OSINT Updates for November 8, 2024

#Phishing Alert! We identified an active cash lending/loan #scam campaign using #dropcaught and newly registered domains on suspicious infrastructure. These sites ask for SSN, bank account details and personal data. More info at https://t.co/K34MiDZmVE pic.twitter.com/GQcugW1FB1

— Unit 42 (@Unit42_Intel) November 7, 2024

🎣🇧🇷 #Phishing targeting Brazilians citizens to provide as much PIIs, such as CPF, email, date of birth. All information necessary to be able to issue a passport.

VT Collection: https://t.co/3IRc4F1MBh#threat #Brazil #CTI #threathunting #IOC pic.twitter.com/Wg7vKzSaCn

— Þ4ŊDɛm¹©ƁøŸ ☣ (@P4nd3m1cb0y) November 7, 2024

🚨 New Blog Post! 🚨#Gootloader's pivot from SEO poisoning tactics to fake PDF converters. Find out how the shift from legal-themed files to "PDF to DOCX" scams could impact everyday users.

Read more 👉 https://t.co/u4StoWxat5 #Cybersecurity #MalwareAnalysis #ThreatIntel

— Gootloader (@Gootloader) November 7, 2024

A new information stealer called BRWCAP is being advertised on Telegram🧐#BRWCAP #Stealer #ThreatIntel #infosec #OSINT pic.twitter.com/XSC0bSfzvC

— KrakenLabs (@KrakenLabs_Team) November 7, 2024