CloudSEK Logo
Home
Product
CloudSEK XVigil
External Digital Risk Protection
CloudSEK BeVigil Enterprise
Attack Surface Monitoring
CloudSEK SVigil
Software and Supply chain Risk Monitoring and Protection
CloudSEK BeVigil Community
Application Scanner
CloudSEK Exposure
Check if your organisation's data is in a data breach
Solutions
Cyber Threats Monitoring
Dark web monitoring
Brand Threats Monitoring
Infrastructure Monitoring
Partner Secret Scanning
BeVigil Jenkins CI
BeVigil OSINT CLI
BeVigil Asset Explorer
Resources

Resources

Blog
The latest industry news, updates and info.
Threat Intelligence
Get up and running on new threat reports and techniques.
Knowledge Base
Basics of Cybersecurity and see more definitions
Whitepapers & Reports
The content team broke their backs making these reports.
Customer stories
Learn how our customers are making big changes. You have got good company!

Company

Integrations
We are more connected than you know. Explore all Integrations
Partners
100s of partners and one Shared goal; Secure future for all us.
About us
Learn about our story and our mission statement.
Life at CloudSEK
A sneak peek at the awesome life at CloudSEK.
Careers
We're hiring!
We are in love with undeniable talent. Join our team!
Legal
All the boring but necessary legalese that legal made us add.

Resources

Blog Posts

Mozi Resurfaces as Androxgh0st Botnet: Unraveling The Latest Exploitation Wave
Mozi Resurfaces as Androxgh0st Botnet: Unraveling The Latest Exploitation Wave
Read Now
All Blog Posts

Whitepapers & Reports

Beyond the Storefront: E-commerce and Retail Threat Insights
Beyond the Storefront: E-commerce and Retail Threat Insights
Read the Report now!
All Reports
Log in
Schedule a Demo
CloudSEK TRIAD

CloudSEK TRIAD

CloudSEK Threat Research and Information Analytics Division

Blogs & Articles

Read all Blogs from this Author

Blog image
Uncovering the Lounge Pass Scam Campaign: Targeted Android SMS Stealer Preying on Air Travellers

CloudSEK’s Threat Research Team uncovered a sophisticated scam targeting air travelers at Indian airports. The fraud involves a malicious Android application named Lounge Pass, distributed through fake domains like loungepass.in. This app secretly intercepts and forwards SMS messages from victims’ devices to cybercriminals, resulting in significant financial losses. The investigation revealed that between July and August 2024, over 450 travelers unknowingly installed the fraudulent app, resulting in a reported theft of more than INR 9 lakhs (approx. $11,000). The scammers exploited an exposed Firebase endpoint to store stolen SMS messages. Through domain analysis and passive DNS data, researchers identified several related domains spreading similar APKs. Key recommendations include downloading apps only from official stores, avoiding scanning random QR codes, and never granting SMS access to travel or lounge apps. Travelers should book lounge access through official channels and stay vigilant to protect their personal data. Stay updated on the latest scams and protect your travel data by following these guidelines.

Read More
Blog image
Analyzing Recent Cyber Attacks in the United States Coinciding with Columbus Day Celebration

Over recent months, the United States has faced a surge in cyber attacks, with ransomware incidents rising sharply from June to October 2024. Prominent groups, including Play, RansomHub, Lockbit, Qilin, and Meow, have targeted sectors such as Business Services, Manufacturing, IT, and Healthcare, compromising over 800 organizations. Major attacks included a breach of the City of Columbus by Rhysida ransomware and data leaks impacting Virginia’s Department of Elections and Healthcare.gov. Additionally, China’s "Salt Typhoon" espionage campaign is aggressively targeting U.S. ISPs, further complicating the cyber threat landscape. Hacktivist groups advocating pro-Russian and pro-Palestinian positions have also increased their attacks, affecting government entities and critical infrastructure. This report highlights the need for enhanced security protocols, regular audits, and public awareness initiatives to mitigate the growing cyber risks. Key recommendations include implementing multi-factor authentication, frequent employee training, and advanced threat monitoring to safeguard the nation's critical infrastructure and public trust.

Read More
Previous
Next

Whitepapers and Reports

Read all Whitepapers and reports from this Author

Beyond the Storefront: E-commerce and Retail Threat Insights

The report "Beyond the Storefront: E-commerce and Retail Threat Insights" highlights the growing cyber threats to the e-commerce and retail sectors, including a surge in ransomware attacks, hacktivist activities, and data breaches. It emphasizes the need for enhanced security measures as these industries face increasing risks from financially motivated attacks and politically driven hacktivism.

Read More
MichaMichaBot: Unveiling the Exploitation of Missing "X-Frame-Options" HTTP Headers in Phishing Attacks

The report "MichaMichaBot: Unmasking the Threats Exploiting Missing 'X-Frame-Options' Headers" reveals how cybercriminals exploit this vulnerability to launch phishing attacks by embedding legitimate websites in iframes with fake login panels. It provides insights into these attack methods and practical strategies to secure digital assets against such threats.

Read More
Unveiling Maorrisbot: The Inner Workings of an Android Trojan Malware

Our whitepaper, "Unveiling Maorrisbot: The Inner Workings of an Android Trojan Malware," explores the sophisticated methods and impacts of Maorrisbot malware, offering insights and strategies to protect your devices. Download it to learn how to safeguard against this significant Android threat.

Read More
Unmasking the New Wave of Deception: An In-Depth Analysis of Modern Trading Scams Leveraging Social Media and Technology in India

Fraudsters exploit social media to lure investors into fake investment groups, impersonating financial experts & promising high returns. This report exposes their tactics targeting India & global countries.

Read More

Knowledge Base

Read all knowledge base articles from this Author

No Knowledge base articles found.
Join our newsletter
We’ll send you a nice letter once per week. No spam.
Untitled UI logotextLogo
Product
XVigil
BeVigil
SVigil
New
Tutorials
Pricing
Releases
Company
About us
Careers
Press
News
Media kit
Contact
Resources
Blog
Newsletter
Events
Help centre
Tutorials
Support
Use Cases
Startups
Enterprise
Government
SaaS
Marketplaces
Ecommerce
Social
Twitter
LinkedIn
Facebook
GitHub
AngelList
Dribbble
© 2077 Untitled UI
PrivacyGDPRDisclosure of Vulnerability
Products
XVigil
BeVigil Enterprise
SVigil
BeVigil
CloudSEK Exposure
Mobile App
Google Play button to download App
Solutions
Cyber Threats Monitoring
Dark Web Monitoring
Brand Threat Monitoring
Infra Threat Monitoring
Partners Secret Scanning
BeVigil Jenkins CI
BeVigil OSINT CLI
BeVigil Asset Explorer
Takedowns
Resources
Blogs and Articles
Threat Intelligence
Whitepapers and Reports
Knowledge Base
Integrations
Community
Discord Community
CloudSEK News
CloudSEK Community
Company
About us
Customers
Partners
Life at CloudSEK
Secure Sips
Careers
Announcements
Press
Contact Us
CloudSEK Logo
Linkedin Icon

At CloudSEK, we combine the power of Cyber Intelligence, Brand Monitoring, Attack Surface Monitoring, Infrastructure Monitoring and Supply Chain Intelligence to give context to our customers’ digital risks.

GDPR Policy
Privacy
Vulnerability Disclosure
Subscribe our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.