NCSA Webboard
    • ล่าสุด
    • แท็ก
    • ฮิต
      • ติดต่อสำนักงาน
    • ลงทะเบียน
    • เข้าสู่ระบบ

    Cyber Threat Intelligence 25 August 2025

    Cyber Security News
    1
    1
    202
    โหลดโพสเพิ่มเติม
    • เก่าสุดไปยังใหม่สุด
    • ใหม่สุดไปยังเก่าสุด
    • Most Votes
    ตอบ
    • ตอบโดยตั้งกระทู้ใหม่
    เข้าสู่ระบบเพื่อตอบกลับ
    Topic นี้ถูกลบไปแล้ว เฉพาะผู้ใช้งานที่มีสิทธิ์ในการจัดการ Topic เท่านั้นที่จะมีสิทธิ์ในการเข้าชม
    • NCSA_THAICERTN
      NCSA_THAICERT
      แก้ไขล่าสุดโดย

      Vulnerabilities

      • MITRE Updates List Of Most Common Hardware Weaknesses
        "The non-profit MITRE Corporation this week published a revised CWE Most Important Hardware Weaknesses (MIHW) to align it with the evolution of the hardware security landscape. Initially released in 2021, the CWE MIHW list includes frequent errors that lead to critical hardware vulnerabilities, and is meant to raise awareness within the community, to help eradicate hardware flaws from the start. The updated list includes 11 entries and comes with new classes, categories, and base weaknesses, but retains five of the entries that were included in the 2021 CWE MIHW list. It shows a focus on resource reuse, debug mode bugs, and fault injection."
        https://www.securityweek.com/mitre-updates-list-of-most-common-hardware-weaknesses/
        https://cwe.mitre.org/topHW/archive/2025/2025_CWE_MIHW.html

