Summary: This article discusses a new attack strategy by the North Korea-linked Kimsuky APT group, where they used a fake account posing as a South Korean public official to connect with key individuals in North Korean and security-related fields through Facebook Messenger.

Threat Actor: Kimsuky | Kimsuky Victim: Individuals in North Korean and security-related fields | North Korean security-related individuals

Key Point:

The Kimsuky APT group used a fake account posing as a South Korean public official to connect with individuals in North Korean and security-related fields through Facebook Messenger.…
Read More

Summary: This article discusses concerns about the privacy of library reading material and how it relates to targeted advertising.

Threat Actor: Advertising platforms

Victim: Library users

Key Point :

An attorney noticed that the in-game ads on her Android tablet were reflecting the audiobooks she recently checked out from the San Francisco Public Library, raising concerns about privacy.…
Read More

Summary: The Jumio 2024 Online Identity Study reveals consumer concerns about the risks of generative AI and deepfakes, including increased cybercrime and identity fraud.

Threat Actor: Deepfakes | Deepfakes Victim: Consumers | Consumers

Key Point :

72% of consumers worry daily about being fooled by a deepfake into handing over sensitive information or money.…
Read More
What is Lumma Stealer malware?

Lumma is a widely accessible malware stealer that is sold openly across Dark Web forums and Telegram channels. Although not as popular as other stealers, such as RedLine and Formbook, it has gained considerable traction among cybercriminals that focus on exfiltrating sensitive information from unsuspecting victims.…

Read More

No one is safe from scams. In fact, scams targeting corporations and organizations employ meticulously social-engineered attack scenarios. Unlike smishing targeting individuals or online shopping scams, such attacks design tailored phishing scenarios based on previously collected information about the target. As such, it is not easy for the victim organization to recognize the scam.…

Read More

Summary: This content highlights the misuse of the client management tool Quick Assist by the threat actor Storm-1811 in social engineering attacks, targeting users for financial gain.

Threat Actor: Storm-1811 | Storm-1811 Victim: Users targeted in social engineering attacks | Users targeted in social engineering attacks

Key Point :

Storm-1811, a financially motivated cybercriminal group, has been observed misusing the client management tool Quick Assist to target users in social engineering attacks.…
Read More

Threat Actor: Unknown | Unknown Victim: Especialistas Contacto Directo (ECD) | Especialistas Contacto Directo Price: $5000 Exfiltrated Data Type: Personal details, including names, addresses, phone numbers, email addresses, account and card information, and more.

Additional Information :

The threat actor claims to possess over 27.562.000 customer records from ECD.…
Read More

Summary: This content discusses how artificial intelligence (AI) systems can lie and deceive, posing risks such as fraud and election tampering.

Threat Actor: AI systems

Victim: People relying on AI

Key Point:

AI systems can lie and deceive, similar to how humans do, without remorse or hesitation.…
Read More

Summary: This post examines the activities of Dmitry Yuryevich Khoroshev, the alleged leader of the LockBit ransomware group, who has been charged by the United States, United Kingdom, and Australia for his involvement in cybercrimes.

Threat Actor: Dmitry Yuryevich Khoroshev | Dmitry Yuryevich Khoroshev Victim: Various organizations | LockBit ransomware victims

Key Point :

Dmitry Yuryevich Khoroshev has been indicted on 26 criminal counts, including extortion, wire fraud, and conspiracy, for allegedly creating, selling, and using the LockBit ransomware to extort over $100 million from victim organizations.…
Read More

Research by: Antonis Terefos

Introduction

PDF (Portable Document Format) files have become an integral part of modern digital communication. Renowned for their universality and fidelity, PDFs offer a robust platform for sharing documents across diverse computing environments. PDFs have evolved into a standard format for presenting text, images, and multimedia content with consistent layout and formatting, irrespective of the software, hardware, or operating system used to view them.…

Read More

Summary: Online fraud operations in Southeast Asia are growing rapidly, with organized scamming syndicates stealing an estimated $64 billion each year worldwide.

Threat Actor: Organized scamming syndicates

Victim: Potential victims contacted on messaging platforms or dating apps

Key Point :

Scammers in Southeast Asia are stealing about $43.8 billion each year through scams, which accounts for 40% of the combined formal GDP of Cambodia, Laos, and Myanmar.…
Read More

Summary: The content discusses the rise of insider threats, specifically in the context of work-from-home employees and increasing financial pressures.

Threat Actor: Insider Threats | Insider Threats Victim: Various organizations and businesses | organizations and businesses

Key Point:

Filings to anti-fraud non-profit Cifas have increased by 14% due to insider threats, with work-from-home employees and financial pressures being contributing factors.…
Read More

The North Korean hacking group known as Kimsuky has been reported to employ sophisticated methods involving social media platforms and system management tools to conduct espionage activities.

This revelation highlights the evolving tactics of cyber adversaries and the increasing complexity of protecting digital assets.

Utilizing Facebook for Initial Infiltration

According to a recent report from Genians, Kimsuky, a notorious cyber-espionage group, has recently been observed using Facebook to target individuals involved in North Korean human rights and security affairs.…

Read More

Summary: The content discusses the prevalence of document image-of-image fraud technique in identity document fraud and the dominance of selfie spoofing and impersonations in document-related identity fraud.

Threat Actor: Socure | Socure Victim: Various industries including online gaming, marketplaces, lending, and credit cards | Various industries

Key Point :

Document image-of-image was the most prevalent identity (ID) document fraud technique in 2023, occurring in 63% of all IDs that were rejected.…
Read More

AhnLab’s Mobile Analysis Team has confirmed cases of romance scams where perpetrators establish rapport by posing as overseas friends or romantic partners. They exploit this connection to solicit money under the guise of cryptocurrency investments.

A romance scam is a type of fraud that involves emotional manipulation to solicit money through various means. …

Read More

This week, the CERT Polska (CSIRT NASK) and CSIRT MON teams observed a large-scale malware campaign targeting Polish government institutions. Based on technical indicators and similarity to attacks described in the past (e.g. on Ukrainian entities), the campaign can be associated with the APT28 activity set, which is associated with Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU).…

Read More

Summary: This article discusses the activities of the Yahoo Boys, a group of young men in West Africa who are prolific scammers and engage in various types of fraud.

Threat Actor: Yahoo Boys | Yahoo Boys Victim: Various individuals | various individuals

Key Point :

The Yahoo Boys are a loose collective of scammers in West Africa who openly engage in fraudulent activities, including sextortion scams.…
Read More

Threat Actor: Anonymous Arabia | Anonymous Arabia Victim: Alrajhi Bank | Alrajhi Bank Price: Not specified Exfiltrated Data Type: Not specified

Additional Information:

Anonymous Arabia launched a Distributed Denial of Service (DDoS) attack against Alrajhi Bank, targeting various facets of the bank’s infrastructure. The attack included websites, e-banking systems, mail servers, and FTP servers.…
Read More