GhostSec has reported a successful breach of the FANAP Behnama software, which they describe as the “Iran regime’s very own Privacy-invading software”. This breach has resulted in the exposure of approximately 20GB of compromised software. The group alleges that the Iranian government employs the software for citizen surveillance, representing a significant advancement in the nation’s surveillance capabilities.

In recent weeks, the Cyberint research team has observed an alarming emerging trend – an ongoing and successful hacking campaign is targeting LinkedIn accounts, all following a consistent method. This campaign is currently affecting individuals worldwide, resulting in a significant number of victims losing access to their accounts. Some have even been pressured into paying a ransom to regain control or faced with the permanent deletion of their accounts.

Starting from the beginning of 2023, the FBI and other law enforcement agencies worldwide have come together in a united effort to combat cybercrime, with a specific focus on ransomware. This alliance has already resulted in significant arrests, including those of individuals associated with Pompompurin and LockBit, as well as the dismantling of the Hive ransomware group’s infrastructure.

Anonymous Sudan is a rapidly expanding and influential group of hacktivists that identify themselves as Sudanese, motivated by both religious and political beliefs. Since January 2023, they have been carrying out distributed denial-of-service (DoS) attacks, allegedly motivated by defending Islam against Western nations. These attacks have disrupted critical infrastructure and various global sectors, including finance and healthcare.

Following research on a notorious cybercrime mastermind known as Neo_Net, Cyberint has unveiled the extent of the threat actor’s activities, who primarily targets Spanish and Chilean banks. The findings indicate that the mastermind’s crimes have now expanded into multiple countries and industries worldwide. Further analysis reveals that Neo_Net has not only focused on targeting Financial Applications through the creation of fake Android applications, but has also expanded its schemes.

Voice authentication is a biometric security method that verifies individuals based on their unique vocal characteristics. It has become increasingly popular in various applications, ranging from phone banking to smart home devices. However, the rise of deepfake technology poses a significant threat to the integrity of voice authentication systems. Deepfakes are highly realistic artificial audio clips that can be used to impersonate someone else’s voice.

Emerging between late 2022 and the beginning of 2023, Cloak Ransomware is a new ransomware group. Despite its activities, the origins and organizational structure of the group remain unknown. According to data from the group’s DLS (data leak site), Cloak has accessed 23 databases of small-medium businesses, selling 21 of them so far. Out of these, 21 victims paid the ransom and had their data deleted, 1 declined and 1 is still in negotiations, indicating a high payment rate of 91-96%.

The Barbie movie has captivated audiences worldwide, breaking box-office records and generating massive excitement and enthusiasm among fans. However, as with any major news sensation, threat actors are quick to exploit the fervor surrounding the movie for their malicious gain. The Barbie movie, given its immense popularity, has become an ideal bait for cybercriminals seeking to exploit the frenzy around it.

Dark Web monitoring strategies need to evolve. Gone are the days when the Dark Web was a haven mostly only for people who wanted to post illicit content anonymously. Today, the Dark Web has expanded into a hotbed for threat actors, who use Dark Web forums and apps to distribute malware and sell the fruits of their hacking activities.

As part of their campaign against the West, SiegedSec announced of their successful attack on NATO and leaking some valuable documents. The leak, as the group stated, included hundreds of sensitive documents from NATO’s COI portal, which were meant exclusively for NATO countries and partners. SiegedSec claims that their motive behind the attack is NATO’s alleged infringement on human rights.