NCSA Webboard
    • ล่าสุด
    • แท็ก
    • ฮิต
      • ติดต่อสำนักงาน
    • ลงทะเบียน
    • เข้าสู่ระบบ

    Cyber Threat Intelligence 05 August 2025

    Cyber Security News
    1
    1
    303
    โหลดโพสเพิ่มเติม
    • เก่าสุดไปยังใหม่สุด
    • ใหม่สุดไปยังเก่าสุด
    • Most Votes
    ตอบ
    • ตอบโดยตั้งกระทู้ใหม่
    เข้าสู่ระบบเพื่อตอบกลับ
    Topic นี้ถูกลบไปแล้ว เฉพาะผู้ใช้งานที่มีสิทธิ์ในการจัดการ Topic เท่านั้นที่จะมีสิทธิ์ในการเข้าชม
    • NCSA_THAICERTN
      NCSA_THAICERT
      แก้ไขล่าสุดโดย

      Financial Sector

      • FinCEN Issues Notice On The Use Of Convertible Virtual Currency Kiosks For Scam Payments And Other Illicit Activity
        "Today, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a Notice urging financial institutions to be vigilant in identifying and reporting suspicious activity involving convertible virtual currency (CVC) kiosks. While CVC kiosks can be a simple and convenient way for consumers to access CVC, they are also exploited by illicit actors, including scammers. The risk of illicit activity is exacerbated if CVC kiosk operators fail to meet their obligations under the Bank Secrecy Act (BSA)."
        https://www.fincen.gov/news/news-releases/fincen-issues-notice-use-convertible-virtual-currency-kiosks-scam-payments-and
        https://www.fincen.gov/sites/default/files/shared/FinCEN-Notice-CVCKIOSK.pdf
        https://therecord.media/crypto-atms-fueling-cybercrime

      New Tooling

      • Open-Source Password Recovery Utility Hashcat 7.0.0 Released
        "Hashcat is an open-source password recovery tool that supports five attack modes and more than 300 highly optimized hashing algorithms. It runs on CPUs, GPUs, and other hardware accelerators across Linux, Windows, and macOS, and includes features for distributed password cracking at scale."
        https://www.helpnetsecurity.com/2025/08/04/hashcat-open-source-password-recovery-7-0-0-released/
        https://github.com/hashcat/hashcat

