BlindEagle flying high in Latin America

CategoryDetailsThreat ActorsBlindEagle (APT-C-36)Campaign OverviewTargeting entities in Latin America (primarily Colombia) with espionage and financial attacks.Target…

CloudSorcerer – A new APT targeting Russian government entities

CategoryDetailsThreat ActorsCloudSorcererCampaign OverviewAdvanced persistent threat (APT) targeting Russian government entities, primarily for cyber espionage.Target Regions…

LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign

CategoryDetailsThreat ActorsAPT41, Chinese cyber-espionage group, also known as Double DragonCampaign OverviewEvolution of LightSpy malware with…

OSINT Updates for November 24 , 2024

https://twitter.com/officer_cia/status/1860507851195609273 https://twitter.com/RedPacketSec/status/1860564662917501120 https://twitter.com/RedPacketSec/status/1860561745145713112 https://twitter.com/RedPacketSec/status/1860564664167408058 https://twitter.com/SpyCollection1/status/1860577641645957138 https://twitter.com/RedPacketSec/status/1860561734571892904 https://twitter.com/RedPacketSec/status/1860564667791258032 https://twitter.com/RedPacketSec/status/1860561743933554774

TTP Today Fraud & Intelligence Insights Report Q1-Q3 2024

CategoryDetailsThreat ActorsFraudsters targeting high-demand sectors using advanced techniques like BIN testing, OTP spoofing, SIM swapping,…

Diplomats Beware: Cloaked Ursa Phishing With a Twist

CategoryDetailsThreat ActorsCloaked Ursa (aka APT29, UAC-0004, Midnight Blizzard/Nobelium, Cozy Bear), linked to Russia's Foreign Intelligence…

Top Tools for Email OSINT: Discover, Validate, and Investigate

Tool NameSnov.io Email FinderTool DescriptionA web-based tool to find email addresses associated with domains or…

Fortinet VPN zero-day exploited by Chinese threat actor

CategoryDetailsThreat ActorsBrazenBamboo (China-linked threat actor).Campaign OverviewExploiting a zero-day vulnerability in Fortinet’s FortiClient VPN for Windows…

NodeStealer Malware Targets Facebook 

CategoryDetailsThreat ActorsNodeStealer (Vietnamese threat actors); ClickFix (unattributed, including suspected Russian actors targeting Ukraine).Campaign OverviewNodeStealer targets…

Dark Web Profile: Moonstone Sleet

CategoryDetailsThreat ActorsMoonstone Sleet (aka Storm-1789), a North Korean state-sponsored APT group.Campaign OverviewActive since early 2024,…