      Malware

      • Proxyware Malware Being Distributed On YouTube Video Download Site – 2
        "AhnLab SEcurity intelligence Center (ASEC) has covered cases where Proxyware malware is distributed by sites posing as YouTube video download pages. Although the attack methods and malware installed are similar, the same attacker continues to distribute the malware, leading to the infection of numerous systems."
        https://asec.ahnlab.com/en/89787/
      • Mistrusted Advisor: Evading Detection With Public S3 Buckets And Potential Data Exfiltration In AWS
        "In May 2025, we uncovered multiple undocumented techniques to evade detection by bypassing AWS Trusted Advisor’s S3 Security Checks. Leveraging these methods, we were able to bypass detection by Trusted Advisor’s S3 security scans and configure buckets with public and anonymous permissions via bucket policies and ACLs which permit data access open to the world and potential data exfiltration - all without triggering a single alert."
        https://www.fogsecurity.io/blog/mistrusted-advisor-public-s3-buckets
        https://www.securityweek.com/aws-trusted-advisor-tricked-into-showing-unprotected-s3-buckets-as-secure/
      • Falcon Platform Prevents COOKIE SPIDER’s SHAMOS Delivery On MacOS
        "Between June and August 2025, the CrowdStrike Falcon® platform successfully blocked a sophisticated malware campaign that attempted to compromise over 300 customer environments. The campaign deployed SHAMOS, a variant of Atomic macOS Stealer (AMOS) developed by the cybercriminal group COOKIE SPIDER. Operating as malware-as-a-service, COOKIE SPIDER rents this information stealer to cybercriminals who deploy it to harvest sensitive information and cryptocurrency assets from victims. The campaign utilized malvertising to direct users to fraudulent macOS help websites where victims were instructed to execute a malicious one-line installation command."
        https://www.crowdstrike.com/en-us/blog/falcon-prevents-cookie-spider-shamos-delivery-macos/
        https://www.bleepingcomputer.com/news/security/fake-mac-fixes-trick-users-into-installing-new-shamos-infostealer/
        https://www.securityweek.com/hundreds-targeted-in-new-atomic-macos-stealer-campaign/
        https://hackread.com/cookie-spider-malvertising-new-shamos-macos-malware/
        https://securityaffairs.com/181441/malware/over-300-entities-hit-by-a-variant-of-atomic-macos-stealer-in-recent-campaign.html
      • APT36: Targets Indian BOSS Linux Systems With Weaponized AutoStart Files
        "CYFIRMA has identified an ongoing cyber-espionage campaign orchestrated by APT36 (Transparent Tribe), a Pakistan-based threat actor with a sustained focus on Indian Government entities. This operation reflects the group’s increasing sophistication and flexibility; leveraging tailored malware, aimed at Boss operating systems. Initial access is achieved through spear phishing emails. Linux BOSS environments are targeted via weaponized .desktop shortcut files that, once opened, download and execute malicious payloads. APT36’s capability to customize its delivery mechanisms according to the victim’s operating environment thereby increases its chances of success while maintaining persistent access to critical government infrastructure and evading traditional security controls."
        https://www.cyfirma.com/research/apt36-targets-indian-boss-linux-systems-with-weaponized-autostart-files/
        https://www.bleepingcomputer.com/news/security/apt36-hackers-abuse-linux-desktop-files-to-install-malware/
      • The Resurgence Of IoT Malware: Inside The Mirai-Based “Gayfemboy” Botnet Campaign
        "Over the past year, FortiGuard Labs has been tracking a stealthy malware strain exploiting a range of vulnerabilities to infiltrate systems. Initially disclosed by a Chinese cybersecurity firm under the name “Gayfemboy,” the malware resurfaced this past July with new activity, this time targeting vulnerabilities in products from vendors such as DrayTek, TP-Link, Raisecom, and Cisco, and exhibiting signs of evolution in both form and behavior. This article presents an in-depth analysis of Gayfemboy, revealing its technical details and exploring the implications of its evolving behavior."
        https://www.fortinet.com/blog/threat-research/iot-malware-gayfemboy-mirai-based-botnet-campaign
        https://securityaffairs.com/181480/cyber-crime/iot-under-siege-the-return-of-the-mirai-based-gayfemboy-botnet.html
      • Android Document Readers And Deception: Tracking The Latest Updates To Anatsa
        "The Zscaler ThreatLabz team continually monitors and analyzes malicious applications distributed by threat actors via the Google Play Store. Last year, ThreatLabz reported on Anatsa malware (a.k.a. TeaBot) that attacks Android devices and targets financial applications. Anatsa, first discovered in 2020, is capable of stealing credentials, monitoring keystrokes, and facilitating fraudulent transactions. In this blog post, ThreatLabz dives into Anatsa’s latest malware developments and provides insights into overall malware distribution trends in the Google Play Store."
        https://www.zscaler.com/blogs/security-research/android-document-readers-and-deception-tracking-latest-updates-anatsa
      • The Silent, Fileless Threat Of VShell
        "Linux environments are often seen as bastions of security, favored by developers, sysadmins, and security professionals for their stability, transparency, and resistance to malware. Compared to Windows, the attack surface is perceived to be smaller, and users typically enjoy a greater degree of control. But this trust has led to a blind spot: assumptions of safety based on the operating system alone. The Trellix Advanced Research Center recently uncovered a new attack that challenges these assumptions. Today’s attackers are innovating around traditional security models."
        https://www.trellix.com/blogs/research/the-silent-fileless-threat-of-vshell/
        https://thehackernews.com/2025/08/linux-malware-delivered-via-malicious.html
      • Think Before You Click(Fix): Analyzing The ClickFix Social Engineering Technique
        "Over the past year, Microsoft Threat Intelligence and Microsoft Defender Experts have observed the ClickFix social engineering technique growing in popularity, with campaigns targeting thousands of enterprise and end-user devices globally every day. Since early 2024, we’ve helped multiple customers across various industries address such campaigns attempting to deliver payloads like the prolific Lumma Stealer malware. These payloads affect Windows and macOS devices and typically lead to information theft and data exfiltration."
        https://www.microsoft.com/en-us/security/blog/2025/08/21/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique/
        https://www.theregister.com/2025/08/22/clickfix_report/
      • Fake CoinMarketCap Journalists Targeting Crypto Executives In Spear-Phishing Campaign
        "Fake CoinMarketCap journalist profiles used in spear-phishing target crypto execs via Zoom interviews, risking malware, data theft, and wallet loss. A new spear-phishing campaign is targeting executives in the crypto industry through fake interview requests. The attackers impersonate journalists affiliated with CoinMarketCap, using their active profiles on the company’s website to appear legitimate."
        https://hackread.com/fake-coinmarketcap-journalists-crypto-executives-spear-phishing/
      • Malicious Go Module Disguised As SSH Brute Forcer Exfiltrates Credentials Via Telegram
        "Socket’s Threat Research Team identified a malicious Go module package, golang-random-ip-ssh-bruteforce, that poses as a fast SSH brute forcer but covertly exfiltrates credentials to its author. On the first successful login, the package sends the target IP address, username, and password to a hardcoded Telegram bot controlled by the threat actor. The package is designed to continuously scan random IPv4 addresses for exposed SSH services on TCP port 22, attempt authentication using a local username-password wordlist, and exfiltrate any successful credentials via Telegram. As a result, anyone who runs the package hands over their initial access wins to the Russian-speaking threat actor, known as IllDieAnyway on GitHub and within the Go Module ecosystem."
        https://socket.dev/blog/malicious-go-module-disguised-as-ssh-brute-forcer-exfiltrates-credentials
        https://thehackernews.com/2025/08/malicious-go-module-poses-as-ssh-brute.html

