source: http:/7dikawx73goypgfi4zyo5fcajxwb7agemmiwqax3p54aey4dwobcvcyd.onion/blog/040c040c85339ebb4b2a8f8d865b4d2c5c83121b48c8dfde5436a78b113919fa/
Discovered: 2025-01-27 07:34:41.059008
Published: 2025-01-27 07:33:32.864759
Description :
www.go4kora.tv has been previously claimed by ransomhub.
This might indicate a new attack.
Potential cross-claim between brands by the same threat actor.
Possibility of recycling previously leaked stolen data.
About Country
Read More
– Cybersecurity Landscape: The country has a growing focus on enhancing its cybersecurity infrastructure, with an emphasis on protecting critical information systems and financial institutions.…
Victim: www.ykp.com.br
Country : BR
Actor: babuk
Source: http:/7dikawx73goypgfi4zyo5fcajxwb7agemmiwqax3p54aey4dwobcvcyd.onion/blog/f48b1e6bde5227d8950b8c30a544e9ba2a6694f6b9f19d8bec21f699ea1abbe8/
Discovered: 2025-01-27 07:35:47.549845
Published: 2025-01-27 07:34:43.237927
Description :
www.ykp.com.br has been claimed by ransomhub.
This may indicate a new attack.
There could be a cross-claim between brands by the same threat actor.
Possibility of recycling previously leaked stolen data.…
Read More
Victim: www.al-shefafarm.ro
Country : RO
Actor: babuk
Source: http:/7dikawx73goypgfi4zyo5fcajxwb7agemmiwqax3p54aey4dwobcvcyd.onion/blog/752e94e3424c7e1a707ab23360ef3ff73d7cf58cb66b2b8ef5b9c1dc5ccf7ddd/
Discovered: 2025-01-27 07:36:55.618193
Published: 2025-01-27 07:35:49.174922
Description :
Website: www.al-shefafarm.ro
Previously claimed by: ransomhub
Possible implications:
Indicates a potential new attack
Suggests a cross-claim between brands by the same threat actor
Possibility of recycling previously leaked stolen data
About Country RO (Romania) in Cybersecurity Perspective
Read More
– Growing Cybersecurity Sector: Romania has developed a robust cybersecurity industry, with various companies offering a range of services from threat detection to incident response.…
Summary: A report by Recorded Future details the operations of a Russian crypto scamming group known as Crazy Evil, which utilizes advanced techniques and malware to conduct scams on social media, targeting cryptocurrencies and digital assets. The group has been active since 2021 and is linked to multiple active scams, reportedly generating over million in illicit revenue while compromising tens of thousands of devices globally.…
Read More
Summary: A new threat actor called GamaCopy has been observed emulating tactics from the Kremlin-aligned Gamaredon group, primarily targeting Russian-speaking entities. The group is noted for using military-related content to deploy UltraVNC for remote access, closely resembling techniques used by another hacking faction, Core Werewolf. This pattern of behavior highlights an evolving landscape of cyber threats amidst ongoing geopolitical tensions stemming from the Russo-Ukrainian war.…
Read More
Victim: Kurosu & Co.SA – kurosu.com.py
Country : PY
Actor: babuk
Source: http:/7dikawx73goypgfi4zyo5fcajxwb7agemmiwqax3p54aey4dwobcvcyd.onion/blog/9169dd48cabbf3e397e0a7a8e857dcab66598b3c22984607080f4a13b77b51e9/
Discovered: 2025-01-27 08:17:55.100458
Published: 2025-01-27 08:16:45.236899
Description :
Kurosu & Co.SA – kurosu.com.py
LEAKED
About Country PY (Paraguay) – Cybersecurity Perspective and Ransomware Cases
Read More
– Growing Digital Landscape: Paraguay has been rapidly adopting digital technologies, leading to increased internet usage and online services.…
This article explores a malicious campaign utilizing Blogspot links for redirection to various fraudulent sites, including phishing and malware distribution. The campaign targets unsuspecting users who may mistake these links for legitimate content due to their deceptive appearance on social media. It provides detailed insights on how to investigate such redirects and identifies indicators of compromise related to the threat.…
Read More
The article discusses the InvisibleFerret malware, associated with North Korean threat actors, exploiting fake job interviews to distribute itself. This malware targets sensitive files, source code, and user data in technological, financial, and cryptocurrency sectors, demonstrating high levels of sophistication and stealth. Affected: technological sector, financial sector, cryptocurrency sector
Read More
Keypoints :
North Korean activity observed using fake job interviews to spread malware.…
The article discusses a security breach at CyberHaven, where a phishing attack led to the deployment of a trojanized Chrome extension. The malicious extension was used to exfiltrate sensitive data from users by manipulating Chrome’s storage and communication mechanisms. This incident highlights the risks associated with browser-based threats and the growing relevance of malicious browser extensions.…
Read More
Victim: www.shootinghouse.com.br
Country : BR
Actor: babuk
Source: http:/7dikawx73goypgfi4zyo5fcajxwb7agemmiwqax3p54aey4dwobcvcyd.onion/blog/c0b63c60d94025eff1accba59f0f42fd8a932576faf925c2cd5044201bd98676/
Discovered: 2025-01-27 07:40:30.365873
Published: 2025-01-27 07:39:16.857312
Description :
Here are the key points about the website www.shootinghouse.com.br:
Offers various shooting experiences and packages.
