CyberAlerts

A Threat Actor Claims to have Leaked the ITG Database and Source Code

Description: A Threat Actor Claims to have Leaked the ITG Database and Source Code

Source: DarkWebInformer

January 20th, 2025 (5 months ago)

Description: Feeling creative? Have something to say about cybersecurity? Submit your caption and our panel of experts will reward the winner with a $25 gift card.

Source: Dark Reading

January 20th, 2025 (5 months ago)

Microsoft fixes Windows Server 2022 bug breaking device boot

Description: Microsoft has fixed a bug that was causing some Windows Server 2022 systems with two or more NUMA nodes to fail to start up. [...]

Source: BleepingComputer

January 20th, 2025 (5 months ago)

Nmap Cheat Sheet

Description: Nmap Cheat Sheet

Source: DarkWebInformer

January 20th, 2025 (5 months ago)

A Threat Actor Claims to be Selling Access of DPIS (Departmental Personnel Information System)

Description: A Threat Actor Claims to be Selling Access of DPIS (Departmental Personnel Information System)

Source: DarkWebInformer

January 20th, 2025 (5 months ago)

Malicious VPN Extensions Found Spying on Chrome Users

Description: A new investigation by security researcher Wladimir Palant reveals that malicious VPN extensions on the Chrome Web Store are using obfuscation techniques to bypass Google's remote code execution restrictions. These extensions secretly collect browsing data, manipulate user traffic, and employ anti-debugging measures to evade detection. Intrusive VPN extensions Palant found that 32 VPN extensions rely … The post Malicious VPN Extensions Found Spying on Chrome Users appeared first on CyberInsider.

Source: CyberInsider

January 20th, 2025 (5 months ago)

Flaw in ChatGPT API Allows Powerful Reflective DDoS Attacks

Description: A newly disclosed vulnerability in OpenAI's ChatGPT API allows attackers to trigger Distributed Denial-of-Service (DDoS) attacks against arbitrary websites using OpenAI's own infrastructure. The flaw enables an unauthenticated attacker to overwhelm a target website with HTTP requests originating from OpenAI's Microsoft Azure-hosted servers. OpenAI, a leading artificial intelligence research organization, operates ChatGPT, one of the … The post Flaw in ChatGPT API Allows Powerful Reflective DDoS Attacks appeared first on CyberInsider.

Source: CyberInsider

January 20th, 2025 (5 months ago)

New AiTM PhaaS Platform ‘Sneaky 2FA’ Targets Microsoft 365 Accounts

Description: A newly identified Adversary-in-the-Middle (AiTM) phishing kit, dubbed Sneaky 2FA, is being distributed as a Phishing-as-a-Service (PhaaS) operation on Telegram, enabling cybercriminals to bypass multi-factor authentication (MFA) protections for Microsoft 365 accounts. Sekoia’s Threat Detection & Research (TDR) team discovered the phishing kit in December 2024 during routine threat-hunting activities and has since linked it … The post New AiTM PhaaS Platform ‘Sneaky 2FA’ Targets Microsoft 365 Accounts appeared first on CyberInsider.

Source: CyberInsider

January 20th, 2025 (5 months ago)

A Threat Actor is Allegedly Selling the Data of Speedio

Description: A Threat Actor is Allegedly Selling the Data of Speedio

Source: DarkWebInformer

January 20th, 2025 (5 months ago)

DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection

Description: The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem (meaning "organization" in Urdu) and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps in question have been found to incorporate identical functions, barring minor modifications to the

Source: TheHackerNews

January 20th, 2025 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	A Threat Actor Claims to have Leaked the ITG Database and Source Code Description: A Threat Actor Claims to have Leaked the ITG Database and Source Code Source: DarkWebInformer January 20th, 2025 (5 months ago)
	Name That Toon: Incentives Description: Feeling creative? Have something to say about cybersecurity? Submit your caption and our panel of experts will reward the winner with a $25 gift card. Source: Dark Reading January 20th, 2025 (5 months ago)
	Microsoft fixes Windows Server 2022 bug breaking device boot Description: Microsoft has fixed a bug that was causing some Windows Server 2022 systems with two or more NUMA nodes to fail to start up. [...] Source: BleepingComputer January 20th, 2025 (5 months ago)
	Nmap Cheat Sheet Description: Nmap Cheat Sheet Source: DarkWebInformer January 20th, 2025 (5 months ago)
	A Threat Actor Claims to be Selling Access of DPIS (Departmental Personnel Information System) Description: A Threat Actor Claims to be Selling Access of DPIS (Departmental Personnel Information System) Source: DarkWebInformer January 20th, 2025 (5 months ago)
	Malicious VPN Extensions Found Spying on Chrome Users Description: A new investigation by security researcher Wladimir Palant reveals that malicious VPN extensions on the Chrome Web Store are using obfuscation techniques to bypass Google's remote code execution restrictions. These extensions secretly collect browsing data, manipulate user traffic, and employ anti-debugging measures to evade detection. Intrusive VPN extensions Palant found that 32 VPN extensions rely … The post Malicious VPN Extensions Found Spying on Chrome Users appeared first on CyberInsider. Source: CyberInsider January 20th, 2025 (5 months ago)
	Flaw in ChatGPT API Allows Powerful Reflective DDoS Attacks Description: A newly disclosed vulnerability in OpenAI's ChatGPT API allows attackers to trigger Distributed Denial-of-Service (DDoS) attacks against arbitrary websites using OpenAI's own infrastructure. The flaw enables an unauthenticated attacker to overwhelm a target website with HTTP requests originating from OpenAI's Microsoft Azure-hosted servers. OpenAI, a leading artificial intelligence research organization, operates ChatGPT, one of the … The post Flaw in ChatGPT API Allows Powerful Reflective DDoS Attacks appeared first on CyberInsider. Source: CyberInsider January 20th, 2025 (5 months ago)
	New AiTM PhaaS Platform ‘Sneaky 2FA’ Targets Microsoft 365 Accounts Description: A newly identified Adversary-in-the-Middle (AiTM) phishing kit, dubbed Sneaky 2FA, is being distributed as a Phishing-as-a-Service (PhaaS) operation on Telegram, enabling cybercriminals to bypass multi-factor authentication (MFA) protections for Microsoft 365 accounts. Sekoia’s Threat Detection & Research (TDR) team discovered the phishing kit in December 2024 during routine threat-hunting activities and has since linked it … The post New AiTM PhaaS Platform ‘Sneaky 2FA’ Targets Microsoft 365 Accounts appeared first on CyberInsider. Source: CyberInsider January 20th, 2025 (5 months ago)
	A Threat Actor is Allegedly Selling the Data of Speedio Description: A Threat Actor is Allegedly Selling the Data of Speedio Source: DarkWebInformer January 20th, 2025 (5 months ago)
	DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection Description: The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem (meaning "organization" in Urdu) and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps in question have been found to incorporate identical functions, barring minor modifications to the Source: TheHackerNews January 20th, 2025 (5 months ago)