South Asia

South Asia Page 1

WeLeak Database Threat Group Data Leak Stolen Databases iZOOlogic Dark Web Fraud Prevention

The WeLeak Database group continues to leak stolen databases

Threat groups leaking stolen databases have been widespread across the dark web landscape. One includes the WeLeak Database group observed by researchers from iZOOlogic to remain active, specifically on their Telegram channel with over 12,000 subscribers. The WeLeak Database group has set up their Telegram channel to provide massive database dumps for the public and...
Continue Reading
Citrix ADM Vulnerability Flaw Hackers Reset Admin Data Patch

A Citrix ADM flaw that lets hackers reset admin data gets patched

A critical vulnerability tracked CVE-2022-27511 that affected the Citrix Application Delivery Management (ADM) technology has now been patched. The said flaw allows threat actors to reset administrators’ passwords remotely. Citrix’s Application Delivery and Management (ADM) solution is a web-based technology for its users to easily manage all Citrix-related cloud or on-premise deployments, including ADC MPX,...
Continue Reading
Sophos Firewall Vulnerability Exploit Chinese Hackers Zero Day Flaw

Sophos firewall exploited by Chinese hackers using a zero-day flaw

A malicious group of threat actors from China exploited a zero-day abuse in Sophos firewall, which researchers classify as critical-severity. The malicious threat actors infected a company and breached their web servers hosted through a cloud. A Chinese advanced persistent threat (APT) group conducted the attack, dubbed as DriftingCloud. The adversaries have exploited a critical...
Continue Reading
Cybersecurity Researchers Infiltrate Microsoft Cloud Applications OneDrive Sharepoint Bug

Researchers found a loophole to infiltrate Microsoft’s cloud applications

Microsoft’s SharePoint and OneDrive have been identified with a flaw that allows ransomware actors to encrypt files stored in the cloud applications that its users would not be able to recover without backups or obtaining decryptors from the hackers. In this attack, the threat operators could leverage the two applications’ “versioning” feature that enables users...
Continue Reading
PureCrypter Malware Cyberattacks Attack Vector Telegram

PureCrypter adds new modules for better cyberattacks

A notorious multi-functional loader called PureCrypter has been updated by its developers for better usage in cyber-attacks. Research stated that this crypter had been sold in the underground market since March last year. PureCrypter’s operators have updated their loader and added new features to run several malicious activities despite being a vector for distributing remote...
Continue Reading
Dragon Force Hacktivist Threat Group India IT Infrastructure Hostnet

Dragon Force hacktivist group targets India’s IT infrastructure

A Malaysian hacktivist group called Dragon Force gathers other hackers’ attention to encourage them to attack India’s information technology infrastructure with cyber-attacks. Last June, the group tweeted its intention and called its mission a “special operation.” The hacktivist group appears to be targeting the members of the Bharatiya Janata Party, a political party in India....
Continue Reading
Zimbra Email Vulnerability Flaw Abuse Hackers Data Stealing Exfiltration

A Zimbra email flaw gets abused by hackers to steal corporate data

Zimbra, an email software suite, is found with a new critical flaw that threat actors can exploit to steal users’ cleartext passwords without requiring interaction with them. According to researchers, the hackers could also escalate their access to an organisation’s networks, allowing them to steal corporate information. The vulnerability is tracked as CVE-2022-27924 with a...
Continue Reading
MyEasyDocs Exposed Data India Israel Students Microsoft Azure Misconfiguration

MyEasyDocs accidentally exposed data of Indian and Israeli students

An Indian-based online documents verification platform called MyEasyDocs has exposed the data of more than 57,000 students on a Microsoft Azure server. Based on a report, a cybersecurity researcher spotted a misconfigured Microsoft Azure server that exposed the educational and personal records of hundreds and thousands of students from Israel and India. MyEasyDocs own the...
Continue Reading
BEC Cyberattacks Business Email Compromise Language Attack Vector

A surge in BEC attacks using language as a vector was detected

Analysts released an email security advisory that shows how language-based business email compromise (BEC) attacks have become a growing trend for cybercriminals. The research discovered that nearly 75% of recent campaigns use language as the primary attack transmitter that threat actors used for their campaigns. The most utilised BEC campaigns are weaponised payloads, common business...
Continue Reading
Reverse Tunnels URL Shorteners Phishing Campaigns Ngrok Argo LocalhostRun DNS

Reverse tunnels and URL shorteners leveraged for phishing campaigns

A surge of use in reverse tunnels and URL shorteners has recently been detected for wide-scale phishing campaigns, thus allowing threat actors to be stealthier in their attacks. Experts say that the recently detected malicious activity is unusual method attackers use for their phishing sites to avoid being taken down. The reverse tunnel services aid...
Continue Reading
1 2 3 20