Threat Intelligence

AgainstTheWest targets WeChat & TikTok under Operation Renminbi. Over 2 billion user records and 790 GB files leaked. Alibaba Cloud instance exploited.

RansomHouse group has allegedly breached IPCA Laboratories. The incident took place on 3 September 2022, and the current status is under encryption with approximately 6000 views.

Two application that impersonates the Directorate of Kerala Lotteries. These applications lure people into buying lottery tickets online.

A new critical vulnerability on the very popular Apache Commons Text library reported and tracked as CVE-2022-42889, named Text4Shell. The vulnerability affects the StringSubstitutor interpolator class which allows for string lookups leading to Remote Code Execution.

New phishing-as-a-service platform named “Caffeine”, used to conduct phishing campaigns.

CloudSEK’s contextual AI digital risk platform has uncovered a large-scale ongoing BEC scam that is targeting vendors of Middle East-based organizations and individuals.

Researchers at CloudSEK observed a series of threats and potentially malicious campaigns ahead of Black Friday 2022.

CloudSEK’s XVigil has observed a spike in exposed Postman instances. This trend is especially concerning because Postman is used by 500,000 organizations and 20 million developers across the world.