Threat Intelligence

We Discovered a Private drainer for Metamask which is capable of transferring cryptocurrency from the victim’s wallet to the attacker's wallet.

CloudSEK’s XVigil has observed a spike in exposed Postman instances. This trend is especially concerning because Postman is used by 500,000 organizations and 20 million developers across the world.

CloudSEK’s contextual AI digital risk platform XVigil uncovered a phishing campaign abusing a SaaS platform, named FormSubmit, to impersonate a popular Indian bank.

CloudSEK’s Threat Intelligence Team uncovered a campaign, actively running from the past 1.8 years, that attacks and brute forces the SSH. 

CloudSEK team has uncovered a banking trojan, with improvised modus operandi, where the threat actor or a group of threat actors host a simple online complaint portal having the domains like online-complaint[.]com or customer-complaint[.]com and target Indian banking customers.

CloudSEK threat intelligence advisory on FluBot Android malware, that impersonates mobile banking applications to draw fake webview on targeted applications.

Category: Vulnerability Intelligence Vulnerability Class: Zero-Day Vulnerability CVE ID: CVE-2022-1096 CVSS:3.0 Score: To be assigned Executive Summary Google released a security update to patch a critical zero-day vulnerability in Windows, Mac, and Linux operating systems with Chrome 99.0.4844.84. The zero-day vulnerability tracked as CVE-2022-1096, is a type of confusion vulnerability in the Chrome V8 JavaScript engine. Google claims that […]

On August 2, 2023, CloudSEK's XVigil AI platform found a threat actor sharing iRAD's road safety database source code, a Government of India initiative, on a cybercrime forum.