Features a range of firearms and equipment for use during sessions.
Provides safety briefings and professional instruction.…
Read More
Summary: Cybersecurity researchers have uncovered a campaign utilizing MintsLoader malware, which targets sectors like electricity and legal services in the U.S. and Europe to spread secondary payloads, including the StealC information stealer. The campaign employs phishing techniques involving fake CAPTCHA prompts to trick users into executing malicious scripts.…
Read More
This week’s review of threat intelligence reports highlights a surge in malware targeting macOS, the rise in supply chain attacks affecting Chrome extensions, and sophisticated cyber campaigns including those by North Korean groups. Various indicators of compromise and details on techniques used were extracted to provide a comprehensive overview of the threats.…
Read More
Cyberattacks are increasingly targeting various entities including managed service providers, businesses, and home users. Understanding the stages of these attacks, which range from reconnaissance to control, is essential for strengthening cybersecurity defenses. Threat intelligence plays a crucial role in helping organizations prepare for and respond to these threats effectively.…
Read More
Victim: Weeks, Brucker & Coleman, Ltd | Legal Services
Country : US
Actor: everest
Source: http://ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion/weeks-brucker-coleman-ltd-legal-services/
Discovered: 2025-01-27 01:34:10.842697
Published: 2025-01-27 01:34:10.842697
Description :
Weeks, Brucker & Coleman, Ltd internal network was compromised.
More than 150GB of important internal data was exfiltrated.
The stolen data included internal and confidential information.…
Read More
Victim: achieverssciencejournal.org
Country : NG
Actor: funksec
Source: http://funkxxkovrk7ctnggbjnthdajav4ggex53k6m2x3esjwlxrkb3qiztid.onion/achieverssciencejournal.org
Discovered: 2025-01-26 22:12:37.658287
Published: 2025-01-26 22:12:37.658287
Description :
Achievers Science Journal is an educational organization.
Dedicated to producing and distributing science-related content.
Focuses on assisting in the development and learning of students in the science field.
Offers published scientific articles and resources for science learning.…
Read More
Victim: ransom price is 10k for all
Country :
Actor: funksec
Source: http://funkxxkovrk7ctnggbjnthdajav4ggex53k6m2x3esjwlxrkb3qiztid.onion/Funksec2.0
Discovered: 2025-01-26 12:34:45.065024
Published: 2025-01-26 12:34:45.065024
Description :
Clarification about the term “Ransom price is 10k for all”
Suggests it may refer to a situation involving ransomware or a hostage scenario
Indicates it’s not a valid company name
Requests for actual company details if available
About Country: Cybersecurity Perspective and Ransomware Cases
Read More
1.…
Summary: Cybercriminals are increasingly using phishing attacks that spoof well-known brands to deceive users into revealing sensitive information. A recent report from Check Point Research identifies the most commonly spoofed brands and highlights the need for vigilance against these threats. Key brands targeted include Microsoft, Apple, and Google, with specific campaigns impersonating services like PayPal and Facebook.…
Read More
The rapid evolution of AI, particularly tools like ChatGPT, has revolutionized industries — but it has also opened Pandora’s box of cybersecurity risks. From malicious chatbots to regulatory rollbacks, the intersection of AI and cybersecurity demands urgent attention. Here’s a breakdown of the latest threats and how to mitigate them.…
Victim: welcomewagon.com
Country : US
Actor: safepay
Source: http://nz4z6ruzcekriti5cjjiiylzvrmysyqwibxztk6voem4trtx7gstpjid.onion#welcomewagon
Discovered: 2025-01-25 20:27:19.913750
Published: 2025-01-25 20:27:19.913750
Description :
US-based company focused on connecting new homeowners and movers with local businesses.
Specializes in welcoming new residents to their community.
Utilizes direct mail marketing, digital marketing services, and gift books.…
Read More