Topic: threat group

Sort by: Relevance | Date
  • Crimson Collective Hackers Breach AWS for Data Theft
    October 10, 2025
    95%

    Crimson Collective Hackers Breach AWS for Data Theft

    The Crimson Collective is a hacking group infiltrating AWS infrastructures to steal sensitive data and extort organizations, as seen in a breach at Red GitLab repositories. Attackers compromise AWS using exposed credentials and tools like TruffleHog, then escalate privileges to gain administrativ...

    Read More »
  • UNC2891: Inside the ATM Fraud Money Mule Network
    November 21, 2025
    93%

    UNC2891: Inside the ATM Fraud Money Mule Network

    Cybersecurity group UNC2891 executed sophisticated ATM fraud attacks in Indonesia, using a money mule recruitment network and custom malware like STEELCORGI to target banks over multiple years. The criminals employed advanced tools including the CAKETAP rootkit to bypass security checks and multi...

    Read More »
  • Russian Hackers Hide Malware in Linux VMs Using Hyper-V
    November 5, 2025
    93%

    Russian Hackers Hide Malware in Linux VMs Using Hyper-V

    The Russian cyber-espionage group Curly COMrades uses Microsoft's Hyper-V to hide malware in concealed Linux virtual machines, evading standard security measures and targeting entities aligned with Russian interests. Attackers deploy a minimal Alpine Linux VM hosting custom tools like CurlyShell ...

    Read More »
  • Salesforce Refuses to Pay Ransom in Massive Data Breach
    October 15, 2025
    92%

    Salesforce Refuses to Pay Ransom in Massive Data Breach

    Salesforce has refused to pay a ransom after a data breach allegedly exposed nearly one billion customer records, emphasizing its policy against negotiating with cybercriminals despite the risk of data exposure. The attack, initiated in May, involved English-speaking operatives tricking employees...

    Read More »
  • SonicWall SMA 100 Series Now Fights Rootkits
    September 25, 2025
    90%

    SonicWall SMA 100 Series Now Fights Rootkits

    SonicWall has released a critical firmware update for its SMA 100 series to scan for and remove the OVERSTEP rootkit, patching vulnerabilities like CVE-2024-38475 in response to a sophisticated attack by threat group UNC6148. The attack involved using stolen credentials to gain unauthorized acces...

    Read More »
  • Massive Swedish Software Data Breach Hits 1.5 Million Users
    November 5, 2025
    75%

    Massive Swedish Software Data Breach Hits 1.5 Million Users

    A major cybersecurity breach at Swedish IT provider Miljödata compromised personal data of approximately 1.5 million individuals, leading to a ransom demand and the publication of stolen information on the dark web. The Swedish Authority for Privacy Protection (IMY) has launched an investigation ...

    Read More »

Related Topics

data breach (2) security recommendations (2) reverse shell (2) data leak (1) virtual machine (1) money mules (1) security mitigation (1) children's data (1)