CloudSEK’s Threat Intelligence Research team analyzed the profile of the Night Sky ransomware group. This group doesn’t have a significant online presence, apart from their exclusive Onion website, where they post their activities and updates.

CloudSEK’s Threat Intelligence Research team analyzed the profile of a threat actor handle that seems to be connected to a popular hacker group known as Shield Iran Security Team.

A confidential source has shared previously unknown details about the newly emerging threat actor group Desorden which is actively targeting Asian Conglomerates.

CloudSEK’s Customer Threat Research team discovered multiple assets on the internet that are still vulnerable to CVE-2017-7269, a remote code execution (RCE) vulnerability affecting IIS v6.0 - 2003 R2.

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post on a cybercrime forum, mentioning a vulnerability in the Apache HTTP server 2.4.17 to 2.4.38, known as CVE-2019-0211.

Category: Vulnerability Intelligence Vulnerability Class: Zero-Day Vulnerability CVE ID: CVE-2022-1096 CVSS:3.0 Score: To be assigned Executive Summary Google released a security update to patch a critical zero-day vulnerability in Windows, Mac, and Linux operating systems with Chrome 99.0.4844.84. The zero-day vulnerability tracked as CVE-2022-1096, is a type of confusion vulnerability in the Chrome V8 JavaScript engine. Google claims that […]

Category: Vulnerability Intelligence Vulnerability Class: Remote code execution CVE ID: To be assigned CVSS:3.0 Score: To be assigned Spring4Shell – Executive Summary A new critical zero-day vulnerability in the popular Spring framework for Java came into the spotlight when its exploit was first published by a Chinese security researcher “heige” on Twitter (@80vul). Later it was confirmed that a […]

CloudSEK’s Customer Threat Research Team discovered a malware sample in the wild (ITW) that targeted the customers of Indian Banks.