Lucene search
+L

411 matches found

talosblog
talosblog
added 2025/10/02 10:0 a.m.7 views

UAT-8099: Chinese-speaking cybercrime group targets high-value IIS for SEO fraud

Cisco Talos is disclosing details on UAT-8099, a Chinese-speaking cybercrime group mainly involved in search engine optimization SEO fraud and theft of high-value credentials, configuration files, and certificate data. Cisco's file census and DNS analysis show affected Internet Information Servic...

7.6AI score
Exploits0
thn
thn
added 2025/09/29 4:36 p.m.10 views

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

Threat actors have been observed using seemingly legitimate artificial intelligence AI tools and software to sneakily slip malware for future attacks on organizations worldwide. According to Trend Micro, the campaign is using productivity or AI-enhanced tools to deliver malware targeting various...

7.7AI score
Exploits0
thn
thn
added 2025/09/17 6:30 p.m.7 views

TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks

The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans RATs like Venom RAT to breach hotels in Brazil and Spanish-speaking markets. Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluste...

9.3CVSS7.5AI score0.99933EPSS
Exploits29
thn
thn
added 2025/09/04 5:58 p.m.4 views

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module

Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment...

8.1AI score
Exploits0
thn
thn
added 2025/08/26 6:27 a.m.4 views

Google to Verify All Android Developers in 4 Countries to Block Malicious Apps

Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play Store. "Android will require all apps to be registered by verified developers in order to be installed by users on certified...

7.1AI score
Exploits0
securelist
securelist
added 2025/08/18 9:0 a.m.14 views

Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824

In April 2025, Microsoft patched 121 vulnerabilities in its products. According to the company, only one of them was being used in real-world attacks at the time the patch was released: CVE-2025-29824. The exploit for this vulnerability was executed by the PipeMagic malware, which we first...

9.3CVSS8.7AI score0.9923EPSS
Exploits59
cnnvd
cnnvd
added 2025/08/18 12:0 a.m.4 views

Portabilis i‑Diário 安全漏洞

Portabilis i-Diário is an open source school calendar and teacher interaction management system from Portabilis, Brazil. A security vulnerability exists in Portabilis i-Diário 1.5.0 and earlier versions, which stems from an improperly restricted interface layer that can be remotely triggered by a...

5.3CVSS6.7AI score0.0029EPSS
Exploits0References4
thn
thn
added 2025/08/14 11:6 a.m.11 views

New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits

Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication NFC to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil. "PhantomCard relays NFC data from a victim's banking card t...

7.1AI score
Exploits0
talosblog
talosblog
added 2025/05/08 10:0 a.m.11 views

Spam campaign targeting Brazil abuses Remote Monitoring and Management tools

Cisco Talos identified a spam campaign targeting Brazilian users with commercial remote monitoring and management RMM tools since at least January 2025. Talos observed the use of PDQ Connect and N-able remote access tools in this campaign. The spam message uses the Brazilian electronic invoice...

7.7AI score
Exploits0
bdu_fstec
bdu_fstec
added 2025/04/01 12:0 a.m.9 views

The vulnerability of the eDocument Cockpit component of the SAP Electronic Invoicing for Brazil software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the eDocument Cockpit component of the SAP Electronic Invoicing for Brazil software relates to the absence of authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

2.7CVSS5.5AI score0.00182EPSS
Exploits0References2Affected Software1
circl
circl
added 2024/11/12 7:33 a.m.12 views

CVE-2024-3807

creationtimestamp| type| source ---|---|--- 2024-11-12 07:33:19+00:00| seen| https://krebsonsecurity.com/2024/10/brazil-arrests-usdod-hacker-in-fbi-infragard-breach/ 2025-03-19 15:48:38+00:00| seen| MISP/2bb5c40c-5583-4a30-bc62-81e5a7af21a7...

8.8CVSS8.7AI score0.01538EPSS
Exploits0References1
krebs
krebs
added 2024/10/18 12:33 p.m.10 views

Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach

Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being "USDoD ," a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI 's InfraGard program and leaking contact information for 80,000 members. More recently, USDoD was behind a breach at the...

7.4AI score
Exploits0
thn
thn
added 2024/10/16 7:20 a.m.13 views

Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack

A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth aka Guildma by making use of obfuscated JavaScript to slip past security guardrails. "The spear-phishing campaign's impact has targeted various industries, with manufacturing companies, reta...

7.8AI score
Exploits0
thn
thn
added 2024/10/15 3:47 p.m.14 views

TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns

New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device's unlock pattern or PIN. "This new addition enables the threat actor to operate on the device even while it is locked," Zimperium security researcher Aazim Yaswant...

7.3AI score
Exploits0
trendmicroblog
trendmicroblog
added 2024/10/14 12:0 a.m.5 views

Water Makara Uses Obfuscated JavaScript in Spear Phishing Campaign, Targets Brazil With Astaroth Malware

Trend Micro researchers have uncovered a surge of malicious activities involving a threat actor group that we track as Water Makara. This group is targeting enterprises in Brazil, deploying banking malware using obfuscated JavaScript to slip past security defenses...

7.3AI score
Exploits0
thn
thn
added 2024/09/06 3:14 p.m.40 views

GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware

A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote code execution bug...

9.8CVSS8.7AI score0.99813EPSS
Exploits27
wired
wired
added 2024/09/05 3:41 p.m.6 views

Why It's So Hard to Fully Block X in Brazil

With 20,000 internet providers across the country, the technical challenges of blocking X in Brazil mean some connections are slipping through the cracks...

7.3AI score
Exploits0
thn
thn
added 2024/09/03 9:37 a.m.17 views

Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users

Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. "This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as...

7.3AI score
Exploits0
trendmicroblog
trendmicroblog
added 2024/07/30 12:0 a.m.8 views

AI Pulse: Brazil Gets Bold with Meta, Interpol’s Red Flag & more

The second edition of AI Pulse is all about AI regulation: what’s coming, why it matters, and what might happen without it. We look at Brazil’s hard não to Meta, how communities are pushing back against AI training data use, Interpol’s warnings about AI deepfakes, and more...

7.3AI score
Exploits0
thn
thn
added 2024/07/18 6:14 a.m.19 views

Meta Halts AI Use in Brazil Following Data Protection Authority's Ban

Meta has suspended the use of generative artificial intelligence GenAI in Brazil after the country's data protection authority issued a preliminary ban objecting to its new privacy policy. The development was first reported by news agency Reuters. The company said it has decided to suspend the...

6.7AI score
Exploits0
Rows per page
Query Builder