Threat Intelligence

CloudSEK Threat Intelligence has detected a data leak that contains sensitive information of 1 million IRCTC (Indian Railway Catering and Tourism Corporation) users.

Prynt Stealer operating on stealth mode to steal sensitive data & credentials from the victims’ systems, browsers, & crypto wallets.

Increase in supply and demand for services that are abusing Google Ads to deliver malware payloads and loaders, across various dark web and cybercrime forums.

CloudSEK discovers leaked database that contains sensitive information of management job site users, which includes username, phone number.

XVigil identified a suspicious domain that was sending phishing emails to the vendors of a real estate entity. A deep-dive analysis of the domain exposed a full-fledged campaign, where the threat actors were impersonating the Ministry of Human Resources of the UAE government.

CloudSEK Threat Intelligence Advisory on Zerologon vulnerability tracked as CVE-2020-1472, rated as critical with a CVSS score of 10

CloudSEK’s contextual AI digital risk platform XVigil discovered an unprecedented, sophisticated phishing technique, commonly known as Browser-in-the-Browser (BitB) attack, that has been targeting government websites across the world, including India.

CloudSEK Threat Intelligence Advisory on Mushtik botnet, targets IoT devices, cloud systems to mine cryptocurrencies, exploits existing flaws