📌 AhnLab TIP Weekly Report – 3rd Week of August . 📶 Several telecom companies have recently fallen victim to ransomware. ⚠️ Anti-Israel hacktivist groups issued a warning against Saudi Arabia. 🔐 #Qilin listed a Korean financial firm and a construction company as victims

📌 AhnLab TIP Weekly Report – 2nd Week of August . 🪖 #WorldLeaks named a U.S. defense contractor as its latest victim. 🏨 A threat actor carried out multiple identity data leaks targeting European hotels. 🔐A new cyber threat group named Scattered Lapsus$ Hunters has emerged

🚨#SmartLoader malware has been recently found distributing malware through GitHub repositories that mimic legitimate projects. These include game cheats, software cracks, and automation tools. Stay cautious and always verify the source. Read more:

🚨Malware has been detected being distributed via Facebook ads targeting cryptocurrency users. Clicking the ad leads to a fake site, and malware is installed when users download files from it. Always check the website domain before downloading. 🔗

📌 AhnLab TIP Weekly Report – 1st Week of August . 🔒 New #ransomware groups including #BQTLock emerge, revealing numerous victims. 🌐 Korean web agency data #leaked, #Gunra claims theft targeting insurance company. 🏨 Customer ID scans from 4 European hotels leaked, being sold

📌 AhnLab TIP Weekly Report – 5th Week of July. 🚨The cybercrime forum #BreachForums, has resurfaced. 🏥Data leaked from a hospital in South Korea is being sold on a cybercrime forum. 📶Data from a Moldovan subsidiary of a French telecom firm is being sold on a cybercrime forum

🔎During the first half of 2025, many #ransomware groups have been actively opening new Dedicated Leak Sites. Among them, the #Gunra ransomware group, which was newly discovered in April,2025, is particularly notable. Check the execution flow of Gunra ransomware.

📌 AhnLab TIP Weekly Report – 4th Week of July 📌. 🌐 Pro-Russian hacktivist groups launched #DDoS attacks on German government sites.🗼 A French defense firm’s data is being sold on a cybercrime forum.🚔 The operator of cybercrime forum #XSS was arrested in Ukraine

🚨A newly modified version of #ACRStealer is being actively distributed. The information theft feature itself isn't significantly different but many detection evasion and analysis obstruction techniques have been applied. Read full analysis: #AhnLab #TI

📌 AhnLab TIP Weekly Report – 3rd Week of July. 🪖 Data from the Indonesian Ministry of Defense listed on a cybercrime forum. 🌐 Data from a Korean portal is being sold on two cybercrime forums. 🚔 Operation Eastwood led to the arrest of two members of Noname057(16)

📌 AhnLab TIP Weekly Report – 2nd Week of July. ⛔ Hunters International announced its shutdown. 🔐 New ransomware groups were seen this week including #PayoutsKing and #D4rk4rmy. 🚢 #Noname057(16) claimed to have stolen data from France’s largest naval defense firm.

🚨#XwormRAT has been confirmed to be distributed using steganography. The malware’s malicious behavior is difficult for users to detect, as it inserts malicious scripts into legitimate code. Be extra cautious when opening emails from unknown sources. 🔗

📌 AhnLab TIP Weekly Report – 1st Week of July 📌. 🔐 A new ransomware group, #Kawa4096, has emerged. ⚕️ Tonga’s Ministry of Health was attacked by #INCRANSOM. 🪙 User data from three crypto exchanges is being traded on two cybercrime forums. #Cybersecurity #Ransomware #TI

🚨Proxy installation attacks targeting poorly managed Linux servers using honeypots have been detected. The attacks uses legitimate tools like TinyProxy and Sing-box. Security measures such as brute-force protection and patching are recommended. Read more:

APT Group Tracking Report. AhnLab and the NCSC have released a tracking report of the TA-ShadowCricket. In this report, you’ll find:.🔹 Key Characteristics .🔹Attack process.🔹Damage Status.🔹Malware & Tools Used.🔹Response measures. Download full report:

📌 AhnLab TIP Weekly Report – 4th Week of June 📌. 🪖Military secrets from Taiwan, Iran, and Algeria are being sold and leaked.☢️Critical infrastructure and employee data from an Indian nuclear agency leaked.👮 French police arrested five key operators of #BreachForums . #TI