The attack group (ransomware) INC Ransom has published Ramet Ltd. as a victim.
Ramet Ltd. is one of the largest and leading construction and industry companies in Israel, specializing in residential development, infrastructure (bridging and tunneling), logistics centers, commerce, and fortification.
The group has taken a clear political stance and is not motivated solely by financial gain.
Ramet Ltd. is one of the largest and leading construction and industry companies in Israel, specializing in residential development, infrastructure (bridging and tunneling), logistics centers, commerce, and fortification.
The group has taken a clear political stance and is not motivated solely by financial gain.
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
מתקפות סייבר במסגרת המבצע נגד ישראל
המגמה נמשכה גם ביום השני למבצע, עם עלייה משמעותית במספר המתקפות.
רוב המתקפות היו מתקפות DDoS קצרות אך משמעותיות. בחלק מהמקרים בוצעה גם השחתה של אתרי אינטרנט ישראלים שונים.
בסך הכל, מדובר בעלייה משמעותית של למעלה מ-1,000% בהשוואה לימים שטרם תחילת המבצע.
@TheGhostsITM
המגמה נמשכה גם ביום השני למבצע, עם עלייה משמעותית במספר המתקפות.
רוב המתקפות היו מתקפות DDoS קצרות אך משמעותיות. בחלק מהמקרים בוצעה גם השחתה של אתרי אינטרנט ישראלים שונים.
בסך הכל, מדובר בעלייה משמעותית של למעלה מ-1,000% בהשוואה לימים שטרם תחילת המבצע.
@TheGhostsITM
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
קבוצת הנדלה פרצה לחברת האנרגיה "הזדמנות ישראלית".
הזדמנות ישראלית עוסקת בחיפוש, פיתוח והפקה של נפט וגז (נסחרת בבורסה).
@TheGhostsITM
הזדמנות ישראלית עוסקת בחיפוש, פיתוח והפקה של נפט וגז (נסחרת בבורסה).
@TheGhostsITM
A new Google Chrome flaw (CVE-2026-0628, CVSS 8.8) could let a malicious extension inject code into the Gemini side panel due to weak WebView policy enforcement.
Successful exploitation enabled privilege escalation and potential access to the camera, microphone, screenshots, and local files.
Successful exploitation enabled privilege escalation and potential access to the camera, microphone, screenshots, and local files.
Four Core Members of Hacktivist Group 'Anonymous Fénix' Arrested for Cyber Attacks on Public Organizations by Spain's Guardia Civil (Civil Guard).
Forwarded from 𓂆 Palestine
Amazon says drone strikes hit data centers in UAE & Bahrain, disrupting cloud services
Amazon said on Monday that several of its data centers in the UAE and Bahrain were hit by drone attacks, leading to interruptions in cloud operations and a recovery process it described as "prolonged".
"In the UAE, two of our facilities were directly struck, while in Bahrain, a drone strike in close proximity to one of our facilities caused physical impact to our infrastructure," Amazon’s cloud division, Amazon Web Services (AWS), said in a notice on its status page.
"These strikes have caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage," AWS said.
An attack on the UAE site represents the first known instance of a major US technology company’s data center being affected by military action.
Amazon said on Monday that several of its data centers in the UAE and Bahrain were hit by drone attacks, leading to interruptions in cloud operations and a recovery process it described as "prolonged".
"In the UAE, two of our facilities were directly struck, while in Bahrain, a drone strike in close proximity to one of our facilities caused physical impact to our infrastructure," Amazon’s cloud division, Amazon Web Services (AWS), said in a notice on its status page.
"These strikes have caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage," AWS said.
An attack on the UAE site represents the first known instance of a major US technology company’s data center being affected by military action.
Forwarded from ᴛʜᴇ ɢʜᴏꜱᴛ ɪɴ ᴛʜᴇ ᴍᴀᴄʜɪɴᴇ
Amazon: Three drones from Iran hit our facilities in the United Arab Emirates and Bahrain, causing disruptions to regular operations.
@TheGhostsITM
@TheGhostsITM
U.S. intelligence warns of large-scale cyber risks: May continue targeting U.S. and allied forces across the Middle East.
OptimizerAI Database Leaked With 118,000 User Records and 1.1 Million AI Generated Sounds.
A new phishing wave uses malicious OAuth apps to bypass email and browser defenses, #Microsoft warns.
Victims click links tied to fake app scopes, get redirected through legitimate identity providers, and end up downloading ZIP files that trigger PowerShell, MSI installs, and DLL sideloading.
Victims click links tied to fake app scopes, get redirected through legitimate identity providers, and end up downloading ZIP files that trigger PowerShell, MSI installs, and DLL sideloading.
A command-injection bug in VMware Aria Operations is now in CISA’s KEV catalog.
The flaw — CVE-2026-22719 (CVSS 8.1) — could let unauthenticated attackers run arbitrary commands during migration workflows.
The flaw — CVE-2026-22719 (CVSS 8.1) — could let unauthenticated attackers run arbitrary commands during migration workflows.
Hackers deployed modified Havoc C2 after posing as IT support.
They spam-bombed targets, called them directly to gain remote access, sent victims to a fake Outlook “anti-spam” page to steal credentials, then used DLL sideloading and legit RMM tools to move to nine endpoints in 11 hours.
They spam-bombed targets, called them directly to gain remote access, sent victims to a fake Outlook “anti-spam” page to steal credentials, then used DLL sideloading and legit RMM tools to move to nine endpoints in 11 hours.
600+ FortiGate devices breached in an AI-assisted campaign.
Team Cymru traced it to #CyberStrikeAI, an open-source Go tool bundling 100+ security utilities, run from 21 IPs across Asia and beyond.
The maintainer shows ties to #China’s vulnerability ecosystem.
Team Cymru traced it to #CyberStrikeAI, an open-source Go tool bundling 100+ security utilities, run from 21 IPs across Asia and beyond.
The maintainer shows ties to #China’s vulnerability ecosystem.
A new phishing suite called "Starkiller" proxies real login pages to bypass MFA.
It runs headless Chrome in Docker, loads the legitimate site, and relays everything live. Keystrokes and session tokens pass through attacker infrastructure, enabling account takeover.
It runs headless Chrome in Docker, loads the legitimate site, and relays everything live. Keystrokes and session tokens pass through attacker infrastructure, enabling account takeover.