🚨 Threat Alert | Data Leak | DIRESA Cajamarca – Perú 🇵🇪 Un actor de amenazas asociado al grupo Cortex ha publicado la vulneración del Sistema Integrado de Gestión Administrativa (SIGA) de la Dirección Regional de Salud Cajamarca, vendiendo el acceso al exploit y filtrando credenciales públicamente. 📂 Detalles del incidente: • Organización: Dirección Regional de Salud (DIRESA) Cajamarca • Industria / Sector: Gobierno / Salud Pública • Sitio web: siga.diresacajamarca.gob.pe • Actor de amenaza: Afiliado a Cortex Group • Volumen: Acceso a servidor (Webshell) y credenciales de usuario expuestas • Datos expuestos / Impacto: Compromiso del servidor Apache Tomcat mediante la implantación de una webshell, permitiendo ejecución de comandos remotos (RCE). • Estado: En Venta. • Fecha de reporte: 12/06/2026 #ThreatAlert #Peru #DataLeak #DIRESA #Cajamarca #CortexGroup #Cybersecurity #Ciberseguridad

🚨 CYBER INTELLIGENCE ALERT: ALLEGED COMPROMISE OF FINANCIAL AND TAX INTERMEDIARY — DCI GROUP MEXICO 🇲🇽 [STATUS: SAMPLE VIEWED / UNCONFIRMED / UNDER INVESTIGATION] Through monitoring of Dark Web forums and leak communities, a post was detected today by the threat actor azazeljakel, operating under the banner of the cybercriminal group CORTEX. The attacker claims to have compromised and extracted the complete database of DCI Group Mexico, a firm that operates as an intermediary in management and collection processes for government entities such as the SAT (Tax Administration Service), the IMSS (Mexican Social Security Institute), and the mortgage portfolio administrator Zéndere. 🎯 Affected Entity: DCI Group Mexico (Third-party intermediary for SAT, IMSS, and Zéndere). 👤 Threat Actor: azazeljackel (Main Alias: azazel) / Group: CORTEX. 📂 Volume Claimed: 240,000 CURPs (Unique Population Registry Codes) and 9,000 mortgage loan files. ⚙️ Vector and Artifacts: A database dump (.sql) and an automated Bash script designed to download PDF loan documents en masse directly from compromised servers. ⚠️ Verification Status: NOT CONFIRMED. The data sample exposes structured, coherent, and accurate information about the management of a real mortgage loan, including valid bank references from BBVA Bancomer, but it has not been confirmed. 📊 TECHNICAL BREAKDOWN OF EXFILTERED FINANCIAL ASSETS The forensic analysis of the published sample reveals a complete exposure of the asset, identity, and debt data of clients managed by Zéndere's portfolio: 🪪 Personally Identifiable Information (PII): Full name of the account holder and CURP (240,000 records exposed). RFC (Federal Taxpayer Registry) of the managing entity. Collateral Address: Exact physical location of the mortgaged property (Department, Neighborhood, Municipality, State, and Postal Code). 📋 Product and Portfolio Control Data: Critical internal identifiers: Product ID, Client Number, and Loan Number. Exact periods of the account statements. 💸 Payment Breakdown and Bank References: Plain text debt statement: Current Monthly Payment, Amount Due, Collection Fees, and Late Payment Interest. Financial Fraud Vectors: Payment agreements, unique bank references, and the assigned receiving bank (BBVA Bancomer). 🛡️ MITIGATIONS AND EMERGENCY TECHNICAL RECOMMENDATIONS 🛑 Immediate Blocking of Endpoints and APIs (Kill-Switch): DCI Group and Zéndere must audit and immediately shut down any public APIs or web directories that are allowing the download of PDF account statement documents, as the attacker has distributed an automated script for other criminals to extract this information. 🔒 Customer Fraud Alert (Zéndere / BBVA): Urgently notify the 9,000 affected mortgage customers about the breach. Debtors should be instructed to ignore any phone or email communications requesting emergency payments, changes to receiving accounts, or unsolicited debt restructurings through official channels. ⚡ MONITORING AND EVALUATION 🌐 Intelligence System: analyzer.vecert.io 🛡️ Quickly assess your website's security with: monitor.vecert.io/ #CyberSecurity #DataBreach #Mexico #DCIGroup #Zendere #SAT #IMSS #FinancialFraud #MortgageLeak #PII_Leak #CortexGroup #ThreatIntelligence #CyberAlert #VECERT #Infosec

