Estimated reading time: 5 minutes
The “GrassCall” malware campaign represents an advanced social engineering attack carried out by a Russian-speaking cyber-criminal organization referred to as “Crazy Evil,” with its subgroup “kevland” leading the operation. The campaign specifically targets job seekers in the cryptocurrency and...
Estimated reading time: 3 minutes
Phishing has drastically transformed from its early days as a simple scam targeting unwary email users. Modern phishing techniques—dubbed “Phishing 2.0″—are more complex, highly tailored, and designed to bypass even the most robust security systems. In this blog, we’ll...
Estimated reading time: 5 minutes
How To Defend Against Advanced Persistent Threats (APTs): A Comprehensive Approach In today’s time, one of the most formidable threats organizations face today is the Advanced Persistent Threat (APT). These sophisticated, targeted attacks are designed to infiltrate networks, steal...
Estimated reading time: 4 minutes
The 12 Essential Features Defining Advanced Endpoint Security Solution Endpoint security is a critical aspect of protecting an organization’s network and data from evolving threats. As the sophistication and abundance of endpoint threats continue to grow, advanced endpoint security...
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Estimated reading time: 5 minutes
The discovery of a zero-day vulnerability in MOVEit Transfer has brought attention to the potential risks of unauthorized access and the exploitation of elevated privileges within the system. MOVEit Transfer is widely recognized as a secure and popular managed...
Estimated reading time: 3 minutes
Our previous blog explored an XSS vulnerability within the Bookly plugin (WordPress Online Booking and Scheduling Plugin – Bookly). Today, we will delve into another XSS vulnerability that came to light during our research on the same plugin. Our...
Estimated reading time: 5 minutes
The pandemic has expedited digital transformation, making technology and data pivotal to most businesses. However, it has also increased cyber threats, especially for small and medium-sized enterprises (SMBs). In addition, data regulations have also become more stringent, with fines...
Estimated reading time: 3 minutes
The world of healthcare is rapidly changing. Technological advancements expose organizations to cyber risks, including ransomware, malware, breaches, viruses, and vulnerabilities. The combination of poor cybersecurity practices, digital transformation in care delivery, operational touchpoints, and sensitive data storage makes...
Estimated reading time: 4 minutes
On June 2, 2022, CVE-2022-26134 “Confluence,” a zero-day remote code execution vulnerability, was discovered in all versions of the Confluence Server and Data Center. The attack was detected to be of high severity (CVSS:9.0/10.0) according to a security advisory...