cRyPtHoN™ INFOSEC (EN)

BMW Hong Kong Data is Allegedly Leaked According to a threat actor on a dark web forum, customer data from BWW Hong Kong is allegedly leaked. The threat actor claims that nearly 14,000 rows of customer information from BMW Hong Kong was breached. The alleged breach occurred in July 2024. The forum post indicates that the compromised data includes salutation, full name, mobile phone number and SMS consent. The threat actor also provided a sample data from the alleged leak. No price information or additional contact info is included in the post. https://dailydarkweb.net/bmw-hong-kong-data-is-allegedly-leaked/ 📡@cRyPtHoN_INFOSEC_IT 📡@cRyPtHoN_INFOSEC_FR 📡@cRyPtHoN_INFOSEC_EN 📡@cRyPtHoN_INFOSEC_DE 📡@BlackBox_Archiv

Trello Database is Allegedly Leaked A threat actor on a dark web forum published a database allegedly belonging to Trello. In the forum post it is stated that Trello has an open API endpoint that allows any unauthenticated user to map an email address to a Trello account as the source of alleged leak. According to the post the leak contains 15,111,945 unique email addresses. Other columns of the leaked data are names and usernames. The threat actor also indicates that the breach occurred in January 2024. https://dailydarkweb.net/trello-database-is-allegedly-leaked/ 📡@cRyPtHoN_INFOSEC_IT 📡@cRyPtHoN_INFOSEC_FR 📡@cRyPtHoN_INFOSEC_EN 📡@cRyPtHoN_INFOSEC_DE 📡@BlackBox_Archiv

New Jellyfish Loader Threat Discovered: Advanced Techniques for System Infiltration Jellyfish Loader, a new shellcode malware discovered by Cyble Research, showcases its capabilities, C&C communications, and offers cybersecurity advice to strengthen defenses. Cyble Research and Intelligence Labs (CRIL) has recently unearthed a sophisticated shellcode loader named Jellyfish Loader, marking a new development in cyber threat detection. This new. NET-based malware exhibits advanced capabilities, including the collection of system information and establishment of secure Command and Control (C&C) communications. Here’s a detailed exploration of what CRIL has uncovered about this emerging threat. https://thecyberexpress.com/cyble-research-decoding-jellyfish-loader/ 📡@cRyPtHoN_INFOSEC_IT 📡@cRyPtHoN_INFOSEC_FR 📡@cRyPtHoN_INFOSEC_EN 📡@cRyPtHoN_INFOSEC_DE 📡@BlackBox_Archiv

SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts Malicious Google ads are a well known threat, but malvertising can also be found on other popular online destinations such as Facebook, LinkedIn, and YouTube. Case in point: an enduring campaign that aims to infect Facebook users with the SYS01 information stealer, which grabs everything the attackers need to carry on with it endlessly. https://www.helpnetsecurity.com/2024/07/16/malicious-ads-facebook-linkedin/ 📡@cRyPtHoN_INFOSEC_IT 📡@cRyPtHoN_INFOSEC_FR 📡@cRyPtHoN_INFOSEC_EN 📡@cRyPtHoN_INFOSEC_DE 📡@BlackBox_Archiv

Tether freezes $29 million of cryptocurrency connected to Cambodian marketplace accused of fueling scams The cryptocurrency company Tether has frozen more than 29 million of its stablecoins reportedly connected to a massive Cambodian online marketplace offering up services for so-called pig butchering scams. Researchers from Elliptic last week pulled back the curtain on Huione Guarantee, documenting how the online marketplace has become a critical ecosystem for cybercriminal operations in Southeast Asia. Merchants across thousands of instant messaging channels sell money laundering services, deepfake technology, stolen data and even equipment like shackles for restraining trafficked workers, with Huione acting as a guarantor for all transactions. https://therecord.media/tether-freezes-29-million-crypto-connected-to-scam-marketplace 📡@cRyPtHoN_INFOSEC_IT 📡@cRyPtHoN_INFOSEC_FR 📡@cRyPtHoN_INFOSEC_EN 📡@cRyPtHoN_INFOSEC_DE 📡@BlackBox_Archiv

