ذكاء التهديدات

CloudSEK Threat Intelligence Advisory on ProLock Ransomware, previously PwndLocker malware, Mitre ATT&CK, IOCs, and preventive measures.

CloudSEK’s contextual AI digital risk platform XVigil discovered a post made by a hacktivist group “Mysterious Team Bangladesh” claiming to have conducted a DDoS attack on Multiple UAE government websites.

We discovered a social engineering campaign launched by threat actors impersonating the official employees of KSEB (Kerala State Electricity Board).The campaign was carried out via text messages which requested the customers to connect with a particular number for assistance with their electricity bill payment.

CloudSEK’s Threat Intelligence Research team analyzed the profile of the Night Sky ransomware group. This group doesn’t have a significant online presence, apart from their exclusive Onion website, where they post their activities and updates.

CloudSEK’s Threat Intelligence team has uncovered a cybercrime forum post, where an analysis of the recently disclosed CVE-2023-21752 was provided by a threat actor with a medium reputation

Desorden announces a cyberattack against Indonesia’s PT Jasamarga Tollway Operator. 252 GB data was exfiltrated from 5 servers.

CloudSEK threat intelligence advisory on Cobalt Strike malware delivered by Iranian APT group MuddyWater, weaponizes Word documents.

The vulnerability tracked as CVE-2021-41773 is a path traversal and file disclosure vulnerability in Apache HTTP Server. The vulnerability has been exploited in the wild as a zero-day.