I-SOON Data Leak: Key Points
Marco Ramilli's Blog
by marcoramilli
1M ago
Introduction i-SOON (上海安洵), a prominent contractor for various Chinese government agencies such as the Ministry of Public Security, Ministry of State Security, and People’s Liberation Army, experienced a significant data breach during the weekend of Feb 16th. The breach has shed light on the internal workings of a state-affiliated hacking contractor, although the source and motivations behind the leak remain undisclosed. Verification of the leaked documents is ongoing, yet they corroborate existing public threat intelligence. This breach offers unprecedented insight into China’s evolving cyber ..read more
Visit website
X Gold Badges: a new proliferating market
Marco Ramilli's Blog
by marcoramilli
2M ago
When I saw a threat actor hijacking the X account of Google’s Mandiant division and promoting a cryptocurrency scam I suddenly became curious about this new prominent trend. Indeed this attack was just one of many happened during the past few weeks (HERE). A new black market trend Establishing a presence on a prominent social media platform, formerly recognized as Twitter (now referred to as X), is pivotal for cultivating brand identity and visibility. The influence wielded by a tweet bearing the coveted blue checkmark is widely acknowledged. Initially tied to a stringent verification process ..read more
Visit website
Technical Data Sheet: LOCKBIT 3.0
Marco Ramilli's Blog
by marcoramilli
3M ago
LOCKBIT 3.0 is a notorious Ransomware Group that was first identified on 09 Dec, 2022. Operating with various aliases and suspected to be involved in a range of cyber activities, this group poses a significant threat in the cybersecurity landscape. Further monitoring tasks and for having more analyses on the cyber threat panorama, consider to subscribe to personal Cyber Intelligence Feeds . Basic Info Name: LOCKBIT 3.0 Aliases: – First seen: 09 Dec, 2022 Suspected aliases: – Engagements Active Channels: lockbitapt6vx57t3eeqj – REDACTED – nygvokja5uuccip4ykyd.onion lockbitapt2d73krlbewgv27tq ..read more
Visit website
Detected: Cyber Error System targets the website of B.N. College, Bhagalpur
Marco Ramilli's Blog
by marcoramilli
3M ago
Category: Defacement Content: Group claims to have defaced the organizations website. Mirror : https://zone-xsec.com/mirror/id/637556 Source: telegram Source Link: https://t.me/cybererrorsystem/1163 Threat Actor: Cyber Error System Victimology Country : India Industry : Education Organization : b.n. college, bhagalpur ..read more
Visit website
Detected: Cyber Error System targets the website of Bahona College
Marco Ramilli's Blog
by marcoramilli
3M ago
Category: Defacement Content: Group claims to have defaced the organizations website Source: telegram Source Link: https://t.me/cybererrorsystem/1163 Threat Actor: Cyber Error System Victimology Country : India Industry : Education Organization : bahona college ..read more
Visit website
Detected: Allegedly leaked data of Noomeera
Marco Ramilli's Blog
by marcoramilli
3M ago
Category: Data Breach Content: Threat actor claims to have obtained data of noomeera.com, the website of Noomeera, a Russian social media company. Source: openweb Source Link: https://breachforums.is/Thread-Noomera-ru-Leaked-Download Threat Actor: perell Victimology Country : Russia Industry : Social Media & Online Social Networking Organization : noomeera ..read more
Visit website
Detected: Alleged sale of Betting/Casino Global database
Marco Ramilli's Blog
by marcoramilli
3M ago
Category: Data Leak Content: Threat actor is offering to sell Betting/Casino Global database from various countries like UK, Germany, Netherlands and other countries. Source: openweb Source Link: https://forum.exploit.in/topic/235084/ Threat Actor: SpaceMonkey Victimology Country : UK Industry : Gambling & Casinos Organization : undefined ..read more
Visit website
Detected: Alleged sale of freshly dumped databases
Marco Ramilli's Blog
by marcoramilli
3M ago
Category: Data Leak Content: Threat actor is offering to sell various databases containing sensitive information like banking, gambling, educational, and real estate data. The advertisement claims the data is freshly acquired and has never been sold before, emphasizing secrecy and exclusivity. Source: openweb Source Link: https://forum.exploit.in/topic/235083/ Threat Actor: SpaceMonkey Victimology undefined : undefined undefined : undefined undefined : undefined ..read more
Visit website
Detected: Tron Power Proof targets the website of NetMag Pakistan
Marco Ramilli's Blog
by marcoramilli
3M ago
Category: DDoS Attack Content: Proof of down time : https://check-host.net/check-report/13f844c0kc8f Source: telegram Source Link: https://t.me/Tronc2powerproof/447 Threat Actor: Tron Power Proof Victimology Country : Pakistan Industry : Information Technology (IT) Services Organization : netmag pakistan ..read more
Visit website
Detected: Alleged sale of Plesk Checker
Marco Ramilli's Blog
by marcoramilli
3M ago
Category: Malware Content: Threat actor is offering to sell Plesk Checker. Plesk is a commercial web hosting and server data center automation software developed for Linux and Windows-based retail hosting service providers. Source: openweb Source Link: https://xss.is/threads/104280/ Threat Actor: XYZRat Victimology undefined : undefined undefined : undefined undefined : undefined ..read more
Visit website

Follow Marco Ramilli's Blog on FeedSpot

Continue with Google
Continue with Apple
OR