This week, the CERT Polska (CSIRT NASK) and CSIRT MON teams observed a large-scale malware campaign targeting Polish government institutions. Based on technical indicators and similarity to attacks described in the past (e.g. on Ukrainian entities), the campaign can be associated with the APT28 activity set, which is associated with Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU).…
Tag: SOCIAL MEDIA
Summary: This article discusses the activities of the Yahoo Boys, a group of young men in West Africa who are prolific scammers and engage in various types of fraud.
Threat Actor: Yahoo Boys | Yahoo Boys Victim: Various individuals | various individuals
Key Point :
The Yahoo Boys are a loose collective of scammers in West Africa who openly engage in fraudulent activities, including sextortion scams.…With the advancement of scamming technology, determining the authenticity of a site solely based on appearance has become exceedingly difficult. In the past, it was possible to identify fakes by carefully observing discrepancies such as logo size, layout, wording, domain, etc., which scammers often overlooked when creating spoofed websites or emails. …
Threat Actor: Anonymous Arabia | Anonymous Arabia Victim: Alrajhi Bank | Alrajhi Bank Price: Not specified Exfiltrated Data Type: Not specified
Additional Information:
Anonymous Arabia launched a Distributed Denial of Service (DDoS) attack against Alrajhi Bank, targeting various facets of the bank’s infrastructure. The attack included websites, e-banking systems, mail servers, and FTP servers.…Summary: This content discusses the prevalence of recovery fraud in the cryptocurrency space, where victims of crypto scams or cyberattacks are targeted again by individuals or companies claiming to offer recovery services but end up stealing their upfront fees.
Threat Actor: Recovery fraudsters | recovery fraudsters Victim: Individuals who have fallen victim to crypto scams or cyberattacks | crypto scam victims
Key Point :
Recovery fraud, where victims of crypto scams are targeted again by individuals or companies claiming to offer recovery services, is a growing concern in the cryptocurrency space.…Summary: This content discusses a path traversal-affiliated vulnerability pattern found in multiple popular Android applications, which could lead to arbitrary code execution and token theft.
Threat Actor: Microsoft | Microsoft Victim: Multiple popular Android applications | popular Android applications
Key Point :
A path traversal-affiliated vulnerability pattern was discovered in multiple popular Android applications, allowing a malicious application to overwrite files in the vulnerable application’s home directory.…Threat Actor: Anonymous Collective | Anonymous Collective Victim: Saudi Arabia | Saudi Arabia Price: Not specified Exfiltrated Data Type: Not specified
Additional Information:
Anonymous Collective plans to target Saudi Arabia in cyber attacks. The group views Saudi Arabia’s recent actions as a form of censorship and an assault on justice and freedom of speech.…Summary: A hacking group linked to Iran’s Revolutionary Guard Corps impersonated journalists and human rights activists as part of a social engineering campaign, targeting organizations such as The Washington Post and prominent think tanks.
Threat Actor: APT42 | APT42 Victim: Various news organizations and think tanks including The Washington Post, The Economist, and the Aspen Institute.…
Summary: The content discusses the results of a survey conducted by Bitwarden on user password practices, highlighting the prevalence of password reuse and the use of personal information in credentials, which pose significant cybersecurity risks.
Threat Actor: N/A
Victim: N/A
Key Point :
25% of respondents globally reuse passwords across 11-20+ accounts.…Written by: Kelli Vanderlee, Jamie Collier
Executive Summary
The election cybersecurity landscape globally is characterized by a diversity of targets, tactics, and threats. Elections attract threat activity from a variety of threat actors including: state-sponsored actors, cyber criminals, hacktivists, insiders, and information operations as-a-service entities. Mandiant assesses with high confidence that state-sponsored actors pose the most serious cybersecurity risk to elections.…
Summary: The Lazarus Group, a North Korea-linked threat actor, used fabricated job lures to distribute a new remote access trojan called Kaolin RAT. The malware is part of a multi-stage attack chain that ultimately deploys the FudModule rootkit.
Threat Actor: Lazarus Group | Lazarus Group Victim: Not specified
Key Point :
The Lazarus Group used fabricated job offers to trick targets into launching a malicious optical disc image (ISO) file.…Summary: Iranian state-sponsored hackers infiltrated hundreds of thousands of employee accounts at US companies and government agencies as part of a multiyear cyber espionage campaign aimed at stealing military secrets.
Threat Actor: Iranian state-sponsored hackers | Iranian state-sponsored hackers Victim: US companies and government agencies | US companies and government agencies
Key Point :
An elite team of Iranian state-sponsored hackers successfully infiltrated hundreds of thousands of employee accounts at US companies and government agencies as part of a multiyear cyber espionage campaign aimed at stealing military secrets.…Summary: This content highlights the concerns and impact of deepfake technology, particularly in relation to elections and the spread of misinformation and disinformation.
Threat Actor: AI-generated deepfake technology
Victim: General public
Key Point :
23% of Americans have encountered a political deepfake that they later discovered to be fake, indicating the prevalence of this technology.…Summary: A hacker has been found guilty of orchestrating a $110 million cryptocurrency fraud scheme involving the Mango Markets decentralized finance platform.
Threat Actor: Hacker | Aaron Eisenberg Victim: Mango Markets | Mango Markets
Key Point :
A hacker has been convicted of fraudulently obtaining $110 million from cryptocurrency exchange Mango Markets and its investors.…Curated bookmark list categorized by area and event monitoring, person of interest search, corporate profiling, mapping, AI, intelligence analysis, reporting tools, collective tools, cryptocurrency, country specific, verification and fact-checking.
They are broken down into appropriate categories such as:
area and event monitoringperson of interest searchcorporate profilingmappingartificial intelligenceintelligence analysisreporting toolscollective toolscryptocurrencycountry specificverification and fact-checking.…How to use:
Enter the username(s) in the search box, select any category filters & click the search icon or press CTRL+EnterResults will present as icons on the left & in a searchable table on the rightDocument & Google searches will automatically populate at the bottom, using the first username in your list as the search termThis video showcases a quick tutorial on using a web-based tool to find social media profiles efficiently.…
Attackers are constantly seeking new vulnerabilities to compromise Kubernetes environments. Microsoft recently uncovered an attack that exploits new critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity.
OpenMetadata is an open-source platform designed to manage metadata across various data sources.…
Hacklido.com is a cybersecurity community platform focused on various aspects of ethical hacking, security research, and cybersecurity knowledge sharing. The website hosts a range of content including blogs on topics like cybersecurity trends, techniques to bypass security measures such as one-time password (OTP) systems, and discussions on vulnerabilities like cross-site scripting (XSS) (HACKLIDO).…
Many people make banking transactions online now. And since mobile devices are one of the most popular and convenient ways to shop and make payments, criminals are naturally drawn to this. A current example of a malware that specifically targets online banking shows how easy it is to fall for malware.…