      Vulnerabilities

      • Several Vulnerabilities Patched In AI Code Editor Cursor
        "A vulnerability in the AI code editor Cursor allowed remote attackers to exploit an indirect prompt injection issue to modify sensitive MCP files and execute arbitrary code. Tracked as CVE-2025-54135 (CVSS score of 8.6), the flaw existed because Cursor did not require user approval when creating a sensitive MCP file. The security defect allowed an attacker to write a dotfile, such as the .cursor/mcp.json file, through an indirect prompt injection, and then trigger remote code execution (RCE) without the user’s approval."
        https://www.securityweek.com/several-vulnerabilities-patched-in-ai-code-editor-cursor/
        https://github.com/cursor/cursor/security/advisories/GHSA-4cxx-hrm3-49rm
      • Breaking NVIDIA Triton: CVE-2025-23319 - A Vulnerability Chain Leading To AI Server Takeover
        "The Wiz Research team has discovered a chain of critical vulnerabilities in NVIDIA's Triton Inference Server, a popular open-source platform for running AI models at scale. When chained together, these flaws can potentially allow a remote, unauthenticated attacker to gain complete control of the server, achieving remote code execution (RCE). This attack path originates in the server's Python backend and starts with a minor information leak that cleverly escalates into a full system compromise. This poses a critical risk to organizations using Triton for AI/ML, as a successful attack could lead to the theft of valuable AI models, exposure of sensitive data, manipulating the AI model's responses and a foothold for attackers to move deeper into a network."
        https://www.wiz.io/blog/nvidia-triton-cve-2025-23319-vuln-chain-to-ai-server
        https://thehackernews.com/2025/08/nvidia-triton-bugs-let-unauthenticated.html
        https://www.darkreading.com/vulnerabilities-threats/nvidia-patches-critical-rce-vulnerability-chain
        https://www.securityweek.com/nvidia-triton-vulnerabilities-pose-big-risk-to-ai-models/
      • LegalPwn Attack Tricks GenAI Tools Into Misclassifying Malware As Safe Code
        "A new and unique cyberattack, dubbed LegalPwn, has been discovered by researchers at Pangea Labs, an AI security firm. This attack leverages a flaw in the programming of major generative AI tools, successfully tricking them into classifying dangerous malware as safe code. The research, shared with Hackread.com, reveals that these AI models, which are trained to respect legal-sounding text, can be manipulated by social engineering. The LegalPwn technique works by hiding malicious code within fake legal disclaimers. According to the research, twelve major AI models were tested, and most were found to be susceptible to this form of social engineering."
        https://hackread.com/legalpwn-attack-genai-tools-misclassify-malware-safe-code/
        https://info.pangea.cloud/hubfs/research-report/legalpwn.pdf
      • Proton Fixes Authenticator Bug Leaking TOTP Secrets In Logs
        "Proton fixed a bug in its new Authenticator app for iOS that logged users' sensitive TOTP secrets in plaintext, potentially exposing multi-factor authentication codes if the logs were shared. Last week, Proton released a new Proton Authenticator app, which is a free standalone two-factor authentication (2FA) application for Windows, macOS, Linux, Android, and iOS. The app is used to store multi-factor authentication TOTP secrets that can be used to generate one-time passcodes for authentication on websites and applications."
        https://www.bleepingcomputer.com/news/security/proton-fixes-authenticator-bug-leaking-totp-secrets-in-logs/
      • Gen 7 SonicWall Firewalls – SSLVPN Recent Threat Activity
        "Over the past 72 hours, there has been a notable increase in both internally and externally reported cyber incidents involving Gen 7 SonicWall firewalls where SSLVPN is enabled. This includes threat activity highlighted by third-party cybersecurity research teams such as:"
        https://www.sonicwall.com/support/notices/gen-7-sonicwall-firewalls-sslvpn-recent-threat-activity/250804095336430
        https://therecord.media/sonicwall-possible-zero-day-gen-7-firewalls-ssl-vpn
        https://www.theregister.com/2025/08/04/sonicwall_investigates_cyber_incidents/
      • Google Addresses Six Vulnerabilities In August’s Android Security Update
        "Google addressed six vulnerabilities affecting Android devices in its August security update, marking a months-long lull in the number of software defects disclosed and patched in the mobile operating system this summer. The company issued no security patches in its update last month. Yet, monthly Android security bulletins typically address dozens of vulnerabilities. Google’s Android security update covered 34 vulnerabilities in June, 47 defects in May, 62 in April and 43 in March."
        https://cyberscoop.com/android-security-update-august-2025/

