In 2017, the Indian Supreme Court held that the right to privacy was a fundamental right, and afterwards, the Indian Parliament drafted a data protection bill which has been recently reviewed by Joint Parliamentary Committee. The committee has recommended the…
TrickBot, a modular Windows crimeware platform, has shut its infrastructure on Thursday after reports came of its impending retirement. TrickBot was inactive for two months, and Thursday marked the closure of a persistent malware campaign. “TrickBot is gone… It is…
Dridex, a general-purpose malware, and Entropy, a less known ransomware strain, share similarities as a result of operators playing with names in their extortion campaign. “The similarities are in the software packer used to conceal the ransomware code, in the…
OpenSea’s NFT marketplace vulnerability in the smart contract upgrade process exploited by malicious actors. The malicious actors executed a phishing attack against 17 users and stole $1.7 million worth of virtual assets. NFTs, an acronym for non-fungible tokens, are digital…
Threat actors have targeted vulnerable internet-facing Microsft SQL (MS SQL) servers. The attacks entail planting the Cobalt Strike adversary simulation tool in the targeted systems. “Attacks that target MS SQL servers include attacks to the environment where its vulnerability has…
A study of SMS phone-verified account (PVA) services has revealed a rogue platform with a botnet underneath. The rogue platform has infected thousands of Android phones, and android infections point to the downsides of using SMS for account validation. SMS…
Researchers have chronicled their decoding attempt, decoding the data infected with Hive ransomware without relying on the private key that blocked the content access. “We were able to recover the master key for generating the file encryption key without the…
Cisco has released patches for three vulnerabilities that have been plaguing its products—one vulnerability rated high severity in its Email Security Appliance (ESA). The ESA vulnerability can lead to a denial-of-service (DoS) condition on a compromised device. The vulnerability, labelled…
Egress, a cybersecurity firm, reports a rise in Phishing attacks imitating LinkedIn emails, and since February, such attacks have increased 232%. The company stated in a report that cybercriminals are using display name spoofing and stylised HTML templates to trick…
A new hacker group has been tracked to attacks targeting human rights, activists, human rights defenders, academics, and lawyers in India. The attacks attempt to drop “incriminating digital evidence.” Sentinel Group has traced the attacks to a group called “Modified…
