Estimated reading time: 15 minutes
Operation Cobalt Whisper: Threat Actor Targets Multiple Industries Across Hong Kong and Pakistan. Contents Introduction Key Targets. Industries Affected. Geographical Focus. Initial Findings. Looking into the decoy-document – I Looking into the decoy-document – II Infection Chain. Technical Analysis...
Estimated reading time: 3 minutes
Our previous blog explored an XSS vulnerability within the Bookly plugin (WordPress Online Booking and Scheduling Plugin – Bookly). Today, we will delve into another XSS vulnerability that came to light during our research on the same plugin. Our...
Estimated reading time: 3 minutes
The world of healthcare is rapidly changing. Technological advancements expose organizations to cyber risks, including ransomware, malware, breaches, viruses, and vulnerabilities. The combination of poor cybersecurity practices, digital transformation in care delivery, operational touchpoints, and sensitive data storage makes...
Estimated reading time: 5 minutes
On May 30, 2022, CVE-2022-30190 “FOLLINA,” a zero-day remote code execution vulnerability discovered in Microsoft Windows Support Diagnostic Tool (MSDT) with high severity (CVSS:9.3). This MSDT tool diagnoses issues with applications such as Microsoft Office documents. Initial attack vector...
Estimated reading time: 2 minutes
A Zero-day Remote Code Execution Vulnerability with high severity has been identified as CVE-2022-30190 “FOLLINA” in Microsoft Windows Support Diagnostic Tool (MSDT). MSDT is a tool present on Windows version 7 and above and is used for the diagnosis...
Estimated reading time: 2 minutes
A Zero-day Remote Code Execution Vulnerability with critical severity has been identified as CVE-2022-22965 aka Spring4Shell or SpringShell in Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19 & older. The Spring Framework is an open-source, popular, feature-rich application...
Estimated reading time: 2 minutes
We all are aware of the ongoing conflict between Russia and Ukraine. As the physical war takes place on the ground, it also gives rise to cyberattacks against Russia and Ukraine. We are seeing an increase in malicious cyber...
Estimated reading time: 4 minutes
If you’ve been following the news recently, you’ll undoubtedly have read about cybersecurity incidents impacting corporations of all sizes in all industries around the world. While it doesn’t often make the news, even small- and medium-sized businesses (SMBs) have...
Estimated reading time: 4 minutes
CetaRAT was seen for the first time in the Operation SideCopy APT. Now it is continuously expanding its activity since then. We have been tracking this RAT for a long time and observed an increase in targeting the Indian...
Estimated reading time: 3 minutes
The SideCopy APT Group has expanded its activity this year and now targets critical Indian sectors this time. Quick Heal Security Labs researchers have been tracking the notorious cyber-attack group – ‘Transparent Tribe’ since the first SideCopy campaign in...