Cloudflare Pages Misused in a Phishing Campaign Against Indian Banking Customers
CloudSEK’s uncovered yet another improvised modus operandi used by threat actors to target banking customers in India through a phishing campaign.
September 2, 2022
Latest Threat Intel. Here and Now.
Darkweb Mentions
Missing DMARC Records Increases the Possibility of Phishing Campaigns Against Akasa Air
An unauthorized information disclosure vulnerability that allowed threat actors to access the customer data on the registration page of Akasa Air (akasaair[.]com)
September 2, 2022
Timeline & TTPs of TeamTNT Cybercrime Group
The threat actor group, TeamTNT, compromised multiple cloud instances and containerized environments.The target list includes Docker, Redis server, AWS, and Kubernetes.
August 25, 2022
Zoho Form Service Leveraged to Exfiltrate Sensitive PII from Banking Customers
CloudSEK’s AI powered Digital Risk Protection (DRP) Platform identified a Twitter account involved in a new type of phishing scam campaign where the threat actor is misusing Zoho Forms to steal information from banking customers.
August 25, 2022
Scammers Impersonate Electricity Board Officials to Gain Device Access & Exfiltrate Funds
We discovered a social engineering campaign launched by threat actors impersonating the official employees of KSEB (Kerala State Electricity Board).The campaign was carried out via text messages which requested the customers to connect with a particular number for assistance with their electricity bill payment.
August 25, 2022
Raven Storm, the Multi-Threading Tool Employed by Hacktivists for DDoS Attacks
CloudSEK’s contextual AI digital risk platform XVigil discovered a post by the Mysterious Team announcing the use of the Raven Storm tool DDoS attacks.
The tool uses multi-threading for sending multiple packets at a single moment of time and getting the target down.
August 21, 2022
SolidBit Ransomware Group Actively Recruiting Affiliates
CloudSEK discovered a threat actor group named SolidBit, offering RaaS (Ransom-as-a-Service) on an underground forum. The group is actively looking for partners to gain access to companies’ private networks in order to spread the ransomware called SolidBit.
August 11, 2022
A Comprehensive Analysis of the Zimbra Vulnerability CVE-2022-30333
An RCE vulnerability in Zimbra webmail servers being actively exploited to target multiple organizations worldwide.
The exploit was used to launch a spear phishing campaign against Europe.
August 11, 2022
Hostinger’s Preview Domain Feature Abused to Launch Phishing Campaigns and Evade Detection
Hostinger’s preview domain feature abused to host phishing sites
August 4, 2022
Techniques, Tactics & Procedures (TTPs) Employed by Hacktivist Group DragonForce Malaysia
DragonForce has been actively targeting Indian entities under #OpsPatuk and #OpsIndia. Breach of some sensitive Government websites containing PII, military operations, and other government secrets.
July 28, 2022
Not another Threat intel platform
Threatintel Redefined
Keep up with the latest strains of Malware, Phishing Lures, Indicators of Compromise, and Data Leaks which are precise and Specific.
Get Alerted
Sign up for our Daily Cyber Brief, and be the first to receive the latest cyber news and threat alerts, from across the world.
CloudSEK is a Digital risk protection Enterprise HQ in Singapore
Product and Modules
About us