Hacker Group Profile: Shield Iran Security Team
CloudSEK’s Threat Intelligence Research team analyzed the profile of a threat actor handle that seems to be connected to a popular hacker group known as Shield Iran Security Team.
January 12, 2022
Latest Threat Intel. Here and Now.
Darkweb Mentions
Ransomware Group Profile: Night Sky
CloudSEK’s Threat Intelligence Research team analyzed the profile of the Night Sky ransomware group. This group doesn’t have a significant online presence, apart from their exclusive Onion website, where they post their activities and updates.
January 12, 2022
Ransomware Group Profile: BlackCat (Alphv-ng)
Our Research team analysed the profile of the ransomware group dubbed BlackCat. This group doesn’t have an online presence apart from an exclusive Onion site, where they post their activities, updates, and targeted victims.
January 7, 2022
Log4Shell Multiple Critical Vulnerabilities: Updated Advisory
Log4J vulnerability is now being exploited by notorious ransomware groups such as Khonsari and Conti. Log4Shell had 3 high priority security patches in the last week alone, leading to increased threat severity.
December 23, 2021
Emerging Threat Actor’s Phishing Services Could Potentially Impact Millions of Users Globally
Recently, our research team discovered an interesting post, on a Russian-language cybercrime forum, of a threat actor advertising a phishing toolkit. In the actor’s first post related to the phishing service, they were only selling monthly subscription packages. However, through a reliable source, we have gathered other details about this phishing campaign, including the tactics, techniques, and procedures (TTPs) used.
December 22, 2021
Log4Shell (CVE-2021-44228) Remote Code Execution Vulnerability Actively Exploited in the Wild
The Log4Shell vulnerability, tracked as CVE-2021-4428, has the highest severity of CVSS 10, as it enables unauthenticated remote code execution and is already being exploited in the wild.
December 13, 2021
Grafana CVE-2021-43798 Vulnerability Actively Exploited in the Wild
Grafana recently released an advisory and patch for a critical path traversal vulnerability which leads to an unauthenticated Local File inclusion. This vulnerability affects Grafana versions v8.0.0-beta1 through v8.3.0, however, the Grafana Cloud remains unaffected.
December 9, 2021
8 Vulnerabilities in Samba Can be Exploited to Target Active Directory Domains
CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a Russian cybercrime forum frequented by Ransomware groups, regarding eight vulnerabilities targeting Samba packages affecting Active Directory domains.
November 23, 2021
All You Need To Know About Ransomware Group , 54bb47h (Sabbath)
CloudSEK’s Threat Intelligence Research team analyzed the profile of the ransomware group named 54bb47h (Sabbath)
November 23, 2021
What Is The Venom RAT? A Detailed Explanation of this remote access tool
VenomRAT is a remote access tool discovered by 2020, and it is used by threat actors to control the infected systems remotely.
November 19, 2021
Not another Threat intel platform
Threatintel Redefined
Keep up with the latest strains of Malware, Phishing Lures, Indicators of Compromise, and Data Leaks which are precise and Specific.
Get Alerted
Sign up for our Daily Cyber Brief, and be the first to receive the latest cyber news and threat alerts, from across the world.
CloudSEK is a Digital risk protection Enterprise HQ in Singapore
Product and Modules
About us