🚨 CYBER INTELLIGENCE ALERT: ALLEGED BREACH IN CHILEAN FIRE DEPARTMENT MANAGEMENT SYSTEM 🇨🇱 [STATUS: SAMPLE OBSERVED / UNDER INVESTIGATION / UNCONFIRMED] Through tactical monitoring of clandestine platforms, a post made today by the threat actor identified as azazeljakel has been detected. The attacker claims to have breached and gained administrator-level access to the VIPER integrated management system , used by the Chilean Fire Departments. The actor states that the exfiltrated database, distributed via Gofile, compromises 75% of Chile's firefighters across more than 400 companies nationwide. 🎯 Affected Entity: Chilean Fire Departments (VIPER portal infrastructure - ). 👤 Threat Actor: azazeljakel / Group: CORTEX. 📂 Volume and Scope: Allegedly encompasses 75% of the country's fire department personnel (more than 400 departments). ⚙️ Claimed Impact Vector: Account Takeover / Admin Access. 📊 TECHNICAL BREAKDOWN OF EXFILTRATED ASSETS The forensic analysis of the published sample (e.g., Carlos Alberto Herrera Álvarez) reveals a comprehensive exfiltration of the institution's identity and human resources directory: 🪪 Personally Identifiable Information (PII): Full name, date of birth, age, sex, marital status, and nationality. Exposure of the RUT (Taxpayer Identification Number), the definitive national identifier for legal and financial procedures in Chile. 📍 Geolocation and Direct Contact: Exact physical address (e.g., Alcan Street 2826, La Florida Commune). Personal mobile phone numbers and email addresses (@gmail.com). 📸 Biometric/Visual Files: Extraction of profile pictures of officials wearing their official uniforms, facilitating direct visual profiling. 🔥 Operational Sabotage Capability: The most critical aspect of this manifesto is that the attacker incites other actors to use the database and access to "disrupt operations, send messages, and modify data." 🛡️ EMERGENCY MITIGATION AND TECHNICAL RECOMMENDATIONS 🛑 Immediate Session and Access Termination (Kill-Switch): VIPER infrastructure administrators are urged to immediately force the closure of all active web sessions and restrict access to administrative panels only through IP addresses on the institutional intranet (Whitelisting). 🔒 Mass Password Revocation and MFA: Initiate a mandatory password reset process for the more than 400 affiliated fire departments, strictly enabling Two-Factor Authentication (MFA) to prevent cybercriminals from using leaked emails and passwords to regain control of the platform. ⚡ MONITORING AND EVALUATION 🌐 Intelligence System: analyzer.vecert.io 🛡️ Quickly assess your website's security with: monitor.vecert.io/ #CyberSecurity #DataBreach #Chile #ChileanFirefighters #ViperSystem #CortexGroup #PII_Leak #EmergencyServices #Doxxing #ThreatIntelligence #CyberAlert #VECERT #Infosec #SabotageRisk

Machine Learning Art = ?? What can you do? Show us and win a chance to attend AI Expo in Cape Town. @aimediagroup and @CortexGroup will help sponsor plane tickets and a hotel! Get cracking! #machinelearning #AIart #beautifulcode #findthetrendsinmusic #makemusic #makeart

#CortexGroup accompagne les start-ups africaines d’IA La société sud-africaine Cortex Group, spécialisée dans l’intelligence artificielle (IA), lance une société de capital-risque destinée aux start-ups... lelab.info/cortex-group-acco…