Cyberthint Threat Hunters have analyzed a large-scale smishing attack targeting Turkish citizens residing in Istanbul, Turkey for our dear readers/followers.
Cyberthint threat hunters have created a monthly report on ransomware activity by tracking ransomware groups‘ posts on their official leak sites on the DarkWeb.
Cyberthint threat hunters have created a monthly report on ransomware activity by tracking ransomware groups‘ posts on their official leak sites on the DarkWeb.
Cyberthint threat hunters have created a monthly report on ransomware activity by tracking ransomware groups‘ posts on their official leak sites on the DarkWeb.
Cyberthint threat hunters have created a monthly report on ransomware activity by tracking ransomware groups‘ posts on their official leak sites on the DarkWeb.
Cyberthint threat hunters have created a monthly report on ransomware activity by tracking ransomware groups‘ posts on their official leak sites on the DarkWeb.
In this blog, as Cyberthint threat hunters, we have shared with you as our esteemed readers, the results of our analysis of the leaked source code of the “Bayraktar TB2” model, which was offered for sale on a popular darkweb forum and allegedly belonged to the “Bayraktar TB2” model, which is an unmanned aerial vehicle belonging to the “Baykar Technology” company, and the results we obtained as a result of a social engineering-based operation against the threat actor.
Cyberthint threat hunters have created a monthly report on ransomware activity by tracking ransomware groups‘ posts on their official leak sites on the DarkWeb.
On June 6, 2023, security researchers discovered a vulnerability in Roundcube’s “markasjunk” plugin. This vulnerability allow attackers to execute command by sending a specifically crafted identity email address through plugin.
Although the CVSSv3 score of the vulnerability is defined as “6.5”, according to Cyberthint analysts, its impact is actually critical and CWE ID: CWE-77.
Affected Versions: Roundcube versions 1.6.1 and earlier versions, when the markasjunk plugin is enabled.
Sniffing method is an attack method used by cyber fraudsters to steal private information such as passwords and credit cards of website customers by compromising/hacking an e-commerce website.
Cyber fraudsters on the dark web target e-commerce sites and can gain access through passwords obtained from stealer logs or through webshells they install on the systems as a result of exploiting web application/server security vulnerabilities on the site. Then, they can steal users’ credit card information by placing sniffers on the forms where customer credit card information is entered on payment pages or by embedding their own phishing pages with “iframe” tags on the payment page that opens when the user wants to purchase a product. It is known that cyber fraudsters use the stolen credit cards to shop on websites without 3D Secure protection, called “cardable”, or to sell them on the dark web.