Recherche : [Active] - Cyberveille

Active Subscription Scam Campaigns Flooding the Internet https://www.bitdefender.com/en-us/blog/labs/active-subscription-scam-campaigns-flooding-the-internet

02/05/2025 11:52:38

Bitdefender researchers have uncovered a surge in subscription scams, both in scale and sophistication, spurred by a massive campaign involving hundreds of fraudulent websites.

Incredibly convincing websites, selling everything from shoes and clothes to diverse electronics, are tricking people into paying monthly subscriptions and willingly give away credit card data.
Many of the websites are linked to a single address in Cyprus, likely home to an offshore company.
The scam encompassed more than 200 different websites, including many that are still up and running.
Criminals create Facebook pages and take out full ads to promote the already classic "mystery box" scam and other variants.
The "mystery box" scam has evolved and now includes almost hidden recurring payments, alongside links to websites to various shops.
Facebook is used as the main platform for these new and enhanced mystery box scams
Content creators are being impersonated to promote mystery boxes or fraudster create new pages that look a lot like the originals.

It takes two: The 2025 Sophos Active Adversary Report https://news.sophos.com/en-us/2025/04/02/2025-sophos-active-adversary-report/?amp=1

02/04/2025 18:21:42

The dawn of our fifth year deepens our understanding of the enemies at the gate, and some tensions inside it; plus, an anniversary gift from us to you

Active Exploitation of Zero-day Zyxel CPE Vulnerability (CVE-2024-40891) https://www.greynoise.io/blog/active-exploitation-of-zero-day-zyxel-cpe-vulnerability-cve-2024-40891?is=09685296f9ea1fb2ee0963f2febaeb3a55d8fb1eddbb11ed4bd2da49d711f2c7

01/02/2025 10:25:11

After identifying a significant overlap between IPs exploiting CVE-2024-40891 and those classified as Mirai, the team investigated a recent variant of Mirai and confirmed that the ability to exploit CVE-2024-40891 has been incorporated into some Mirai strains.

‍GreyNoise is observing active exploitation attempts targeting a zero-day critical command injection vulnerability in Zyxel CPE Series devices tracked as CVE-2024-40891. At this time, the vulnerability is not patched, nor has it been publicly disclosed. Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration. At publication, Censys is reporting over 1,500 vulnerable devices online.

CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/

30/03/2023 09:04:31

What Happened On March 29, 2023, Falcon OverWatch observed unexpected malicious activity emanating from a legitimate …

Liens par page

Filtres