It's been a bit quiet over the last 24 hours, but we've got one interesting story about a high-profile hacking group and a cybersecurity firm playing cat and mouse. Let's dive in:
ShinyHunters vs. Resecurity: Honeypot or Hack? 🎣
- The prominent ShinyHunters hacking group (also known as "Scattered Lapsus$ Hunters") claims to have breached cybersecurity firm Resecurity, alleging the theft of employee data, internal communications, threat intelligence, and client lists.
- Resecurity vehemently denies the breach, asserting that the systems accessed by ShinyHunters were a deliberately deployed honeypot filled with synthetic data, designed to attract and monitor the threat actors.
- The firm detailed how it observed the attackers' tactics, techniques, and infrastructure, collecting telemetry and even identifying attacker IP addresses, which it subsequently shared with law enforcement, leading to a subpoena request.
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/shinyhunters-claims-resecurity-hack-firm-says-its-a-honeypot/
#CyberSecurity #ThreatIntelligence #Honeypot #ShinyHunters #Resecurity #InfoSec #CyberAttack #IncidentResponse #ThreatActor
The ShinyHunters hacking group claims it breached the systems of cybersecurity firm Resecurity and stole internal data, while Resecurity says the attackers only accessed a deliberately deployed honeypot containing fake information used to monitor their activity.
Nissan Motor Co. confirms a data breach affecting 21,000 customers in Japan following a security incident at third-party vendor Red Hat. No financial data was stolen.
Read More: https://www.security.land/nissan-japan-data-breach-affects-21-000-fukuoka-customers/
#SecurityLand #Cybersecurity #DataBreach #RedHat #Nissan #Japan #CrimsonCollective #ThreatActor
It's been a bit quiet over the last 24 hours, so it'll be a short post today, but we do have a significant update on a long-standing Iranian threat actor. Let's dive in:
Iranian Infy APT Resurfaces with Advanced Tradecraft 🇮🇷
- The Iranian APT group Infy, also known as Prince of Persia, has resurfaced with new malware activity and updated tactics after nearly five years of silence, proving it remains active and dangerous.
- This elusive group, one of the oldest APTs dating back to 2004, is now using updated versions of its Foudre downloader and Tonnerre data exfiltrator, distributed via executables embedded in documents, targeting victims across multiple regions including Iran, Iraq, Turkey, India, Canada, and Europe.
- Key updates to their tradecraft include the use of a Domain Generation Algorithm (DGA) for resilient command-and-control (C2) infrastructure, RSA signature validation for C2 authenticity, and a unique mechanism within Tonnerre to communicate with a Telegram group for C2.
📰 The Hacker News | https://thehackernews.com/2025/12/iranian-infy-apt-resurfaces-with-new.html
#CyberSecurity #ThreatIntelligence #APT #NationState #Iran #Malware #Infy #PrinceOfPersia #InfoSec #CyberAttack #ThreatActor #TTPs
The Handala group claims to have identified 14 Israeli engineers working on military drone programs—and placed $30,000 bounties on each of them. Israeli security sources haven't verified the breach, but this represents a troubling shift: from targeting infrastructure to targeting individuals with financial incentives for real-world harm.
#SecurityLand #GeoSphere #Cybersecurity #Cybercrime #Israel #Iran #Handala #ThreatActor #Infosec
Read More: https://www.security.land/iranian-hacking-group-puts-30-000-bounties-on-israeli-defense-engineers/
The Handala hacking group claims to have exposed 14 Israeli engineers working on drone programs, offering $30,000 rewards for each. The threats follow attacks on politicians including Bennett, whose Telegram was compromised. Israeli security sources haven't verified the claims.
Chinese threat actors are weaponizing open-source tools for stealthier attacks — blurring lines between community innovation and covert operations. 🧰🐉 #OpenSourceSecurity #ThreatActor
https://thehackernews.com/2025/10/chinese-hackers-weaponize-open-source.html
Beamtin: Ich kann Sie nicht allein im Büro lassen. Sie könnten ja Akten klauen. Mein Chef ist da sehr dahinter.
Ich: Also wenn ich hier Akten klauen wollte, dann über das Internet.
Beamtin: Ja, so wie unsere IT aussieht, wäre das der bessere Weg
Ich: ....?!
#Degitalisierung #Datenschutzbubble #threatactor #Deutschlandsymbolbild #bmds
Stone Panda (APT 10) continues global espionage campaigns tied to China’s MSS.
🎯 Targets: healthcare, defense, academia
🛠️ Tools: Mimikatz, BloodHound, Impacket
🌍 Active in the U.S., UK, Japan, India & more
Espionage vs disruption — which do you see as their long-term mission?
Follow @technadu for continuous APT tracking.
#StonePanda #APT10 #CyberEspionage #ChinaAPT #ThreatActor #Cyble
DarkWebSonar
Bob Carver
SOC Goulash
Security Land
Matt Black
Manuel Bissey
C.Suthorn 
TechNadu