      Breaches/Hacks/Leaks

      • DaVita Says Ransomware Gang Stole Data Of Nearly 2.7 Million People
        "Kidney dialysis firm DaVita has confirmed that a ransomware gang that breached its network stole the personal and health information of nearly 2.7 million individuals. DaVita serves over 265,400 patients across 3,113 outpatient dialysis centers, 2,660 in the United States, and 453 centers in 13 other countries worldwide. The company reported revenues of over $12 billion in 2024 and of $3.3 billion for the second quarter of 2025. In April, the healthcare provider revealed in a filing with the U.S. Securities and Exchange Commission (SEC) that its operations were disrupted after attackers partially encrypted its network over the weekend."
        https://www.bleepingcomputer.com/news/security/davita-ransomware-attack-exposed-data-of-nearly-27-million-people/
        https://www.bankinfosecurity.com/dialysis-chain-tells-feds-hack-affects-nearly-27-million-a-29277
        https://www.theregister.com/2025/08/22/davita_ransomware_infection/
        https://securityaffairs.com/181458/data-breach/kidney-dialysis-firm-davita-confirms-ransomware-attack-compromised-data-of-2-7m-people.html
      • Rural Health System In Michigan Notifying 140,000 Of Hack
        "A health system in rural Michigan is notifying nearly 140,000 people that their information was potentially compromised in a data theft incident occurring between November 2024 and January 2025. Cybercriminal gang BianLian lists Aspire Rural Health System as a victim on its dark website. In a breach report submitted Thursday to Maine's attorney general, Marlette, Mich.-based Aspire said the external system hacking incident affected 138,386 people."
        https://www.bankinfosecurity.com/rural-health-system-in-michigan-notifying-140000-hack-a-29279
      • CPAP Medical Data Breach Impacts 90,000 People
        "Healthcare services provider CPAP Medical Supplies and Services is informing tens of thousands of people that their personal and health information has been compromised. Florida-based CPAP Medical provides sleep apnea equipment, including to members of the US military and their families. The organization said in a data security incident notice posted on its website that its systems were accessed by hackers in mid-December 2024."
        https://www.securityweek.com/cpap-medical-data-breach-impacts-90000-people/
      • Electronics Manufacturer Data I/O Reports Ransomware Attack To SEC
        "Tech manufacturer Data I/O reported a ransomware attack to federal regulators on Thursday evening, writing that the incident has taken down critical operational systems. The Redmond, Washington-based company said the ransomware attack began on August 16 and prompted outages of the technology used for shipping, manufacturing, production and other support functions. Data I/O produces electronics used in vehicles and consumer devices. More than 65% of its business in the second quarter came from automotive electronic production, including through recent contracts with Chinese electric vehicle makers producing technology for charging stations. Its website lists major companies like Tesla, Panasonic, Amazon, Google and Microsoft as customers."
        https://therecord.media/electronics-manufacturer-dataio-ransomware
        https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/
      • Criminal Background Checker APCS Faces Data Breach
        "A leading UK provider of criminal record checks for employers is handling a data breach stemming from a third-party development company. Access Personal Checking Services (APCS) has written to customers to notify them that their data has been compromised, according to emails seen by The Register, and it confirmed to us that Hull-based Intradev was the organization initially attacked. APCS describes itself as the UK's fastest service for carrying out Disclosure and Barring Service (DBS) checks, which were known as Criminal Record Bureau checks prior to 2012. Organizations use them for roles that require background screening, such as jobs that involve working with children or vulnerable individuals, as well as in the healthcare and financial services sectors."
        https://www.theregister.com/2025/08/22/apcs_breach/

