Victim: achieverssciencejournal.org
Country : NG
Actor: funksec
Source: http://funkxxkovrk7ctnggbjnthdajav4ggex53k6m2x3esjwlxrkb3qiztid.onion/achieverssciencejournal.org
Discovered: 2025-01-26 22:12:37.658287
Published: 2025-01-26 22:12:37.658287
Description :
Achievers Science Journal is an educational organization.
Dedicated to producing and distributing science-related content.
Focuses on assisting in the development and learning of students in the science field.
Offers published scientific articles and resources for science learning.…
Read More
Tag: SPYWARE
This article explores various types of malware, detailing their characteristics, examples, and consequences in the cybersecurity landscape. It covers viruses, worms, trojans, spyware, rootkits, ransomware, and cryptojacking, highlighting both historical examples and mitigation strategies. Affected: malware, computer systems, data security
Read More
Keypoints :
Malware is software developed to harm computer systems, steal data, or gain unauthorized access.…
Summary: A supply chain attack on South Korean VPN provider IPany by the PlushDaemon hacking group resulted in the deployment of the SlowStepper malware through a compromised VPN installer. The attack affected multiple companies, including a semiconductor firm, with signs of infection dating back to November 2023.…
Read More
Summary: Ukrainian cyber agencies report a rise in sophisticated cyberattacks primarily attributed to three Russia-linked hacker groups targeting government and critical services. The attacks have focused on espionage, financial theft, and psychological warfare, with the most active group being UAC-0010, also known as Gamaredon. Over the past year, Ukraine’s cybersecurity incident response center has addressed over 1,000 incidents, indicating a significant threat to national security.…
Read More
Summary: The U.N. Security Council convened to address the growing threat of commercial spyware, highlighting the need for stronger protections for diplomats and justice for victims. A U.S. diplomat emphasized the importance of export controls and cybersecurity measures, while various nations pledged to take action against spyware abuses.…
Read More
Summary: SAP has released 14 new security notes addressing critical vulnerabilities, including two with a CVSS score of 9.9, during its January 2025 Patch Day. Organizations are urged to apply these patches promptly to mitigate potential exploitation by threat actors.
Read More
Threat Actor: Unknown | unknown Victim: SAP | SAP
Key Point :
Two critical vulnerabilities (CVE-2025-0070 and CVE-2025-0066) could allow attackers to steal credentials and read decrypted information.…
This article outlines the process of analyzing malware samples as a Cyber Threat Intelligence Analyst at PandaProbe Intelligence. The steps include downloading malware samples, conducting automated and manual analyses, correlating findings with global threat intelligence, and compiling a comprehensive report for mitigation. Affected: TryHackMe, PandaProbe Intelligence
Read More
Keypoints :
Acting as a Cyber Threat Intelligence Analyst at PandaProbe Intelligence.…
Summary: A federal judge ruled that NSO Group, a spyware manufacturer, violated laws by hacking WhatsApp users, marking a significant moment for privacy advocates. However, experts suggest the ruling may not significantly impact NSO’s operations or set a strong legal precedent for future cases against spyware firms.…
Read More
Summary: Several governments in Central Asia and Latin America have acquired Russian wiretapping technology, enhancing their surveillance capabilities and potentially enabling Russian intelligence access to intercepted communications. This development raises concerns about civil liberties and the risks faced by individuals in these regions.
Read More
Threat Actor: Russian Intelligence | Russian Intelligence Victim: Citizens of Belarus, Kazakhstan, Kyrgyzstan, Uzbekistan, Cuba, and Nicaragua | citizens of Belarus, Kazakhstan, Kyrgyzstan, Uzbekistan, Cuba, and Nicaragua
Key Point :
Acquisition of SORM technology by multiple governments enhances their ability to wiretap citizens.…
Summary: The Banshee macOS information stealer has been updated to target systems using the Russian language, expanding its reach, according to cybersecurity firm Check Point. Initially launched in mid-2024, the malware continues to pose threats despite the leak of its source code.
