Most recents (8)

🇲🇽 Buró de crédito emitió un comunicado alertando a sus usuarios del comprometimiento de su información
El histórico en internet de su tecnología indica que usan tecnología vulnerable

La versión de un servidor web de Apache de Buró de Crédito es del 2022-08-13, es decir, está 71 versiones desactualizado

@BurodeCreditoMX dice que la información es del 2016
En agosto del 2020, @cibanco sufrió un ataque del extinto ransomware #Revil
Dentro de esa información robada, existían usuarios y contraseñas del área de sistemas del banco que tenían acceso a Buró de Crédito

Read 8 tweets

PRODAFT

@PRODAFT

🚨 NEW REPORT ALERT

FIN7 UNVEILED: A deep dive into notorious cybercrime gang

The big day is finally here! 🎊After months of tireless research and analyses, we can present you with the most insightful information: an extensive report on the notorious #cybercrime gang #FIN7.

Thanks to the PTI team, we obtained never-seen-before information about FIN7’s inner workings. We got a deeper understanding of their organizational structures, identities, attack vectors, and proof-supported affiliations with other ransomware groups, among others.

The most enticing remarks of the report are:

🔹 Unveiling FIN7’s development of an auto attack system to exploit the most profitable targets based on their revenue, employee count, headquarters’ location, and website information
Read more👇

Read 7 tweets

((( Kevin Karhan ))) 🛡️ #PNCHNZS 24/7!

@k3vk4

Wie kann man so krass abstürzen?

Ersthaft...
ardaudiothek.de/sendung/cui-bo…

Ich glaub' den muss ich mir archivieren...
radioeins.de/archiv/podcast…

Read 297 tweets

Azim Khodjibaev

@AShukuhi

@TalosSecurity

A major civil war going on the Russian cyber-criminal underground between the #Lockbit #Blackmatter #ransomware groups and other threat actors! @TalosSecurity

After alleging for a long time that Kajit, the former owner of RAMP is a cop, LockBittSupp posted a massive bombshell t0 XSS(DaMaGe LaB) Russian hacking forum

LockBitSupp (#lockbit #ransomware) just shared proof of conversations between vx-underground and Kajit proving that Kajit was the one who leaked the BlackMatter admin panel. What is interesting is that the admin panel was shared with wazawaka/boriselicin

Read 10 tweets

Resecurity

@resecurity_com

@KaseyaCorp

In light of the recent #SupplyChain attack on @KaseyaCorp by #REvil, it is worth paying attention to decoder[.]re included within the ransom notes, used additionally to 'mirror' in TOR network. #Ransomware #Cybersecurity #ThreatIntel #ThreatHunting #Malware

Similar to decryptor[.]cc and decryptor[.]top in previous #REvil/#Sodinokibi versions, decoder[.]re is used to grant the victims access to the threat actors WEB-site for further negotiations should their connection be limited via #TOR.

To access the page in WWW or TOR - the victim needs to provide a valid UID (e.g. "9343467A488841AC")

Read 11 tweets

Hiram Alejandro

@hiramcoop

🇨🇳/🇺🇸 El grupo de #ransomware #REVil ha atacado a la manufacturera Quanta Computer INC, quien manufactura productos como:
- Apple Watch
- Apple Macbook Air
- Apple Macbook Pro

REVil ha publicado diagramas de los productos presentados por #Apple el día de hoy

"Para no esperar a la próxima presentación de Apple, hoy nosotros, el grupo REvil, brindaremos datos sobre los próximos lanzamientos de la compañía tan querida por muchos. Tim Cook puede agradecer a Quanta."

"REvil publicó 21 capturas de pantalla que muestran esquemas de la Macbook y amenazó con publicar nuevos datos todos los días hasta que #Apple o Quanta pagaran la demanda de rescate"
skty.cc/pp

Read 3 tweets

Berto Jongman

@BertoJongman100