The SonicWall Capture Labs threat research team has been observing PDF files with QR codes being abused by malware authors to deceive users for a long time.
QR codes are …
Tag: SMS
Threat Actor: Unknown | Unknown Victim: Shopify | Shopify Price: Not publicly listed Exfiltrated Data Type: Personal and transactional information of Shopify users
Key Points :
An individual claims to…Summary: This article discusses how cybercriminals target YouTube channels to carry out scams and distribute malware, posing a threat to both content creators and viewers.
Threat Actor: Cybercriminals | Cybercriminals …
Threat Actor: ph1ns | ph1ns Victim: Philippines Department of Information and Communications Technology – Disaster Risk Reduction Management Division (DICT-DRRMD) | DICT-DRRMD Price: Not specified Exfiltrated Data Type: Not specified…
Summary: The content discusses the vulnerabilities in 5G technologies that put mobile devices at risk of data theft and denial of service attacks.
Threat Actor: Hackers
Victim: Mobile device users…
Summary: The Medusa banking trojan for Android has resurfaced in campaigns targeting several countries, using more compact variants with fewer permissions and new features to initiate transactions directly from compromised …
In a hacker forum monitored by SOCRadar, a new alleged phone numbers sale is detected for WhatsApp.
I’m selling Upto 1 billion WhatsApp mobile numbers of below countries, All are …
Key Points
In May 2024, the Cleafy Threat Intelligence team tracked new fraud campaigns involving the Medusa (TangleBot) banking trojan, which had been under the radar for almost a year.…
Read More
Summary: Multifactor authentication (MFA) is playing a significant role in determining the success of attackers in penetrating network defenses, with MFA appearing in almost half of all security incidents encountered …
Summary: A 22-year-old man from the UK, known as “Tyler,” has been arrested in Spain for allegedly leading the cybercrime group Scattered Spider, which is responsible for hacking into numerous …
Summary: The Security Service of Ukraine (SSU) has dismantled the infrastructure used by pro-Russia Ukraine residents to break into soldiers’ devices and deploy spyware. The infrastructure included bot farms and …
Summary: The notorious cybercriminal group Smishing Triad is targeting smartphone users in Pakistan with a large-scale smishing campaign aimed at stealing personal and financial information.
Threat Actor: Smishing Triad | …
Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.
Resecurity researchers have recently revealed that the Smishing Triad group has launched a fresh smishing campaign targeting Pakistani …
Summary: The Scattered Spider gang has shifted their focus to stealing data from software-as-a-service (SaaS) applications and creating new virtual machines for persistence.
Threat Actor: Scattered Spider | Scattered Spider …
Summary: A Pakistani threat actor known as Cosmic Leopard has been conducting cyber espionage and surveillance on Indian government-associated entities for the past six years.
Threat Actor: Cosmic Leopard | …
Introduction
Read More
UNC3944 is a financially motivated threat group that carries significant overlap with public reporting of “0ktapus,” “Octo Tempest,” “Scatter Swine,” and “Scattered Spider,” and has been observed adapting its …
ESET researchers have identified five campaigns targeting Android users with trojanized apps. Most probably carried out by the Arid Viper APT group, these campaigns started in 2022 and three of …
Intro
Read More
Resecurity has identified a new activity of Smishing Triad, which has expanded its operations to Pakistan. The group’s latest tactic involves sending malicious messages on behalf of Pakistan Post …
The UK authorities have apprehended two individuals suspected of employing a homemade mobile antenna to distribute thousands of smishing messages posing as UK banks and other official organizations.
The duo, …
By Gi7w0rm, Asheer Malhotra and Vitor Ventura.
Cisco Talos is disclosing a new malware campaign called “Operation Celestial Force” running since at least 2018. It is still active today, employing…Summary: British police have arrested two individuals involved in an SMS-based phishing campaign using a homemade device that bypassed network operators’ anti-SMS-based phishing defenses.
Threat Actor: Unknown | SMS-based phishing …
DID YOU KNOW A CYBERATTACK HAPPENS EVERY
39 SECONDS?
Read More
This staggering amount underscores the imminent need for cyber security to be treated as a global priority. Moreover, with the explosion …
AhnLab SEcurity intelligence Center (ASEC) has been publishing the Online Scams series to inform the readers about the ever-evolving scams. Prevention and blocking are the two most important measures to …
Summary: This article discusses the cost of a phishing-as-a-service platform and how cybercriminals are targeting European banking clients with this method.
Threat Actor: Cybercriminals | Cybercriminals Victim: European banking clients …
Threat Actor: Unknown | Unknown Victim: Pezesha | Pezesha Price: $300 Exfiltrated Data Type: National ID Numbers, Phone Numbers, Photo IDs, Additional Data
Additional Information :
The breach occurred on…
Intro
Read More
Resecurity has uncovered a cybercriminal group that is equipping fraudsters with sophisticated phishing kits to target banking customers in the EU. These kits are designed to intercept sensitive information, …
Authored by Dexter Shin
Many government agencies provide their services online for the convenience of their citizens. Also, if this service could be provided through a mobile app, it would …
CryptoChameleon is a phishing kit first discovered in February 2024. As of publication, the identity of CryptoChameleon’s creator remains elusive.
