Threat Actor: Cambridge Analytica | Cambridge Analytica Victim: Facebook | Facebook Price: N/A Exfiltrated Data Type: Facebook user data

Additional Information:

The Israeli Justice Ministry has launched an investigation into the leakage of Facebook user data to confirm if Israeli user information was stolen. The Israel Ministry’s Privacy Protection Authority has informed Facebook about the potential illegal “stealing” of personal information and other possible violations of Israel’s privacy laws.…
Read More

Summary: This article discusses a cyber fraud case in Zambia, where 22 Chinese nationals have pleaded guilty to cyber-related crimes as part of an organized internet fraud syndicate.

Threat Actor: Chinese nationals | Chinese nationals Victim: Individuals in Zambia and various countries | Zambia cyber fraud victims

Key Point :

Twenty-two Chinese nationals have pleaded guilty to cyber-related crimes in Zambia as part of an organized internet fraud syndicate.…
Read More

AhnLab SEcurity intelligence Center (ASEC) has been publishing the Online Scams series to inform the readers about the ever-evolving scams. Prevention and blocking are the two most important measures to mitigate the damage inflicted by scams. Various security providers are supporting features to detect and block the damage from scams, financial frauds, and phishing.…

Read More

Summary: This blog discusses AI jailbreaks, their impact on generative AI systems, and how to mitigate the associated risks and harms.

Threat Actor: N/A

Victim: N/A

Key Point :

An AI jailbreak is a technique that can bypass the defense mechanisms of AI models, leading to harmful consequences such as policy violations, biased decision-making, or execution of malicious instructions.…
Read More

Written by: Michelle Cantos, Jamie Collier

 

Executive Summary Mandiant assesses with high confidence that the Paris Olympics faces an elevated risk of cyber threat activity, including cyber espionage, disruptive and destructive operations, financially-motivated activity, hacktivism, and information operations.  Olympics-related cyber threats could realistically impact various targets including event organizers and sponsors, ticketing systems, Paris infrastructure, and athletes and spectators traveling to the event. …
Read More

Summary: Attackers have exploited a zero-day vulnerability in TikTok’s direct messages feature to hijack high-profile accounts belonging to companies and celebrities, including Sony, CNN, and Paris Hilton.

Threat Actor: Unknown | Unknown Victim: TikTok | TikTok

Key Point :

Attackers have hijacked high-profile TikTok accounts using a zero-day vulnerability in the platform’s direct messages feature.…
Read More

Summary: Two Russian state-aligned threat actors are conducting online influence operations to undermine the upcoming Olympic Games in Paris, spreading fake news and doctored images on social media.

Threat Actor: Storm-1679 and Storm-1099 (aka “Doppelganger”) | Storm-1679, Storm-1099

Victim: International Olympic Committee (IOC) | International Olympic Committee

Key Point :

Storm-1679 and Storm-1099 have been spreading fake news, doctored images, and AI-aided videos about the Olympics on social media.…
Read More

Manila, Philippines – The hacker collective, DeathNote Hackers International, has issued a warning about potential cyber threats against a civilian-led Philippine coalition. In a recent post on their social media page, the group expressed serious concerns over the security of a new website, westphilippinesea.info, which is connected to the West Philippine Sea initiative.…

Read More

Published On : 2024-06-03

Executive Summary

At CYFIRMA, we are dedicated to providing current insights into prevalent threats and strategies utilized by malicious entities, targeting both organizations and individuals. This in-depth examination focuses on the Vidar Stealer, an information stealer operating as a malware-as-a-service. The research explores the tactics employed by threat actor(s) to evade detection on the system and over the network, as well as their techniques for concealing malicious code and activities.…

Read More

Summary: OpenAI has reported that threat actors linked to the governments of Russia, China, and Iran have used its tools for influence operations, generating various types of content including articles, social media posts, and fake comments.

Threat Actor: Governments of Russia, China, and Iran | Governments of Russia, China, and Iran Victim: OpenAI | OpenAI

Key Point :

Threat actors from Russia, China, and Iran have utilized OpenAI’s tools for conducting influence operations.…
Read More

Summary: This article discusses the cyberattack on Aliquippa Water Plant and highlights the vulnerabilities in operational technology (OT) systems, emphasizing the importance of critical infrastructure security.

Threat Actor: Unknown | Unknown Victim: Aliquippa Water Plant | Aliquippa Water Plant

Key Point :

The war between Israel and Hamas resulted in an increase in cyberattacks targeting operational technology, prompting Microsoft to issue a warning to critical infrastructure operators about the risks of internet-exposed OT systems.…
Read More
Executive Summary

Lumen Technologies’ Black Lotus Labs identified a destructive event, as over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP). The incident took place over a 72-hour period between October 25-27, rendered the infected devices permanently inoperable, and required a hardware-based replacement.…

Read More

Summary: The content discusses the rise of identity-related incidents in businesses and highlights recent incidents involving social engineering, credential stuffing, and lack of multi-factor authentication.

Threat Actor: N/A

Victim: Clorox, MGM, Caesars, 23andMe, UnitedHealth

Key Point :

Identity-related incidents are on the rise due to identity sprawl and system complexity.…
Read More

Summary: The National Institute of Standards and Technology (NIST) has awarded a contract to an outside vendor to help process software and hardware bugs added to the National Vulnerability Database (NVD), addressing concerns about the backlog of unanalyzed vulnerabilities since February.

Threat Actor: N/A Victim: N/A

Key Point :

NIST has awarded a contract to an outside vendor to assist in processing software and hardware bugs added to the NVD, addressing concerns about the backlog of unanalyzed vulnerabilities.…
Read More

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and cyberespionage objectives. Moonstone Sleet is observed to set up fake companies and job opportunities to engage with potential targets, employ trojanized versions of legitimate tools, create a fully functional malicious game, and deliver a new custom ransomware.…

Read More