Estimated reading time: 7 minutes
On March 2, Microsoft announced a threat group, HAFNIUM, is actively exploiting four zero-day vulnerabilities in their Exchange Servers. Microsoft has released out-of-band security updates (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065), enabling attackers to take access email accounts and run...Information Technology, Network Security & Cybersecurity Updates
Estimated reading time: 2 minutes
Current times have witnessed a large percentage of cyber breaches resulting from human errors. For example, the famous WannaCry ransomware attack that affected the entire world in 2017 increased due to negligence of security teams in ensuring if the...
Estimated reading time: 2 minutes
The dangers of not timely patching enterprise systems were further highlighted with the news of the Black Kingdom ransomware in March end. This new strain of ransomware called “The Black Kingdom” started attacking Microsoft Exchange servers on March 18th...
Estimated reading time: 2 minutes
The dual extension or double extension is one of the oldest forms of cyber-attacks but continues to be extremely effective. The reason for the continued effectiveness of this type of attack lies in its simplicity. File extensions are so...
Estimated reading time: 2 minutes
The entire world’s eyes are on Bitcoin right now since the cryptocurrency’s valuation touched an all-time high. The world’s oldest cryptocurrency is currently being valued at close to USD 40,000, a valuation that is almost a quadruple rise in just a...
Estimated reading time: 5 minutes
Zloader aka Terdot – a variant of the infamous Zeus banking malware is well known for aggressively using “.xls”, “.xlsx” documents as its initial vector to deliver its payload. Despite this, recently we have come across “.docm” file which...
Estimated reading time: 2 minutes
For good reason, organizations regulate their employees’ access to their office devices. Of course, there are no overarching rules but organizations try to adopt a ‘horses for courses’ approach, i.e., an employee working in the financial sector who handles...
Estimated reading time: 5 minutes
Introduction: Researchers at Quick Heal Security Labs have uncovered a potential Spear Phishing campaign targeted against Indian Army personnel. In this attack, the attackers are using “Army Welfare Education Society” Scholarship form as lure. About AWES: Army Welfare Education...
Estimated reading time: 3 minutes
As a concept, privacy is seeing a paradigm shift in terms of its importance. Traditionally, for a developing country like India with its myriad of sociological and infrastructural issues, privacy came quite low on the priority list. However, with...
Estimated reading time: 3 minutes
The ever-changing nature of cyberthreats from Nation-States has recently come into sharp focus with the hacking of FireEye. Part of an overall larger cyberwarfare campaign against the United States government, the hacking is a reminder of an essential truism...