LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign
CategoryDetailsThreat ActorsAPT41, Chinese cyber-espionage group, also known as Double DragonCampaign OverviewEvolution of LightSpy malware with…
OSINT Updates for November 24 , 2024
https://twitter.com/officer_cia/status/1860507851195609273 https://twitter.com/RedPacketSec/status/1860564662917501120 https://twitter.com/RedPacketSec/status/1860561745145713112 https://twitter.com/RedPacketSec/status/1860564664167408058 https://twitter.com/SpyCollection1/status/1860577641645957138 https://twitter.com/RedPacketSec/status/1860561734571892904 https://twitter.com/RedPacketSec/status/1860564667791258032 https://twitter.com/RedPacketSec/status/1860561743933554774
TTP Today Fraud & Intelligence Insights Report Q1-Q3 2024
CategoryDetailsThreat ActorsFraudsters targeting high-demand sectors using advanced techniques like BIN testing, OTP spoofing, SIM swapping,…
Dark Web Profile: Moonstone Sleet
CategoryDetailsThreat ActorsMoonstone Sleet (aka Storm-1789), a North Korean state-sponsored APT group.Campaign OverviewActive since early 2024,…
OSINT Updates for November 23 , 2024
https://twitter.com/CovertShores/status/1860215391114657830 https://twitter.com/bamitav/status/1860135386091045318 https://twitter.com/DailyRansomware/status/1860174991288881252 https://twitter.com/SriLankaTweet/status/1860150865379860564 https://twitter.com/hornbilltv/status/1860256208420225052 https://twitter.com/OmegaMagnusTV/status/1860266368110579929 https://twitter.com/rtehrani/status/1860158839179403382
Investigating a SharePoint Compromise: IR Tales from the Field
CategoryDetailsThreat ActorsUnnamed attacker exploiting SharePoint CVE-2024-38094.Campaign OverviewExploited SharePoint vulnerability (CVE-2024-38094) for initial access; compromised Exchange…
Royal Thai Police Database Breached, Claims Dark Web Actor
CategoryDetailsThreat ActorsDark web actor (identity unspecified).Campaign OverviewBreach of the PhpMyAdmin database of the Royal Thai…
T-Mobile Breached in Major Chinese Cyber-Attack on Telecoms
CategoryDetailsThreat ActorsSalt Typhoon (Chinese state-sponsored hacking group).Campaign OverviewLarge-scale cyber-espionage campaign targeting US and international telecom…
Exploring Rhysida Ransomware
CategoryDetailsThreat ActorsRhysida Ransomware group (possible connection to Vice Society Ransomware group).Campaign OverviewRhysida ransomware attacks targeted…
RansomHub Targets Mexican Government
CategoryDetailsThreat ActorsRansomHub, a likely Russian ransomware group with a history of global cyberattacks.Campaign OverviewRansomHub compromised…