Estimated reading time: 5 minutes
How To Defend Against Advanced Persistent Threats (APTs): A Comprehensive Approach In today’s time, one of the most formidable threats organizations face today is the Advanced Persistent Threat (APT). These sophisticated, targeted attacks are designed to infiltrate networks, steal...
Estimated reading time: 20 minutes
An open directory hosting malware linked to Transparent Tribe (APT36) has been found by SEQRITE Labs APT team. Further analysis revealed hidden URLs on the same domain containing payloads used by its sub-division APT group SideCopy. Targeting of Indian...
Estimated reading time: 13 minutes
SEQRITE Labs APT-Team has uncovered a phishing campaign targeting various Indian government personnel since October 2023. We have also identified targeting of both government and private entities in the defence sector over December. New Rust-based payloads and encrypted PowerShell commands have been utilized...
Estimated reading time: 13 minutes
SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Estimated reading time: 5 minutes
Threat actors use multiple methods to distribute malware to infect specific targets. Even though various phishing methods are actively used and evolving, an alternative approach to increase their success rate is to call the target corporate companies. Techniques like...
Estimated reading time: 5 minutes
Zloader aka Terdot – a variant of the infamous Zeus banking malware is well known for aggressively using “.xls”, “.xlsx” documents as its initial vector to deliver its payload. Despite this, recently we have come across “.docm” file which...
Estimated reading time: 2 minutes
Whaling attacks are a deadly combination of spear-phishing and social engineering. Like phishing attacks, the attempts of the perpetrators are similar – to get a target to reveal confidential data or even get tricked and send money. But whaling...
Estimated reading time: 2 minutes
Supply chains and industrial enterprises are being targeted through a series of ongoing spear-phishing attacks. This recent campaign, observed on systems within Germany, United States and Japan thus far, operates through the obfuscation of malware on public, legitimate sources....
Estimated reading time: 5 minutes
Summary Quick Heal Security Labs has observed a new malspam campaign that is targeting Manufacturing and Export industries in India. In this campaign, malware actors are making use of multiple sophisticated techniques to bypass defence mechanisms. In our analysis,...
Estimated reading time: 5 minutes
Quick Heal Labs have been tracking this Cyber-espionage operation since 2016. We have identified this attack as operation m_project. From the past year, we have seen a surge in these APT activities. Modus operandi of the attackers have remained...