      General News

      • The New Era Of Cybercrime In Australia — AI-Powered Attacks And How To Stay Ahead
        "AI is driving a rapid increase in sophisticated cyberattacks, and Australia’s high median wealth, abundant resources, and geopolitical influence make it a prime target for both cybercrime groups and advanced persistent threats (APTs). Cyble has documented more than 50 threat groups active in Australia in 2025, including ransomware and cybercrime groups, hacktivists, and APTs linked to China, Russia, Iran, and North Korea."
        https://cyble.com/blog/ai-powered-cyberattacks-surge-in-australia/
      • African Authorities Dismantle Massive Cybercrime And Fraud Networks, Recover Millions
        "In a sweeping INTERPOL-coordinated operation, authorities across Africa have arrested 1,209 cybercriminals targeting nearly 88,000 victims. The crackdown recovered USD 97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global reach of cybercrime and the urgent need for cross-border cooperation. Operation Serengeti 2.0 (June to August 2025) brought together investigators from 18 African countries and the United Kingdom to tackle high-harm and high-impact cybercrimes including ransomware, online scams and business email compromise (BEC). These were all identified as prominent threats in the recent INTERPOL Africa Cyberthreat Assessment Report."
        https://www.interpol.int/News-and-Events/News/2025/African-authorities-dismantle-massive-cybercrime-and-fraud-networks-recover-millions
        https://www.bleepingcomputer.com/news/security/massive-anti-cybercrime-operation-leads-to-over-1-200-arrests-in-africa/
        https://thehackernews.com/2025/08/interpol-arrests-1209-cybercriminals.html
        https://therecord.media/africa-interpol-cybercrime-crackdown
        https://www.darkreading.com/cyberattacks-data-breaches/interpol-operation-serengeti-2-0
        https://www.fortinet.com/blog/industry-trends/fortinet-assists-interpol-in-disrupting-cybercrime-networks-through-operation-serengeti
        https://www.theregister.com/2025/08/22/interpol_serengeti_20/
        https://cyberscoop.com/interpol-operation-serengeti-2-africa/
        https://www.helpnetsecurity.com/2025/08/22/interpol-africa-cybercrime-crackdown/
        https://www.infosecurity-magazine.com/news/interpol-african-cybercrime/
        https://www.securityweek.com/large-interpol-cybercrime-crackdown-in-africa-leads-to-the-arrest-of-over-1200-suspects/
        https://securityaffairs.com/181434/cyber-crime/operation-serengeti-2-0-interpol-nabs-1209-cybercriminals-in-africa-seizes-97m.html
      • Five Ways OSINT Helps Financial Institutions To Fight Money Laundering
        "Here are five key ways OSINT tools can help financial firms develop advanced strategies to fight money laundering criminals. Money launderers often use layered networks of offshore entities and shell companies to mask the true ultimate beneficial owner (UBO) of a company. Without technology, the manual process of trying to understand ownership and identify UBOs can be very time-consuming and inefficient – insights can even be missed altogether."
        https://www.helpnetsecurity.com/2025/08/22/financial-institutions-osint-tools/
      • AI Gives Ransomware Gangs a Deadly Upgrade
        "Ransomware continues to be the major threat to large and medium-sized businesses, with numerous ransomware gangs abusing AI for automation, according to Acronis. From January to June 2025, the number of publicly reported ransomware victims jumped 70% compared to the same period in both 2023 and 2024. February stood out as the worst month, with 955 reported cases."
        https://www.helpnetsecurity.com/2025/08/22/ransomware-gangs-ai/
      • The New Battleground For CISOs Is Human Behavior
        "Attackers don’t always need a technical flaw. More often, they just trick your people. Social engineering works, and AI makes it harder to catch.” A new LevelBlue report shows how this problem is growing worldwide. Forty-one percent of organizations say they are experiencing more cyberattacks than a year ago, rising to 49% in Asia-Pacific. Employees are struggling to tell the difference between real and fake communications. Globally, 59% of respondents report this problem, and in Latin America it climbs to 66%."
        https://www.helpnetsecurity.com/2025/08/22/social-engineering-threats-2025/
      • Local Governments Struggle To Defend Critical Infrastructure As Threats Grow
        "A small-town water system, a county hospital, and a local school district may not seem like front-line targets in global conflict, but they are. These organizations face daily cyber attacks, from ransomware to foreign adversaries probing for weak points. What happens to them can ripple into national security, disrupting everything from healthcare to transportation. That is the warning in a new report from the Multi-State Information Sharing and Analysis Center (MS-ISAC), which reviews the current threat environment, recent successes, and the top needs identified by state, local, tribal, and territorial (SLTT) organizations."