      Malware

      • Active Exploitation Of Microsoft SharePoint Vulnerabilities: Threat Brief (Updated July 31)
        "An investigation into ToolShell exploitation revealed the deployment of 4L4MD4R ransomware, a variant of the open-source Mauri870 ransomware. A failed exploitation attempt on July 27, 2025, involving an encoded PowerShell command, led to the discovery of a loader designed to download and execute the ransomware from hxxps://ice.theinnovationfactory[.]it/static/4l4md4r.exe (145.239.97[.]206). The PowerShell command attempted to disable real-time monitoring and bypass certificate validation. Full details are in the Scope of Attack section."
        https://unit42.paloaltonetworks.com/microsoft-sharepoint-cve-2025-49704-cve-2025-49706-cve-2025-53770/#post-147463-_50343o6a6han
        https://www.bleepingcomputer.com/news/security/ransomware-gangs-join-attacks-targeting-microsoft-sharepoint-servers/
      • Warning: Phishing Campaign Detected
        "The developer community should be aware we’ve detected a phishing campaign targeting AMO (addons.mozilla.org) accounts. Add-on developers should exercise extreme caution and scrutiny when receiving emails claiming to be from Mozilla/AMO. Phishing emails typically state some variation of the message “Your Mozilla Add-ons account requires an update to continue accessing developer features.” In order to protect yourself and keep your AMO account secure, we strongly recommend that you:"
        https://blog.mozilla.org/addons/2025/08/01/warning-phishing-campaign-detected/
        https://www.bleepingcomputer.com/news/security/mozilla-warns-of-phishing-attacks-targeting-add-on-developers/
        https://www.theregister.com/2025/08/04/mozilla_add_on_phishing/
      • PlayPraetor's Evolving Threat: How Chinese-Speaking Actors Globally Scale An Android RAT
        "In June 2025, the Cleafy Threat Intelligence team investigated a large-scale fraud campaign leveraging PlayPraetor, an Android RAT that facilitates On-Device Fraud (ODF) by giving operators complete real-time control over compromised devices. The PlayPraetor campaign, initially detailed by CTM360, has been active for several months, strategically impersonating legitimate Google Play Store pages to trick victims into downloading malicious applications. Cleafy's investigation has revealed the underlying Malware-as-a-Service (MaaS) operation carried out by TAs, which has infected over 11,000 devices globally in less than three months."
        https://www.cleafy.com/cleafy-labs/playpraetors-evolving-threat-how-chinese-speaking-actors-globally-scale-an-android-rat
        https://thehackernews.com/2025/08/playpraetor-android-trojan-infects.html
        https://securityaffairs.com/180760/malware/playpraetor-android-rat-expands-rapidly-across-spanish-and-french-speaking-regions.html
      • Android Malware Targets Indian Banking Users To Steal Financial Info And Mine Crypto
        "McAfee’s Mobile Research Team discovered a new Android malware campaign targeting Hindi-speaking users, mainly in India. The malware impersonates popular Indian financial apps, including SBI Card, Axis Bank, and IndusInd Bank, and is distributed through phishing websites that are continuously being created. What makes this campaign unique is its dual-purpose design: it steals personal and financial information while also silently mining Monero cryptocurrency using XMRig, which is triggered via Firebase Cloud Messaging (FCM). It also abuses user trust by pretending to be a legitimate app update from Google Play."
        https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-malware-targets-indian-banking-users-to-steal-financial-info-and-mine-crypto/
      • CTM360 Spots Malicious ‘ClickTok’ Campaign Targeting TikTok Shop Users
        "CTM360 has discovered a new global malware campaign dubbed "ClickTok" that spreads the SparkKitty spyware through fake TikTok shops to steal cryptocurrency wallets and drain funds. The unique spyware trojan discovered by CTM360 is specifically engineered to exploit TikTok Shop users across the globe. Dubbed as “ClickTok”, this highly coordinated scam operation employs a hybrid scam model that combines phishing and malware to deceive buyers and affiliate program participants on TikTok’s growing e-commerce platform."
        https://www.bleepingcomputer.com/news/security/ctm360-spots-malicious-clicktok-campaign-targeting-tiktok-shop-users/
        https://www.ctm360.com/reports/clicktok-tiktok-shop-scam-report
      • Ghost In The Zip | New PXA Stealer And Its Telegram-Powered Ecosystem
