Blogs and Articles

This article examines how cybercriminals exploit stolen frequent flier accounts for money laundering. It covers motivations, trading of accounts, methods to monetize stolen miles, case studies, financial impact, and current prevention measures.

On 20 September 2024, CloudSEK’s XVigil discovered threat actor “xenZen” selling 7TB of data from Star Health Insurance, impacting over 31 million customers. While the data is confirmed authentic, claims of insider involvement from the company’s CISO appear fabricated.

The Lumma Stealer malware is being distributed through deceptive human verification pages that trick users into running malicious PowerShell commands. This phishing campaign primarily targets Windows users and can lead to the theft of sensitive information

On 12 September 2024, CloudSEK’s XVigil found threat actor "Fortibitch" leaking 440GB of data from Fortinet’s SharePoint after failed extortion. While ransomware use is unclear, the actor mentioned Ukrainian group DC8044, but no direct link is confirmed. It’s believed with medium confidence that the actor is based in Ukraine.

Mexico has seen a surge in cyberattacks, with hacktivist groups targeting finance, government, and education. Key threats include data breaches and protests, along with illegal firearm sales online. Strengthening cybersecurity is crucial to protect sensitive data and maintain stability.

The report highlights a surge in cyberattacks in Brazil ahead of Independence Day, with defacement attacks targeting government websites and critical sectors like Finance and Gambling. Team R70 is identified as the most active threat group. The report urges stronger cybersecurity measures to protect against these threats.

Phishing scams and fake job offers have risen with the growth of remote work and economic uncertainty. Cybercriminals use deceptive emails and social engineering to target job seekers. This blog highlights the methods, impacts, and the urgent need for strong cybersecurity measures to combat these threats.

The article "Cyber Shadows Over Ukraine" highlights the increased cyber threats Ukraine faces around its Independence Day, particularly from groups like NoName and the Russian Cyber Army. These attacks, primarily targeting government and critical infrastructure, underscore the need for Ukraine to bolster its cybersecurity defenses to ensure the safety and resilience of its national systems during this vulnerable period

The report "Cybersecurity in Focus: Recent Threats Targeting Singapore Amid National Day Celebrations" highlights the escalating cyber threats faced by Singapore in recent months. These include a surge in ransomware attacks impacting over 30 victims across 15 industry sectors, with notable breaches involving Singapore's Ministry of Finance and Moneylenders Credit Bureau. Hacktivist groups have also intensified their activities, leading to significant data breaches, including the sale of personal data of Singaporean citizens on underground forums. The report emphasizes the urgent need for enhanced cybersecurity measures to protect sensitive information and mitigate the growing risks.