Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Cybercriminals targeting the legal sector

Cybercrime targeting law firms has surged by 77% in the past year, raising significant concerns for the legal sector. The frequency, nature, and motivations of these attacks are evolving, putting law firms in a vulnerable position. Due to the sensitive nature of their data and high stakes, law firms are frequent targets for financially motivated cybercriminals, hacktivists, and even state-sponsored groups.

Living Up to Its Name: Alleged Extortion Group LeakedData Begins to Leak Data

Data leaks sites (DLSs) commonly debut with a small number of claimed victims. When Cyjax discovered them, newly found DLSs for extortion groups FunkSec and Kairos claimed 11 and six victims, respectively. In contrast, a newly identified possible extortion group which aptly calls itself ’LeakedData’ has emerged onto the scene with an alleged total of 41 victims.

Stealer Malware and Stealer Logs Explained

Stealer logs and the infostealers that harvest them form a key part of the threat landscape and cybercriminal ecosystem. Infostealers, which are also referred to as stealer malware, are deployed by threat actors to facilitate data theft from compromised devices. This data typically contains sensitive and valuable personal information including credentials, hardware or software information, IP addresses, browser cookies, and more.

Meta's impact on fraud and scams

Cyjax’s open-source intelligence team has recently conducted an investigation into Meta’s impact on fraud and scams with regards to advertisements. The investigation consisted of extensive research and data collection from dark web sources, closed and open chats, social media platforms, marketplaces, and threat actor marketing forums.

Phreak Out!: New Bluebox Extortion Group DLS Emerges

Another week, another extortion group data-leak site emerges. Cyjax has continued to observe the emergence of data-leak sites (DLSs) for extortion and ransomware groups. New groups FunkSec, ContFR, Argonauts, Kairos, Chort, and Termite appeared in December and November 2024 alone, bringing this year’s total up to 69. On 11 December 2024, Cyjax identified the emergence of a Tor-based DLS belonging to a new data-leak extortion group going by the name ’Bluebox’.

Take Me Down to Funksec Town: Funksec Ransomware DLS Emergence

Cyjax has continued to observe the emergence of data-leak sites (DLSs) for extortion and ransomware groups, with ContFR, Argonauts, Kairos, Chort, and Termite, appearing November 2024 alone. Cyjax has identified the emergence of a Tor-based DLS belonging to a new, self-called “cybercrime group” named ‘Funksec’. This group has claimed 11 victims so far and advertises a free Distributed Denial-of-Service (DDoS) tool.

Don't Get Golden Fleeced: New Argonauts Extortion Group Emerges

Following the emergence of data-leak sites (DLSs) for new extortion groups Kairos, Chort, Termite, and CONTfr, Cyjax has observed a DLS for a group going by the name ’Argonauts Group’. This group has claimed 10 victims so far. This brings the total of new DLSs discovered this month to seven, with a few days remaining in November.

ContFRaversy in Ransomland: Tor-based site emerges for new French-speaking RaaS operation "ContFR"

Following the emergence of data-leak sites (DLSs) for extortion groups Kairos, Chort, and Termite, Cyjax has observed the emergence of a Tor-based site belonging to a new French-speaking Ransomware-as-a-Service (RaaS) operation called ’ContFR’. ContFR is potentially referencing well-known ransomware group Conti, whilst incorporating a reference to France.