        "In close partnership, Beazley Security and SentinelLABS have uncovered a large-scale, ongoing infostealer campaign built around the Python-based PXA Stealer. Initially surfacing in late 2024, this threat has since matured into a highly evasive, multi-stage operation driven by Vietnamese-speaking actors with apparent ties to an organized cybercriminal Telegram-based marketplace that sells stolen victim data. Throughout 2025, these actors have continuously refined their delivery mechanisms and evasion strategies. Most notably, they’ve adopted novel sideloading techniques involving legitimate signed software (such as Haihaisoft PDF Reader and Microsoft Word 2013), concealed malicious DLLs, and embedded archives disguised as common file types. These campaigns use elaborate staging layers that obscure their purpose and delay detection by endpoint tools and human analysts alike."
        https://www.sentinelone.com/labs/ghost-in-the-zip-new-pxa-stealer-and-its-telegram-powered-ecosystem/
        https://thehackernews.com/2025/08/vietnamese-hackers-use-pxa-stealer-hit.html
        https://cyberscoop.com/highly-evasive-vietnamese-speaking-hackers-stealing-data-from-thousands-of-victims-in-62-nations/
        https://www.infosecurity-magazine.com/news/ghost-zip-behind-pxa-stealer/
        https://www.theregister.com/2025/08/04/pxa_stealer_4000_victims/
      • Think Before You Click: EPI PDF’s Hidden Extras
        "PDF converting software can be super helpful. Whether you’re turning a Word document into a PDF or merging files into one neat package, these tools save time and make life easier. But here’s something many people don’t realize — some of these free PDF tools come with hidden baggage. When you install them, they might also sneak in a new search engine, browser extension, or change your homepage without clearly asking for permission."
        https://www.mcafee.com/blogs/other-blogs/mcafee-labs/think-before-you-click-epi-pdfs-hidden-extras/
      • Tracking Updates To Raspberry Robin
        "Raspberry Robin, also known as Roshtyak, is a malicious downloader that has been actively targeting systems since 2021 and primarily spreads through infected USB devices. Despite limited public reporting, Raspberry Robin continues to evolve and adopt new techniques to improve its functionality and evade detection. Further insights into Raspberry Robin are available in our previous technical analysis. In this blog, we outline the latest updates to Raspberry Robin, including improved obfuscation methods, a shift from AES-CTR to ChaCha-20 for network encryption, a new local privilege escalation exploit (CVE-2024-38196), and the use of invalid TOR onion domains to complicate the process of extracting Indicators of Compromise (IOCs)."
        https://www.zscaler.com/blogs/security-research/tracking-updates-raspberry-robin
      • Microsoft Direct Send Phishing Attacks Explained
        "Barracuda security analysts recently detected a phishing campaign that leverages the Microsoft 365 Direct Send feature to bypass email security features. This is a large-scale attack that abuses a legitimate Microsoft 365 feature to impersonate internal communications. See the Barracuda Security Advisory and the Cybersecurity Threat Advisory for technical details on this attack."
        https://blog.barracuda.com/2025/08/04/securing-microsoft-direct-send
      • Exploiting Direct Send: Attackers Abuse Microsoft 365 To Deliver Internal Phishing Attacks
        "Proofpoint identified an active phishing campaign exploiting Microsoft 365 Direct Send, which delivered spoofed messages that appeared as internal emails. The threat actor used unsecured third-party email security appliances as an SMTP relay and VPS assets for message injection. In many cases, Microsoft marked the messages as spoof attempts based on composite authentication failures. Unfortunately, the messages were still delivered to users’ junk folders, allowing the payloads to reach end users."
        https://www.proofpoint.com/us/blog/email-and-cloud-threats/attackers-abuse-m365-for-internal-phishing
        https://hackread.com/hackers-microsoft-365-direct-send-internal-phishing-emails/
      • Qilin Responds To The Accusations: “We Don’t Scam Our Affiliates”
        "The ransomware group Qilin, previously known as Agenda until 2023, is one of the most established and structured collectives in the ransomware-as-a-service (RaaS) ecosystem. After operating under the Agenda name in its early stages, the group gradually rebranded, consolidating its infrastructure and positioning itself as a long-standing player in the cybercriminal landscape. Qilin offers its affiliates a comprehensive toolkit: customizable encryption modules, advanced control panels, automated data exfiltration systems, DDoS capabilities, and negotiation management tools. Among its most recent innovations is a feature called “Call Lawyer,” designed to increase psychological pressure on victims by simulating legal support during ransom negotiations. This business-like approach, along with a carefully crafted internal communication style, has helped the group build a reputation for “professionalism” even within criminal circles."
        https://www.suspectfile.com/qilin-responds-to-the-accusations-we-dont-scam-our-affiliates/

