Estimated reading time: 4 minutes
What is XDR? Let us understand what is XDR, also called as Extended Detection and Response. XDR is a cybersecurity solution that goes beyond traditional security measures by unifying threat data from various sources within an organization’s IT ecosystem....
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has uncovered a phishing campaign targeting various Indian government personnel since October 2023. We have also identified targeting of both government and private entities in the defence sector over December. New Rust-based payloads and encrypted PowerShell commands have been utilized...
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Estimated reading time: 3 minutes
In a monumental leap for India’s space exploration journey, the Indian Space Research Organisation (ISRO) has captured the world’s attention with its successful Chandrayaan 3 moon landing. The culmination of meticulous planning, dedication, and scientific prowess, this achievement marks...
Estimated reading time: 3 minutes
Overview A new attack campaign of SideCopy APT has been discovered targeting the Indian Defence sector. The group utilizes phishing email attachments & URLs as the infection vector to download malicious archive files leading to the deployment of two...
Estimated reading time: 2 minutes
Overview APT Transparent Tribe (APT36) is luring the Indian Army into opening the malicious file themed ‘Revision of Officers posting policy.’ Quick Heal’s APT Team has been constantly tracking this persistent threat group and has encountered a new attack...
Estimated reading time: 5 minutes
Threat actors use multiple methods to distribute malware to infect specific targets. Even though various phishing methods are actively used and evolving, an alternative approach to increase their success rate is to call the target corporate companies. Techniques like...
Estimated reading time: 2 minutes
On 19th November at 8:17 am, we became aware of a false positive detection on excel files and the same getting quarantined on some customer devices. We sincerely regret the inconvenience caused. We immediately took necessary actions investigating the matter,...
9 Best Practices to Avoid Ransomware Infection Individuals and organizations must implement the best cybersecurity practices to avoid ransomware infection and data loss. In the past few years, ransomware has become a menace due to various platforms on the...
Estimated reading time: 5 minutes
On May 30, 2022, CVE-2022-30190 “FOLLINA,” a zero-day remote code execution vulnerability discovered in Microsoft Windows Support Diagnostic Tool (MSDT) with high severity (CVSS:9.3). This MSDT tool diagnoses issues with applications such as Microsoft Office documents. Initial attack vector...