ذكاء التهديدات

Recently, our research team discovered an interesting post, on a Russian-language cybercrime forum, of a threat actor advertising a phishing toolkit. In the actor’s first post related to the phishing service, they were only selling monthly subscription packages. However, through a reliable source, we have gathered other details about this phishing campaign, including the tactics, techniques, and procedures (TTPs) used.

Academic data centers across Europe, North America, and China suffered a string of attacks that may have been carried out to mine Monero.

Increase in supply and demand for services that are abusing Google Ads to deliver malware payloads and loaders, across various dark web and cybercrime forums.

HEH is an IoT P2P botnet written in GO language that wipes data from infected systems. Learn about Mitigation, Impact and IOCs of HEH Botnet.

Category: Adversary Intelligence Threat Type: Hacktivism Industry: Government & Private Region: India Update 2: 13 June 2022, 18:30 IST CloudSEK’s researchers captured a member of the DragonForce forum executing the purported DDOS attack on the BJP official website. The IP address in the image matches the BJP’s server’s IP address (ie.104[.]18[.]130[.]37). In […]

AgainstTheWest targets WeChat & TikTok under Operation Renminbi. Over 2 billion user records and 790 GB files leaked. Alibaba Cloud instance exploited.

CloudSEK’s Customer Threat Research team discovered multiple assets on the internet that are still vulnerable to CVE-2017-7269, a remote code execution (RCE) vulnerability affecting IIS v6.0 - 2003 R2.

CloudSEK Threat Intelligence Advisory on AHP ransomware, latest version of Dharma virus, that targets Wndows-based systems.