      Breaches/Hacks/Leaks

      • Northwest Radiologists Data Breach Impacts 350,000 Washingtonians
        "Bellingham, Washington-based radiology practice Northwest Radiologists is notifying roughly 350,000 Washington State residents that their personal information was compromised in a data breach. The incident occurred on January 25, 2025, when certain systems were impacted by a “network disruption”, the radiology services provider says. The incident was initially disclosed in March, when the organization revealed that protected health information (PHI) stored on the affected systems was potentially impacted."
        https://www.securityweek.com/northwest-radiologists-data-breach-impacts-350000-washingtonians/
        https://securityaffairs.com/180772/data-breach/northwest-radiologists-data-breach-hits-350000-in-washington.html
      • Fashion Giant Chanel Hit In Wave Of Salesforce Data Theft Attacks
        "French fashion giant Chanel is the latest company to suffer a data breach in an ongoing wave of Salesforce data theft attacks. Chanel says the breach was first detected on July 25th after threat actors gained access to a Chanel database hosted at a third-party service provider, as first reported by WWD. The breach only impacted customers in the United States and exposed personal contact information."
        https://www.bleepingcomputer.com/news/security/fashion-giant-chanel-hit-in-wave-of-salesforce-data-theft-attacks/
      • Hacking Group D4rk4rmy Claimed The Hack Of Monte-Carlo Société Des Bains De Mer
        "The cybercrime group D4rk4rmy claimed the hack of Monte-Carlo Société des Bains de Mer (SBM). The company is Monaco’s premier luxury hospitality group, established in 1863. It operates iconic properties like the Casino de Monte-Carlo and Hôtel de Paris, playing a key role in shaping Monaco’s global image of elegance and exclusivity. Serving elite clientele, SBM spans gaming, hotels, fine dining, and entertainment. The Monegasque government holds a majority stake in the company. D4rk4rmy added the Monte-Carlo Société des Bains de Mer (SBM) to the list of victims on its Tor dark web leak site."
        https://securityaffairs.com/180780/cyber-crime/hacking-group-d4rk4rmy-claimed-the-hack-of-monte-carlo-societe-des-bains-de-mer.html

