CloudSEK’s contextual AI digital risk platform XVigil discovered an unprecedented, sophisticated phishing technique, commonly known as Browser-in-the-Browser (BitB) attack, that has been targeting government websites across the world, including India.
We discovered that Gimmick MacOS malware communicates only through their C2 server hosted on Google Drive. The malware was discovered in the first week of May and it has been actively targeting macOS devices
Goodwill ransomware group propagates very unusual demands in exchange for the decryption key. The Robin Hood-like group is forcing its Victims to donate to the poor and provides financial assistance to the patients in need.
We have identified an increase in dark web discussions among threat actors, regarding CRM exploitation tactics and exposure of CRM credentials across code repositories such as Github and Bitbucket
Increase in supply and demand for services that are abusing Google Ads to deliver malware payloads and loaders, across various dark web and cybercrime forums.
Category: Vulnerability Intelligence Vulnerability Class: Access of Resource Using Incompatible Type CVE ID: CVE-2022-1096 CVSS:3.0 Score: 9.1 Executive Summary CloudSEK’s Threat Research Team has
We have discovered a financially motivated threat actor group, named Axxes ransomware, that is considered to be a rebrand of a formerly known Midas ransomware group.
The severity of the newly identified vulnerability CVE-2022-1388 is present in the F5 BIG-IP. The vulnerability was identified by F5 internally and a patch was released but the difference in code allowed threat actors to make a working exploit for the CVE.
We are unearthing the scale and scope of cyber threats targeting oil and energy companies across the world. This might be a Russian state-sponsored cyberattack on the Energy Sectors of their competitors.
AutoWarp vulnerability in the Azure Automation service that allows unauthorized access to other Azure customer accounts.
Sign up for our Daily Cyber Brief, and be the first to receive the latest cyber news and threat alerts, from across the world.
CloudSEK is a Digital risk protection Enterprise HQ in Singapore
Product and Modules
About us