Read all Blogs from this Author
CloudSEK uncovered an advanced cryptojacking campaign by threat actor TA-NATALSTATUS, active since 2020 and now escalating globally in 2025. The group exploits exposed Redis servers in the US, Europe, Russia, India, and beyond, hijacking root access to install miners, disable defenses, and wipe out rivals. Their stealth tactics—binary hijacking, obfuscation, and persistence mechanisms—turn servers into long-term mining assets. CloudSEK advises immediate remediation, reimaging, and securing Redis instances.
In July 2025, CloudSEK analyzed how misinformation and recycled breach data—from forums, media, and researchers—flood threat intel teams with false alarms. High-profile cases like the “16 Billion Credential Leak” and ICMR breach were inflated using old or fake data. This noise wastes up to 25% of security teams’ time. The report offers a clear framework to verify breach legitimacy, reduce alert fatigue, and focus on real, high-priority cyber threats.
Read all Whitepapers and reports from this Author
Fraudsters exploit social media to lure investors into fake investment groups, impersonating financial experts & promising high returns. This report exposes their tactics targeting India & global countries.
Read More
Discover how CloudSEK's Threat Intelligence team exposed a critical flaw in India's banking system, exploited by Chinese hackers for a vast money laundering operation using "money mule" accounts, and the malicious APK at the heart of this scheme.
Read MoreRead all knowledge base articles from this Author