      General News

      • CrowdStrike Investigated 320 North Korean IT Worker Cases In The Past Year
        "North Korean operatives seeking and gaining technical jobs with foreign companies kept CrowdStrike busy, accounting for almost one incident response case or investigation per day in the past year, the company said in its annual threat hunting report released Monday. “We saw a 220% year-over-year increase in the last 12 months of Famous Chollima activity,” Adam Meyers, senior vice president of counter adversary operations, said during a media briefing about the report."
        https://cyberscoop.com/crowdstrike-north-korean-operatives/
        https://www.crowdstrike.com/en-us/resources/reports/threat-hunting-report/
        https://www.darkreading.com/remote-workforce/threat-actors-leaning-genai-tools
        https://www.infosecurity-magazine.com/news/cloud-intrusions-skyrocket/
      • AIBOMs Are The New SBOMs: The Missing Link In AI Risk Management
        "In this Help Net Security interview, Marc Frankel, CEO at Manifest Cyber, discusses how overlooked AI-specific risks, like poisoned training data and shadow AI, can lead to security issues that conventional tools fail to detect. He explains how AI Bills of Materials (AIBOMs) extend SBOMs to provide transparency into datasets, model weights, and third-party integrations, improving governance and incident response. Frankel also outlines the steps organizations must take to achieve executive-grade visibility and maintain AI supply chain hygiene."
        https://www.helpnetsecurity.com/2025/08/04/marc-frankel-manifest-cyber-aiboms-sboms/
      • The Surprising Truth About Identity Security Confidence
        "Organizations most confident in their identity security are often the least prepared, according to a new report from BeyondID. The study reveals a troubling gap between what organizations believe about their identity security programs and how they actually behave. Surprisingly, those expressing the highest confidence are adopting fewer best practices than their more cautious peers."
        https://www.helpnetsecurity.com/2025/08/04/ciso-identity-security-confidence-gap/
      • What’s Keeping Risk Leaders Up At Night? AI, Tariffs, And Cost Cuts
        "Enterprise risk leaders are most concerned about rising tariffs and trade tensions heading into the second half of 2025, according to a new report from Gartner. The firm’s second-quarter Emerging Risk Report, based on a survey of 223 senior risk, audit, and compliance executives, ranks the escalating trade war as the top emerging risk, up from third in the first quarter."
        https://www.helpnetsecurity.com/2025/08/04/gartner-emerging-enterprise-risk-2025/
      • The Wild West Of Shadow IT
        "Everyone's an IT decision-maker now. The employees in your organization can install a plugin with just one click, and they don't need to clear it with your team first. It's great for productivity, but it's a serious problem for your security posture. When the floodgates of SaaS and AI opened, IT didn't just get democratized, its security got outpaced. Employees are onboarding apps faster than security teams can say, "We need to check this out first." The result is a sprawling mess of shadow IT, embedded AI, and OAuth permissions that would make any CISO break into a cold sweat. Here are five ways IT democratization can undermine your organization's security posture and how to prevent it from doing so."
        https://thehackernews.com/2025/08/the-wild-west-of-shadow-it.html
      • When Hyperscalers Can’t Safeguard One Nation’s Data From Another, Dark Clouds Are Ahead
        "The details of cloud data regionalization are rarely the stuff of great drama. When they’ve reached the level of an exe admitting to the Senate that a foreign power can help itself to that nations data, no matter where it lives, things get interesting. It was the French Senate, Microsoft France’s director of public and legal affairs, and the foreign nation? The USA. This is a great story, but it’s not really news. Microsoft’s strategy to pacify EU data sovereignty unease has been to offer a special Cloud for Sovereignty service girded with special contractual promises. Topped off with an extra-special pledge of stiff legal resistance if Washington approaches with the can-opener. This is all doubtless true, but as a plausible guarantee of data safety, skepticism is too week a word. It compares poorly to sheltering from an atomic blast by hiding in a fridge."
        https://www.theregister.com/2025/08/04/when_hyperscalers_cant_safeguard_one/
      • What Is The Role Of Provable Randomness In Cybersecurity?
        "Random numbers are the cornerstone of cryptographic security — cryptography depends on generating random keys. As organizations adopt quantum-resistant algorithms, it's equally important to examine the randomness underpinning them"
        https://www.darkreading.com/endpoint-security/what-is-the-role-of-provable-randomness-in-cybersecurity-
      • Web-Based AI Usage Surge Shifts Global Internet Traffic Patterns
        "A significant increase in web traffic to AI-related websites has marked a shift in how users interact with artificial intelligence. Traffic to AI tool platforms rose from 7 billion visits in February 2024 to 10.53 billion in January 2025 (a 50% increase) according to new findings from Menlo Security. This shift is mainly due to the continued reliance on browsers to access generative AI (GenAI) tools. While some AI deployments have transitioned to desktop or private applications, approximately 80% of generative AI (GenAI) usage still occurs within browsers."
        https://www.infosecurity-magazine.com/news/web-ai-usage-shifts-internet/
      • Turning Human Vulnerability Into Organizational Strength
        "At the epicenter of the dynamic threat landscape, a persistent and effective attack vector remains stubbornly entrenched: phishing. While technical defenses advance, threat actors are doubling down on exploiting human nature, making phishing not just a threat, but a full-blown epidemic demanding urgent countermeasures."
        https://www.darkreading.com/vulnerabilities-threats/human-vulnerability-organizational-strength
      • Malicious Packages Across Open-Source Registries: Detection Statistics And Trends (Q2 2025)
        "In this previous blog, Fortiguard Labs highlighted a growing trend in the use of open source software (OSS) repositories as channels for malware distribution in supply chain security. With the continued reliance on third-party packages in development workflows, threat actors are increasingly exploiting vulnerabilities in the open-source ecosystem to propagate malicious code, exfiltrate data, and cause other harm. By leveraging our proprietary AI-powered malware detection and continuous monitoring system, FortiGuard Labs has established real-time tracking and detection of newly published packages. This ongoing, global monitoring enables us to rapidly identify emerging threats and evolving attack techniques."
        https://www.fortinet.com/blog/threat-research/malicious-packages-across-open-source-registries
      • #BHUSA: Microsoft And Google Among Most Affected As Zero Day Exploits Jump 46%
        "Zero day exploitation surged by 46% year-over-year in the first six months of 2025, according to the Forescout Research – Vedere Labs H1 2025 Threat Review. Products from 27 vendors were found to be impacted by zero days, with Microsoft making up around a third (30%). Google products experienced the second highest volume of zero day exploits, at 11%, followed by Apple (8%), Ivanti (6%), Qualcomm (5%) and VMware (5%)."
        https://www.infosecurity-magazine.com/news/microsoft-google-zero-day-exploits/
      • Details Emerge On BlackSuit Ransomware Takedown
        "BlackSuit’s technical infrastructure was seized in a globally coordinated takedown operation last month that authorities touted as a significant blow in the fight against cybercrime. The ransomware group’s leak site has displayed a seizure notice since July 24. The takedown followed a long investigation, which allowed authorities to confiscate “considerable amounts of data,” and identify 184 victims, German officials said in a news release last week. The group’s total extortion demands surpassed $500 million by August 2024, with demands typically in the range of $1 million to $10 million, the Cybersecurity and Infrastructure Security Agency said in an advisory last year."
        https://cyberscoop.com/blacksuit-ransomware-takedown/

      อ้างอิง
      Electronic Transactions Development Agency(ETDA) 46119e13-c3ba-4b10-9c8d-d5d34df932d0-image.png

      1 การตอบกลับ คำตอบล่าสุด ตอบ คำอ้างอิง 0
      • First post
        Last post