The kit is used by unknown threat actors to harvest …
Identifier: TRR240501.
SummaryEarlier in May, our security product spotted a malicious payload, which was tentatively delivered to a computer in Brazil, via an intricate infection chain involving Python scripts …
Introduction
Read More
At Zscaler ThreatLabz, we regularly monitor the Google Play store for malicious applications. Over the past few months, we identified and analyzed more than 90 malicious applications uploaded to …
Summary: Researchers have discovered multiple fake AV sites that are distributing info-stealers, including APK, EXE, and Inno setup installer files with spy and stealer capabilities. These sites are masquerading as …
By Gurumoorthi Ramanathan · May 23, 2024
Executive summaryIn mid-April 2024, Trellix Advanced Research Center team members observed multiple fake AV sites hosting highly sophisticated malicious files such as …
Summary: This content discusses criminal campaigns that exploit cloud storage services to redirect users to malicious websites and steal their information using SMS messages.
Threat Actor: Unnamed threat actors | …
Threat Actor: Native-One | Native-One Victim: Multiple users | Multiple users Price: Not specified Exfiltrated Data Type: Not specified
Additional Information :
GhostHook v1.0 is a file-less browser malware developed…Summary: Zoom has introduced post-quantum end-to-end encryption (E2EE) for video conferencing, making it the first UCaaS company to offer such a solution.
Threat Actor: N/A
Victim: N/A
Key Point :…
On February 22, 2025, the Critical Infrastructure and Security Agency (CISA) issued a #StopRansomware: ALPHV Blackcat ransomware alert. This alert builds upon earlier Federal Bureau of Investigation (FBI) work and …
Summary: A new banking Trojan called Antidot has been discovered by Cyble Research and Intelligence Labs, targeting Android devices with sophisticated malware features.
Threat Actor: Antidot Trojan | Antidot Trojan …
Threat Actor: Unknown | Unknown Victim: Especialistas Contacto Directo (ECD) | Especialistas Contacto Directo Price: $5000 Exfiltrated Data Type: Personal details, including names, addresses, phone numbers, email addresses, account and …
Key Takeaways
A new Android Banking Trojan, “Antidot,” masquerading as a Google Play update application, displays fake Google Play update pages in multiple languages, indicating a wide range of targets. …
Read More
Summary: Finland’s Transport and Communications Agency (Traficom) has warned about an ongoing Android malware campaign that targets online bank accounts. Scammers send SMS messages instructing recipients to call a number …
Executive Summary
Voice phishing groups are building phishing pages, developing malicious Android apps to trick victims into accessing phishing sites, and installing the apps for financial fraud to steal money…
Read More
Published On : 2024-05-03
EXECUTIVE SUMMARYThe team at CYFIRMA recently intercepted Android malware suspected to have been delivered by a Pakistan-based APT group targeting Indian defense personnel. Surprisingly, the …
Threat Actor: Cyber attackers | Cyber attackers Victim: Dropbox Sign | Dropbox Sign Price: N/A Exfiltrated Data Type: Customer information, authentication data, API keys, OAuth tokens, multi-factor authentication details
Additional …
This week, CERT-AGID found and analysed, in the Italian scenario of its reference, a total of 27 malicious campaigns , of which 21 with Italian objectives and 6 generic ones which nevertheless affected …
Summary: Google blocked millions of Android apps and suspended thousands of developer accounts in an effort to protect users and maintain the security of its official app store.
Threat Actor: …
Summary: This content discusses a phishing campaign that targets the United States Postal Service (USPS) and highlights how the traffic to fake USPS domains is similar to or even higher …
Written by: Kelli Vanderlee, Jamie Collier
Executive Summary
The election cybersecurity landscape globally is characterized by a diversity of targets, tactics, and threats. Elections attract threat activity from a variety …
Victim: atriline.by Country : Belarus Actor: darkvault Source: http://mdhby62yvvg6sd5jmx5gsyucs7ynb5j45lvvdh4dsymg43puitu7tfid.onion//post/MmQ1NWE5YThhZjU0ZWVjZjk0Y2NmMm Discovered: 2024-04-25 22:26:24.765375 Published: 2024-04-25 00:00:00.000000 Description :
Online ticket sales for the Bobruisk – Minsk – Bobruisk route Purchase takes…
Key Takeaways
A new Android Banking Trojan, “Brokewell”, was identified as distributing via a fake Chrome Update phishing site.
The malware’s development is attributed to the developer, “Baron Samedit,” who…
Read More
Summary: Google is updating the client-side encryption mechanism for Google Meet to allow external participants, including those without Google accounts, to join encrypted calls.
Threat Actor: N/A
Victim: N/A
Key …