        https://www.helpnetsecurity.com/2025/08/22/critical-infrastructure-sltt-cybersecurity-priorities/
      • "What Happens Online Stays Online" And Other Cyberbullying Myths, Debunked
        "Cyberbullying, unfortunately, is on the rise. Data from the Cyberbullying Research Center reveals that just over 58% of middle- and high-school students in the US have experienced online harassment of some sort in their lives. That’s compared to 37% in 2019 and just a quarter (24%) a decade before that. Separate data claims that over two-fifths (43%) of teen video game players have been bullied. Some were called offensive names. Others were physically threatened, while many were sent sexually explicit content."
        https://www.welivesecurity.com/en/kids-online/what-happens-online-stays-online-and-other-cyberbullying-myths-debunked/
      • The Growing Challenge Of AI Agent And NHI Management
        "AI agents have risen dramatically in popularity and awareness over the past year, as we've enabled AI models to take actions (and thus become agents). And non-human identities (NHI) have been rapidly growing for years. CyberArk's latest identity report says that machine identities outnumber human identities 82:1. NHIs have become key components of automation projects, as companies modernize their architectures to include microservices, containerization, and serverless cloud computing. More automations require more machine identities. As we add agentic AI into the mix, the number of identities required shifts exponentially."
        https://www.darkreading.com/cybersecurity-operations/growing-challenge-ai-agent-nhi-management
      • Insurers May Limit Payments In Cases Of Unpatched CVEs
        "Cyber insurers are testing out new ways to hold policyholders accountable for outdated security, limiting payouts when policyholders fall prey to attacks that use older vulnerabilities or take advantage of holes in the organizations' defenses. Potential risk-limiting approaches include a sliding scale of accountability — and payouts — based on an unpatched vulnerability's half-life, or whether a company failed to fix a critical vulnerability within a certain number of days, according to a blog post penned by cyber insurer Coalition, which does not support such approaches. Dubbed CVE exclusions, after the Common Vulnerabilities and Exposures (CVE) system widely used to assign identifiers to software security issues, the tactic is not yet widely adopted, and most examples are from insurers outside the US, the firm stated."
        https://www.darkreading.com/cyber-risk/cyber-insurers-may-limit-payments-breaches-unpatched-cve
      • Do Claude Code Security Reviews Pass The Vibe Check?
        "If there's anything that gives a seasoned application security professional indigestion these days, it is the thought of AI-assisted coding layered on top of an already insecure development pipeline. The cherry on top of it all is that an increasing amount of this work is being done to support agentic artificial intelligence (AI) and other AI-centered applications — all of which are introducing novel vulnerabilities via new attack surfaces like modern context protocol (MCP)."
        https://www.darkreading.com/application-security/do-claude-code-security-reviews-pass-vibe-check
      • Personal Liability, Security Becomes Bigger Issues For CISOs
        "Chuck Norton had only been on the job as the chief information security officer at Western Michigan University for a few months when a jury found another CISO — of ride-hailing app Uber — guilty of covering up a compromise. Norton was concerned about the potential to be held criminally liable for a breach — or the response to a compromise — and sought to make legal protections part of his contract. While he received verbal assurances, he realized that those promises would not be in writing."
        https://www.darkreading.com/cybersecurity-operations/personal-liability-security-becomes-bigger-issues-cisos
      • ReVault Flaw Exposed Millions Of Dell Laptops To Malicious Domination
        "In this interview from Black Hat USA 2025, Philippe Laulheret, a senior vulnerability researcher at Cisco Talos, discusses his discovery of the "ReVault" vulnerability affecting millions of Dell business laptops. Laulheret found that the Control Vault (also called a unified secure hub) — a control board connecting peripherals like fingerprint readers and smart card readers to Dell Latitude and Precision laptops — contained multiple security flaws that allow any user to communicate with the board through undocumented APIs, potentially leading to memory corruption, code execution, extraction of secret keys, and permanent firmware modification."
