Read insightful articles on cybersecurity, threat intelligence, and risk management on the CloudSEK Blog. Stay ahead of cyber threats and protect your organization.
CloudSEK's investigation has revealed the presence of 13 Facebook pages/accounts (totaling over 500K followers) that have been compromised and are being used to disseminate the malware via Facebook ads.
The Royal ransomware group is a relatively new player in the world of cybercrime, with its earliest known activity dating back to mid-2022. From all the victims that the group has posted, we have calculated that the Royal Ransomware group has leaked a whopping 249+ Terabytes of data to date.
CloudSEK’s TRIAD team discovered yet another open-source Android malware called DogeRAT (Remote Access Trojan), targeting a large customer base across multiple industries, especially Banking and Entertainment. Although the majority of this campaign targeted users in India, it is intended to have a global reach.
A thorough technical analysis of BlackCat ransomware, which has been causing havoc for organizations across the world. ALPHV, also known as BlackCat, is a ransomware family first seen in late 2021 and has been targeting multiple firms across industries.
BidenCash, a notorious marketplace for selling leaked credit card information, has expanded its services by offering SSH access to buyers for as low as $2. This new offering can have severe consequences for cybersecurity.
CloudSEK’s researchers identified that multiple applications do not invalidate or revalidate session cookies if app data is transferred from one device to another.
BeVigil can significantly simplify and enhance the workflow of bug bounty researchers. With BeVigil's innovative approach, researchers can leverage a straightforward workflow that requires fewer steps to identify vulnerabilities and earn bounties.
Learn how to improve the security of your mobile apps using BeVigil Jenkins Extension. This comprehensive guide will help you create secure mobile apps that protect user data and prevent unauthorized access. Discover how to use Jenkins integration to automate security testing and ensure your app is secure before release.
On 29th March 2023, reports emerged of malicious activities originating from a signed 3CX desktop application. Trojanized versions of the 3CX desktop app load a DLL with malicious content. The DLL launches a multi-staged attack on the victim machine, the final stage being the deployment of an unidentified info stealer.