CloudSEK’s contextual AI digital risk platform XVigil has identified an increase in instances of organizations exposing Swagger user interfaces. Many of these instances have high exploitability risks.
DragonForce Malaysia has shared an exploit to bypass the Windows Server LPE LDR for targeting and exploiting Indian servers. The group has also shared a working PoC (Proof of Concept) video to substantiate their claims.
XVigil has identified a surge in phishing sites hosted using reverse tunnel services. In this report, we delve into how threat actors use reverse tunnel services, along with URL shorteners, to orchestrate widespread campaigns, without leaving any traces.
CloudSEK team has uncovered a banking trojan, with improvised modus operandi, where the threat actor or a group of threat actors host a simple online complaint portal having the domains like online-complaint[.]com or customer-complaint[.]com and target Indian banking customers.
BeVigil has detected leaked Slack webhooks in one of the applications being monitored. Exposed webhooks can be leveraged to access sensitive data and also propagate phishing messages.
CloudSEK team identified a post on a cybercrime forum where a threat actor posted the database of Rail Coach Factory, Kapurthala, India for free.
CloudSEK researchers’ investigation discovered that the CoinEgg Scam/cryptocurrency scam was conducted by threat actors. We discovered an on-going malicious scheme involving multiple payment gateway domains and Android-based applications, used to lure unsuspecting individuals into a mass gambling scam.
CVE-2022-26314 is an unauthenticated and remote OGNL injection vulnerability that could lead to remote code execution.
XVigil identified a post, advertising 170 SonicVPN accesses for USD 2,000. Threat actors have been targeting SonicVPN frequently, which puts these accesses at a high risk of being exploited.
XVigil discovered a threat actor advertising a “battle-tested” reverse proxy/PHP phishing app called “NakedPages”, on a cybercrime forum.
Sign up for our Daily Cyber Brief, and be the first to receive the latest cyber news and threat alerts, from across the world.
CloudSEK is a Digital risk protection Enterprise HQ in Singapore
Product and Modules
About us