        https://www.darkreading.com/endpoint-security/revault-compromised-secure-soc
      • Apple Intelligence Is Picking Up More User Data Than Expected, Researcher Finds
        "In this Dark Reading News Desk interview at Black Hat USA 2025, Yoav Magid, senior security researcher for Lumia Security, explains that Apple Intelligence, which powers various AI applications including an enhanced Siri, presents a privacy risk to users. His research revealed that Apple collects surprising amounts of contextual data even for simple queries; for example, when asking about weather, Siri might capture and send to Apple servers information about what music a person is currently listening to. More concerning, he discovered that when using Siri to send messages through supposedly end-to-end encrypted apps like WhatsApp, the content and contact information are sent to Apple's servers unnecessarily."
        https://www.darkreading.com/endpoint-security/apple-intelligence-more-data-than-expected-researchers
      • New Ransomware-As-a-Service (RaaS) Groups To Watch In 2025
        "Despite significant advancements in cybersecurity defenses, ransomware continues to be one of the greatest financial and operational risks facing organizations worldwide—with Flashpoint finding that ransomware attacks increased by 179% compared to the 2024 midyear. This continuous growth of ransomware is driven by ransomware-as-a-service (RaaS) operators and affiliates. In this post, we take a deeper look into the ransomware landscape, highlighting new emerging RaaS that every organization should be paying attention to in 2025."
        https://flashpoint.io/blog/new-ransomware-as-a-service-raas-groups-to-watch-in-2025/
      • CISA Requests Public Comment For Updated Guidance On Software Bill Of Materials
        "CISA released updated guidance for the Minimum Elements for a Software Bill of Materials (SBOM) for public comment—comment period begins today and concludes on October 3, 2025. These updates build on the 2021 version of the National Telecommunications and Information Administration SBOM Minimum Elements to reflect advancements in tooling and implementation. An SBOM serves as a vital inventory of software components, enabling organizations to identify vulnerabilities, manage dependencies, and mitigate risks. The update refines data fields, automation support, and operational practices to ensure SBOMs are scalable, interoperable, and comprehensive."
        https://www.cisa.gov/news-events/alerts/2025/08/22/cisa-requests-public-comment-updated-guidance-software-bill-materials
        https://www.cisa.gov/resources-tools/resources/2025-minimum-elements-software-bill-materials-sbom
        https://www.bankinfosecurity.com/cisa-seeks-input-on-sbom-update-to-tackle-real-world-gaps-a-29280
      • Bug Bounties: The Good, The Bad, And The Frankly Ridiculous Ways To Do It
        "Thirty years ago, Netscape kicked off the first commercial bug bounty program. Since then, companies large and small have bought into the idea, with mixed results. Bug bounties seem simple: a flaw finder spots a vulnerability, responsibly discloses it, and then gets a reward for their labor. But over the past decades, they've morphed into a variety of forms for commercial and government systems, using different payment techniques and platforms, and some setups are a lot more effective than others. Commercial bug bounties spread slowly at first, and the idea was initially fraught with danger for researchers. Some companies sued outsiders who found problems with their software."
        https://www.theregister.com/2025/08/24/bug_bounty_advice/
      • CTM360 Report Explains How Emotions Fuel Modern Fraud
        "CTM360 research reveals how scammers hook their victims through manipulative traps built on AI, stolen data, and brand impersonation. These campaigns go far beyond simple phishing, exploiting trust, emotions, urgency, fake support accounts, and counterfeit offers to trick victims into engaging with fraud. Scam hooks are the first domino in today’s fraud chains: the lure, prompt, or trigger that gets someone to click, reply, pay, or share access. They’re the opening move of modern fraud disguised as alerts, invoices, login pages, QR codes, DMs, or “urgent” requests."
        https://hackread.com/ctm360-report-explains-how-emotions-fuel-modern-fraud/
        https://www.ctm360.com/reports/scam-hooks-report

      อ้างอิง
      Electronic Transactions Development Agency(ETDA) 92f9ef2b-5ce5-4399-bf77-5dfcb0c73dee-image.png

      1 การตอบกลับ คำตอบล่าสุด ตอบ คำอ้างอิง 0
      • First post
        Last post