Read all Blogs from this Author
CloudSEK's research uncovers a generic phishing framework capable of targeting multiple brands by leveraging customizable URLs to impersonate legitimate login pages. Hosted on Cloudflare's workers.dev, these phishing pages dynamically adapt by using targeted email domains to generate realistic backgrounds, deceiving users into surrendering credentials. The stolen data is exfiltrated to a remote server via obfuscated JavaScript. Organizations must enhance awareness through training, simulate phishing scenarios, and establish clear reporting protocols to mitigate risks and protect against evolving phishing threats.
CloudSEK’s TRIAD team discovered yet another open-source Android malware called DogeRAT (Remote Access Trojan), targeting a large customer base across multiple industries, especially Banking and Entertainment. Although the majority of this campaign targeted users in India, it is intended to have a global reach.
Read all Whitepapers and reports from this Author
CloudSEK has identified an increase in cyber threats targeting the banking sector in 2022, as compared to the same period in 2021.
Read More
In 2022, CloudSEK’s TRIAD identified several incidents, especially targeting banking customers, and released advisories to inform the affected SaaS companies and the public. As this trend continues, we recommend that SaaS companies and consumers stay alert to these tactics in 2023 as well.
Read MoreRead all knowledge base articles from this Author