Mapua Information Security

🚨 Security Advisory: IP Camera Risks & Albiriox Threat 🚨
Cybercriminals are targeting vulnerable IP cameras this holiday season through the Albiriox malware, exploiting weak credentials and outdated firmware.

Don’t let them steal your holiday cheer—secure your devices now!

✅ Change default credentials on all connected devices
✅ Apply firmware and security patches promptly
✅ Report anomalies to the Security Team immediately

Think before you click and keep your network safe!

References:
Krebs, B. (2023). Securing IoT devices: Best practices for consumers and enterprises. Retrieved from https://krebsonsecurity.com
OWASP Foundation. (2024). IoT security guidelines. Retrieved from https://owasp.org
Trend Micro. (2024). Albiriox malware analysis and mitigation strategies. Retrieved from https://www.trendmicro.com
NIST. (2023). Cybersecurity for IoT program. Retrieved from https://www.nist.gov

🚨 Cyber Threats Are Rising This Holiday Season!

From malware in fake shipping emails to ransomware targeting year-end backups, attackers are getting smarter.
✔ Verify suspicious emails
✔ Keep offline backups
✔ Limit vendor access

Stay safe and informed.



References:
ENISA Threat Landscape | CISA Cybersecurity Tips | IBM X-Force Threat Intelligence

🚨 Cyber Alert: Spyware Targeting Messaging Apps!

State-backed attackers are exploiting spyware to compromise Signal, WhatsApp, TikTok, and Telegram. They’re not breaking encryption—they’re hacking devices directly.

⚠️ How they do it:
📱 Fake apps mimicking trusted platforms
🔗 QR code scams linking your account to hackers
📷 Zero-click exploits via malicious images

💥 What’s at risk:
Your messages & calls
Sensitive files & credentials
More malware on your device

✅ Stay Safe:
✔ Download apps ONLY from official stores
✔ Don’t scan random QR codes
✔ Keep apps & devices updated
✔ Report suspicious activity to IT Security

👉 Full advisory: CISA. (2025, November 25). Spyware gangs exploiting messaging apps, warns CISA. The Register. Retrieved from https://www.theregister.com/2025/11/25/cisa_spyware_gangs/

Stay vigilant. Protect your chats. Protect your data.

🦇💻 WANTED: Vampire Virus!

This malware drains your system’s lifeblood, leaving it weak and exposed.

Stay safe:
✔ Update antivirus.
✔ Scan files before opening.
✔ Avoid shady downloads.

Don’t let the Vampire suck your system dry!

🐺📡 WANTED: Werewolf Wi-Fi!

This beast prowls unsecured networks, ready to steal your data.

Stay safe:
✔ Use VPN.
✔ Avoid public Wi-Fi for sensitive work.
✔ Turn off auto-connect.

Don’t let the Werewolf sink its teeth into your data!

☁️👻 WANTED: Cloud-Jacking Phantom!

This ghostly hacker hijacks cloud accounts to steal data and wreak havoc.

Stay safe:
✔ Strong passwords.
✔ MFA enabled.
✔ Check permissions often.

Don’t let the Phantom haunt your cloud!

🚨 Security Alert: Phishing Scam Targeting Booking.com Users & Hotels 🚨

A new campaign called “I Paid Twice” is impersonating Booking.com to steal credentials and payment info.

✅ Watch out for:
• Emails from fake domains (e.g., booklng.com)
• Requests for refunds or payment checks outside Booking.com
• Links to non-Booking.com sites

🔒 Stay Safe:
• Use only the official Booking.com app/site
• Never share payment details via email
• Double-check sender addresses

Report suspicious messages to [email protected]
Stay vigilant. Use official channels for all payment-related communication!

🕷️ Cybersecurity Awareness Alert! 🕷️

Beware the Digital Creatures of November—they’re lurking in the shadows of your inbox and networks!

Meet the monsters haunting the digital world:
👻 AI-Phishing Poltergeist – Sends ghostly emails to steal your credentials.
🌫️ Cloud-Jacking Phantom – Hijacks your cloud accounts without a trace.
🐺 Werewolf Wi-Fi – Attacks when you connect to unsecured networks.
🦇 Vampire Virus – Slowly drains your system through malware infections.

Stay safe from these creatures:
✔ Think before you click.
✔ Verify unusual requests.
✔ Secure your connections.
✔ Keep software updated.
✔ Report suspicious activity.

Don’t let these monsters sink their claws into your data—stay vigilant!

🔐 Cybersecurity Month Wrap-Up: Stay Vigilant, Stay Empowered

As October comes to a close, we’re proud of the awareness, action, and teamwork that defined our Cybersecurity Month.

From phishing simulations to password puzzles, firewall fortresses to insider threat investigations—every challenge reminded us that security is a shared responsibility. 🧠

Whether you're a seasoned security engineer or just starting your cyber journey, your actions matter.

💡 Let’s keep the momentum going: ✅ Stay informed ✅ Stay alert ✅ Stay ahead The threats may evolve, but so will we.

Until next time—encrypt everything, question everything, and never stop learning.

TikTok · Mapua Infosec Check out Mapua Infosec’s video.

🕶️ The Cyberpunk Has Logged In
Rebel. Hacker. Legend.

He doesn’t follow rules — he rewrites them.

In the neon-lit chaos of the digital underworld, The Cyberpunk thrives. A ghost in the machine. A glitch in the grid. He cracks firewalls like glass and disappears before the trace even begins.
No leash. No limits. Just raw code, adrenaline, and a mission: expose the truth.

💥 In 2025 alone:
- 35 global giants breached — $1.7T in market value at risk
- A Chinese state-linked campaign hit 80+ nations
- Gucci, Balenciaga, and more — customer data leaked
- $1.46B in Ethereum vanished from a major crypto exchange
- Airports across Europe grounded by a single cyberattack

This is his playground.

Where systems fail, The Cyberpunk rises.
Hero or threat? That depends on which side of the code you’re on.

🔍 In a world where data flows like blood, staying invisible is the ultimate power.