Cybercrime-Tool Atlantis AIO soll automatisierte Passwort-Attacken optimieren

Leider schläft die organisierte Onlinekriminalität nicht: Sicherheitsforscher sind mit Atlantis AIO auf ein mächtiges Werkzeug zum Kapern von Accounts gestoßen.

heise online
New Atlantis AIO platform automates credential stuffing on 140 services

A new cybercrime platform named 'Atlantis AIO' provides an automated credential stuffing service against 140 online platforms, including email services, e-commerce sites, banks, and VPNs.

BleepingComputer

Hey #CyberSecurity pros! 👋 Ready to dive into the latest threats and breaches making headlines?

Our latest blog post is packed with need-to-know info to keep you ahead of the curve.

🗞️ https://opalsec.io/daily-news-update-thursday-march-27-2025-australia-melbourne/

Here's a quick rundown of what's inside:

🕵️‍♂️ FamousSparrow's Return: The Chinese government-backed hacking group is back, targeting organizations in North America. Important distinction: ESET insists on tracking them separately from Salt Typhoon. Remember to prioritize TTPs and IOCs/IOAs accordingly!

🗄️ RedCurl's Ransomware Twist: This corporate espionage group is now deploying "QWCrypt" ransomware, targeting Hyper-V servers. Phishing emails with malicious IMG attachments are the initial attack vector.

😬 StreamElements Data Breach: A third-party service provider suffered a breach, exposing data of 210,000 customers.!

🏛️ NSW Court System Data Theft: Sensitive documents, including AVOs, were stolen from the NSW Online Registry website. This could have serious consequences for victims of domestic violence.

👨‍🎓 NYU Website Defacement: A hacker compromised NYU's website, leaking personal data of over 1 million students. Even with good intentions, the collateral damage is unacceptable.

💰 Defense Contractor Fined: MORSE Corp will pay millions for failing to meet federal cybersecurity requirements. Third-party risk management is crucial!

🤖 Atlantis AIO Automates Credential Stuffing: This new platform automates credential stuffing attacks against 140 online services. Stay vigilant against brute force attacks!

🚨 Chrome Zero-Day Exploited: Google patched a zero-day vulnerability exploited in espionage campaigns targeting Russian organizations. Keep your browsers updated!

👦 UK Warns of 'Com Networks': The UK's NCA is warning of a growing threat from online networks of teenage boys who are "dedicated to inflicting harm and committing a range of criminality." A very worrying trend that we need to be aware of.

Ready for the full scoop? Read the full blog post here 👉 https://opalsec.io/daily-news-update-thursday-march-27-2025-australia-melbourne/

#Cybersecurity #InfoSec #DataBreach #Ransomware #ThreatIntelligence #DataPrivacy #ZeroDay #FamousSparrow #RedCurl #StreamElements #NSWCourts #NYU #MORSECorp #AtlantisAIO #Chrome #ComNetworks #SecurityNews #CybersecurityThreats #InfoSecurity #CyberAttack #DataSecurity #PrivacyMatters #Vulnerability #Cybercrime #ThreatActor #ESET #SaltTyphoon #NIST #ZeroTrust #SaltTyphoon #CriticalInfrastructure

Daily News Update: Thursday, March 27, 2025 (Australia/Melbourne)

Audio Summary: Thursday, March 27, 2025 (Australia/Melbourne)0:00/292.1521× Chinese ‘FamousSparrow’ Hackers Resurface The Chinese government-backed hacking group FamousSparrow, thought to be dormant since 2022, has allegedly been targeting organisations in the U.S., Mexico, and Honduras. ESET researchers discovered suspicious activity on a U.S. trade

Opalsec
Automatic Hacking Machine Uses Millions Of Stolen Passwords To Attack

Protect your email, VPN, streaming and even food delivery accounts now.

Forbes