Microsoft finally fixes Outlook alerts bug caused by December updates Microsoft has finally fixed a known Outlook issue, confirmed in February, which was triggering incorrect security alerts after installing the December security updates for Outlook Desktop. The company acknowledged the bug in early February after many Microsoft 365 users reported seeing unexpected warnings that "This location may be unsafe" and "Microsoft Office has identified a potential security concern" when double-clicking ICS calendar files. https://www.bleepingcomputer.com/news/microsoft/microsoft-finally-fixes-outlook-alerts-bug-caused-by-december-updates/ 📡@cRyPtHoN_INFOSEC_IT 📡@cRyPtHoN_INFOSEC_FR 📡@cRyPtHoN_INFOSEC_EN 📡@cRyPtHoN_INFOSEC_DE 📡@BlackBox_Archiv

CRYSTALRAY Cyber-Attacks Grow Tenfold Using OSS Tools The Sysdig Threat Research Team (TRT) has revealed significant developments in the activities of the SSH-Snake threat actor. The group, now referred to as CRYSTALRAY, has notably expanded its operations, increasing its victim count tenfold to more than 1500. https://www.infosecurity-magazine.com/news/crystalray-cyber-attacks-grow/ 📡@cRyPtHoN_INFOSEC_IT 📡@cRyPtHoN_INFOSEC_FR 📡@cRyPtHoN_INFOSEC_EN 📡@cRyPtHoN_INFOSEC_DE 📡@BlackBox_Archiv

DarkGate, the Swiss Army knife of malware, sees boom after rival Qbot crushed Meet the new boss, same as the old boss The DarkGate malware family has become more prevalent in recent months, after one of its main competitors was taken down by the FBI. The malware was discovered by endpoint security outfit enSilo's security maven Adi Zeligson in 2018 – but it has evolved over the years. The most recent version, spotted by Spamhaus in late January, added new capabilities. https://www.theregister.com/2024/07/16/darkgate_malware/ 📡@cRyPtHoN_INFOSEC_IT 📡@cRyPtHoN_INFOSEC_FR 📡@cRyPtHoN_INFOSEC_EN 📡@cRyPtHoN_INFOSEC_DE 📡@BlackBox_Archiv

Hackers Claim to Have Leaked 1.1 TB of Disney Slack Messages A hacker group called “NullBulge” says it stole more than a terabyte of Disney’s internal Slack messages and files from nearly 10,000 channels in an apparent protest over AI-generated art. A group calling itself “NullBulge” published a 1.1-TB trove of data late last week that it claims is a dump of Disney's internal Slack archive. The data allegedly includes every message and file from nearly 10,000 channels, including unreleased projects, code, images, login credentials, and links to internal websites and APIs. https://www.wired.com/story/disney-slack-leak-nullbulge/ 📡@cRyPtHoN_INFOSEC_IT 📡@cRyPtHoN_INFOSEC_FR 📡@cRyPtHoN_INFOSEC_EN 📡@cRyPtHoN_INFOSEC_DE 📡@BlackBox_Archiv

Hello, is it me you’re looking for? How scammers get your phone number Your humble phone number is more valuable than you may think. Here’s how it could fall into the wrong hands – and how you can help keep it out of the reach of fraudsters. What might be one of the easiest ways to scam someone out of their money – anonymously, of course? Would it involve stealing their credit card data, perhaps using digital skimming or after hacking into a database of sensitive personal information? While effective, these methods may be resource-intensive and require some technical prowess. https://www.welivesecurity.com/en/scams/hello-is-it-me-youre-looking-for-how-scammers-get-your-phone-number/ 📡@cRyPtHoN_INFOSEC_IT 📡@cRyPtHoN_INFOSEC_FR 📡@cRyPtHoN_INFOSEC_EN 📡@cRyPtHoN_INFOSEC_DE 📡@BlackBox_Archiv