The SonicWall Capture Labs threat research team has been observing PDF files with QR codes being abused by malware authors to deceive users for a long time.
QR codes are …
The SonicWall Capture Labs threat research team has been observing PDF files with QR codes being abused by malware authors to deceive users for a long time.
QR codes are …
Threat Actor: Unknown | Unknown Victim: Shopify | Shopify Price: Not publicly listed Exfiltrated Data Type: Personal and transactional information of Shopify users
Key Points :
An individual claims to…Summary: This article discusses how cybercriminals target YouTube channels to carry out scams and distribute malware, posing a threat to both content creators and viewers.
Threat Actor: Cybercriminals | Cybercriminals …
Threat Actor: ph1ns | ph1ns Victim: Philippines Department of Information and Communications Technology – Disaster Risk Reduction Management Division (DICT-DRRMD) | DICT-DRRMD Price: Not specified Exfiltrated Data Type: Not specified…
Summary: The content discusses the vulnerabilities in 5G technologies that put mobile devices at risk of data theft and denial of service attacks.
Threat Actor: Hackers
Victim: Mobile device users…
Summary: The Medusa banking trojan for Android has resurfaced in campaigns targeting several countries, using more compact variants with fewer permissions and new features to initiate transactions directly from compromised …
In a hacker forum monitored by SOCRadar, a new alleged phone numbers sale is detected for WhatsApp.
I’m selling Upto 1 billion WhatsApp mobile numbers of below countries, All are …
Summary: Multifactor authentication (MFA) is playing a significant role in determining the success of attackers in penetrating network defenses, with MFA appearing in almost half of all security incidents encountered …
Summary: A 22-year-old man from the UK, known as “Tyler,” has been arrested in Spain for allegedly leading the cybercrime group Scattered Spider, which is responsible for hacking into numerous …
Summary: The Security Service of Ukraine (SSU) has dismantled the infrastructure used by pro-Russia Ukraine residents to break into soldiers’ devices and deploy spyware. The infrastructure included bot farms and …
Summary: The notorious cybercriminal group Smishing Triad is targeting smartphone users in Pakistan with a large-scale smishing campaign aimed at stealing personal and financial information.
Threat Actor: Smishing Triad | …
Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.
Resecurity researchers have recently revealed that the Smishing Triad group has launched a fresh smishing campaign targeting Pakistani …
Summary: The Scattered Spider gang has shifted their focus to stealing data from software-as-a-service (SaaS) applications and creating new virtual machines for persistence.
Threat Actor: Scattered Spider | Scattered Spider …
Summary: A Pakistani threat actor known as Cosmic Leopard has been conducting cyber espionage and surveillance on Indian government-associated entities for the past six years.
Threat Actor: Cosmic Leopard | …
UNC3944 is a financially motivated threat group that carries significant overlap with public reporting of “0ktapus,” “Octo Tempest,” “Scatter Swine,” and “Scattered Spider,” and has been observed adapting its …
ESET researchers have identified five campaigns targeting Android users with trojanized apps. Most probably carried out by the Arid Viper APT group, these campaigns started in 2022 and three of …
Resecurity has identified a new activity of Smishing Triad, which has expanded its operations to Pakistan. The group’s latest tactic involves sending malicious messages on behalf of Pakistan Post …
The UK authorities have apprehended two individuals suspected of employing a homemade mobile antenna to distribute thousands of smishing messages posing as UK banks and other official organizations.
The duo, …
By Gi7w0rm, Asheer Malhotra and Vitor Ventura.
Cisco Talos is disclosing a new malware campaign called “Operation Celestial Force” running since at least 2018. It is still active today, employing…Summary: British police have arrested two individuals involved in an SMS-based phishing campaign using a homemade device that bypassed network operators’ anti-SMS-based phishing defenses.
Threat Actor: Unknown | SMS-based phishing …
This staggering amount underscores the imminent need for cyber security to be treated as a global priority. Moreover, with the explosion …
AhnLab SEcurity intelligence Center (ASEC) has been publishing the Online Scams series to inform the readers about the ever-evolving scams. Prevention and blocking are the two most important measures to …
Summary: This article discusses the cost of a phishing-as-a-service platform and how cybercriminals are targeting European banking clients with this method.
