ذكاء التهديدات

Chinese origin botnet, Kaiji, built from scratch in the Golang language, can launch multiple DDoS attacks, SSH bruteforcer, SSH spreader.

CloudSEK researchers discover a magnet link to an archive that contains Intel's internal data, including release notes, NDA agreements, etc.

New phishing-as-a-service platform named “Caffeine”, used to conduct phishing campaigns.

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a Russian cybercrime forum frequented by Ransomware groups, regarding eight vulnerabilities targeting Samba packages affecting Active Directory domains.

DragonForce has been actively targeting Indian entities under #OpsPatuk and #OpsIndia. Breach of some sensitive Government websites containing PII, military operations, and other government secrets.

CloudSEK team has uncovered a banking trojan, with improvised modus operandi, where the threat actor or a group of threat actors host a simple online complaint portal having the domains like online-complaint[.]com or customer-complaint[.]com and target Indian banking customers.

CloudSEK’s contextual AI digital risk platform XVigil uncovered a phishing campaign abusing a SaaS platform, named FormSubmit, to impersonate a popular Indian bank.

CloudSEK’s contextual AI digital risk platform XVigil has spotted an advertisement where a short tutorial is provided on how the Hayya Card registration facility could be misused by threat actors to create multiple copies of the card.