SentinelLABS has analyzed a data leak from TopSec (北京天融), a Chinese cybersecurity firm that offers services such as Endpoint Detection and response (EDR) and vulnerability scanning. The firm also provides boutique solutions that align with government initiatives and intelligence requirements. The data leak includes a document with 7,000+ work logs and code to orchestrate infrastructure for the firm’s DevOps practices and downstream customers. The leak also contains scripts that connect to severa
saas (7)
The threat actors behind the Darcula Phishing-as-a-Service (PhaaS) platform appear to be preparing a new version that allows prospective customers and cyber actors to clone any brand's legitimate website and create a phishing version, further bringing down the technical expertise required to pull off phishing attacks at scale. The latest iteration of the phishing suite "represents a significant shift in criminal capabilities, reducing the barrier to entry for bad actors to target any brand with
The cloud hack tool scene is highly intertwined, with many tools relying on one another’s code. This is particularly true for malware families like AlienFox, Greenbot, Legion, and Predator, which share code from a credential scraping module called Androxgh0st. Analysts identified a tool that is related but distinct from these families. FBot is a Python-based attack tool with features to target web servers and cloud services as well as Software-as-a-Service (SaaS) technologies, including:
- Ama
Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks by using a crypto wallet-draining technique. A prominent contributor to this troubling trend is a notorious phishing group called Angel Drainer, which advertises a "Scam-as-a-Service" offe
Last week Microsoft Security issued a detailed report on a massive phishing-as-a-service operation named BulletProofLink that offered as a subscription and all the tools needed to conduct a campaign. The phishing-as-a-service, or PHaaS, model differs from the phishing kits that many gangs have used in that it is more expansive and handles many of the small details that could befuddle a less tech-savvy attacker.
"It's worth noting that some PhaaS groups may offer the whole deal - from template c
A Russian-speaking "Scam-as-a-Service" (SaaS) operation called, "Classiscam" is expanding globally, with 40 interconnected gangs in about a dozen countries using fake product advertisements to launch phishing schemes, the security firm Group-IB reports. This “SaaS” is adding to the long list of hacker services for anyone to buy with some spare Bitcoin.
The fraud actors are posting fake online classified advertisements for products to trick interested buyers into visiting phishing pages, where t
There will be no let-up in ransomware attacks, as it has proven to such a profitable business model of cybercriminals. The cybersecurity landscape is evolving, and many businesses do not understand how to keep their defenses ahead of the attackers. While major corporations can spend as much as $1 billion a year, many small companies may not have the budget to hire a cybersecurity vendor to help them keep up with all the technology available needed to deter hackers. The loss of just a few thou