Threat Actor: Cybercriminals | Cybercriminals Victim: European banking clients …
Threat Actor: Unknown | Unknown Victim: Pezesha | Pezesha Price: $300 Exfiltrated Data Type: National ID Numbers, Phone Numbers, Photo IDs, Additional Data
Additional Information :
The breach occurred on…Resecurity has uncovered a cybercriminal group that is equipping fraudsters with sophisticated phishing kits to target banking customers in the EU. These kits are designed to intercept sensitive information, …
Authored by Dexter Shin
Many government agencies provide their services online for the convenience of their citizens. Also, if this service could be provided through a mobile app, it would …
CryptoChameleon is a phishing kit first discovered in February 2024. As of publication, the identity of CryptoChameleon’s creator remains elusive.
The kit is used by unknown threat actors to harvest …
Identifier: TRR240501.
SummaryEarlier in May, our security product spotted a malicious payload, which was tentatively delivered to a computer in Brazil, via an intricate infection chain involving Python scripts …
At Zscaler ThreatLabz, we regularly monitor the Google Play store for malicious applications. Over the past few months, we identified and analyzed more than 90 malicious applications uploaded to …
Summary: Researchers have discovered multiple fake AV sites that are distributing info-stealers, including APK, EXE, and Inno setup installer files with spy and stealer capabilities. These sites are masquerading as …
By Gurumoorthi Ramanathan · May 23, 2024
Executive summaryIn mid-April 2024, Trellix Advanced Research Center team members observed multiple fake AV sites hosting highly sophisticated malicious files such as …
Summary: This content discusses criminal campaigns that exploit cloud storage services to redirect users to malicious websites and steal their information using SMS messages.
Threat Actor: Unnamed threat actors | …
Threat Actor: Native-One | Native-One Victim: Multiple users | Multiple users Price: Not specified Exfiltrated Data Type: Not specified
Additional Information :
GhostHook v1.0 is a file-less browser malware developed…Summary: Zoom has introduced post-quantum end-to-end encryption (E2EE) for video conferencing, making it the first UCaaS company to offer such a solution.
Threat Actor: N/A
Victim: N/A
Key Point :…
On February 22, 2025, the Critical Infrastructure and Security Agency (CISA) issued a #StopRansomware: ALPHV Blackcat ransomware alert. This alert builds upon earlier Federal Bureau of Investigation (FBI) work and …
Summary: A new banking Trojan called Antidot has been discovered by Cyble Research and Intelligence Labs, targeting Android devices with sophisticated malware features.
Threat Actor: Antidot Trojan | Antidot Trojan …
Threat Actor: Unknown | Unknown Victim: Especialistas Contacto Directo (ECD) | Especialistas Contacto Directo Price: $5000 Exfiltrated Data Type: Personal details, including names, addresses, phone numbers, email addresses, account and …
Summary: Finland’s Transport and Communications Agency (Traficom) has warned about an ongoing Android malware campaign that targets online bank accounts. Scammers send SMS messages instructing recipients to call a number …
Published On : 2024-05-03
EXECUTIVE SUMMARYThe team at CYFIRMA recently intercepted Android malware suspected to have been delivered by a Pakistan-based APT group targeting Indian defense personnel. Surprisingly, the …
Threat Actor: Cyber attackers | Cyber attackers Victim: Dropbox Sign | Dropbox Sign Price: N/A Exfiltrated Data Type: Customer information, authentication data, API keys, OAuth tokens, multi-factor authentication details
Additional …
This week, CERT-AGID found and analysed, in the Italian scenario of its reference, a total of 27 malicious campaigns , of which 21 with Italian objectives and 6 generic ones which nevertheless affected …
Summary: Google blocked millions of Android apps and suspended thousands of developer accounts in an effort to protect users and maintain the security of its official app store.
Threat Actor: …
Summary: This content discusses a phishing campaign that targets the United States Postal Service (USPS) and highlights how the traffic to fake USPS domains is similar to or even higher …
Written by: Kelli Vanderlee, Jamie Collier
Executive Summary
The election cybersecurity landscape globally is characterized by a diversity of targets, tactics, and threats. Elections attract threat activity from a variety …
Victim: atriline.by Country : Belarus Actor: darkvault Source: http://mdhby62yvvg6sd5jmx5gsyucs7ynb5j45lvvdh4dsymg43puitu7tfid.onion//post/MmQ1NWE5YThhZjU0ZWVjZjk0Y2NmMm Discovered: 2024-04-25 22:26:24.765375 Published: 2024-04-25 00:00:00.000000 Description :
Online ticket sales for the Bobruisk – Minsk – Bobruisk route Purchase takes…Summary: Google is updating the client-side encryption mechanism for Google Meet to allow external participants, including those without Google accounts, to join encrypted calls.
Threat Actor: N/A
Victim: N/A
Key …