Read More
Threat Actor: Russian Developers | Russian Developers Victim: macOS Users | macOS Users
Key Point :
Banshee can collect sensitive data including passwords, system information, and cryptocurrency wallet details.…
Summary: The Pall Mall Process, initiated to combat the proliferation of commercial hacking tools, faces skepticism regarding its effectiveness in changing the trade and use of these tools. Despite growing concerns over the threats posed by commercial cyber intrusion capabilities (CCICs), significant exporting states have largely remained disengaged from the initiative.…
Read More
Summary: Google has released the January 2025 Android security updates addressing 36 vulnerabilities, including five critical remote code execution bugs. The updates are divided into two parts, with the first patching various components and the second focusing on specific hardware vulnerabilities.
Read More
Threat Actor: Unknown | unknown Victim: Google Android Users | Google Android Users
Key Point :
Five critical vulnerabilities could lead to remote code execution on multiple Android versions.…In an increasingly complex digital landscape, the emergence of various types of malware continues to be a significant concern for internet users. One such malware that has recently captured widespread attention is EAGERBEE. Known for its sophisticated capabilities, EAGERBEE has become a hot topic among researchers and cybersecurity professionals alike.…
Summary: A new Android spyware called “FireScam” masquerades as a fake Telegram Premium app to steal sensitive data from victims’ devices. This campaign highlights the evolving tactics of threat actors who exploit legitimate applications and services to distribute malware.
Read More
Threat Actor: Unknown | FireScam Victim: Individuals and organizations | Android users
Key Point :
FireScam uses a phishing site to deliver a malicious version of Telegram Premium.…Mongolia is experiencing an alarming increase in ransomware attacks, as highlighted by recent data from Ransom Monitor. Multiple domains, including government and healthcare services, have fallen victim to notorious threat actors such as funksec and darkvault. This escalating threat underscores the urgent need for enhanced cybersecurity measures across the nation.…
Summary: A new Android malware named FireScam has been identified as an information stealer and spyware, capable of harvesting sensitive information from various applications. It is distributed through a phishing website disguised as the legitimate ‘Telegram Premium’ application, targeting devices running Android 8 and newer.
Read More
Threat Actor: Unknown | FireScam Victim: Android Users | Android Users
Key Point :
FireScam is distributed via a phishing website that mimics the RuStore application store.…In an increasingly connected digital era, macOS has become an enticing target for cybercriminals. From exploiting vulnerabilities that allow malicious applications to access sensitive data without user consent to sophisticated malware attacks targeting cryptocurrency assets, these threats underscore the importance of security awareness.
This article will explore recent incidents, including TCC-based vulnerabilities, attacks by APT groups, and malware specifically targeting macOS users, as well as essential protective measures that users should take to safeguard their personal data and devices from these emerging threats.…
In 2024, cybercriminals remained relentless, prompting analysts to enhance defenses and provide vital insights. Key events included critical vulnerabilities in ScreenConnect, the emergence of new ransomware variants, and targeted attacks on human rights activists. As we move into 2025, the focus will be on staying one step ahead of evolving threats.…
Read More
### #DigitalDefense #ThreatIntelligence #CyberAwareness
Read More
Summary: This week’s cybersecurity update highlights significant threats and vulnerabilities impacting various sectors, emphasizing the need for vigilance and proactive measures to safeguard digital environments. Key developments include high-severity flaws, emerging malware, and notable cybercrime incidents involving threat actors.
Threat Actor: TraderTraitor | TraderTraitor Victim: DMM Bitcoin | DMM Bitcoin
Key Point :
High-severity PAN-OS flaw could lead to denial-of-service attacks on vulnerable devices.…
The report delves into FireScam, a sophisticated Android malware disguised as a Telegram Premium app, highlighting its distribution methods, operational features, and implications for user security. The findings underscore the urgent need for enhanced cybersecurity measures to combat such threats. #FireScam #AndroidMalware #Cybersecurity
Read More
Keypoints :
FireScam is an information-stealing malware with spyware capabilities.…