Blogs and Articles

Phishing scams and fake job offers have risen with the growth of remote work and economic uncertainty. Cybercriminals use deceptive emails and social engineering to target job seekers. This blog highlights the methods, impacts, and the urgent need for strong cybersecurity measures to combat these threats.

The article "Cyber Shadows Over Ukraine" highlights the increased cyber threats Ukraine faces around its Independence Day, particularly from groups like NoName and the Russian Cyber Army. These attacks, primarily targeting government and critical infrastructure, underscore the need for Ukraine to bolster its cybersecurity defenses to ensure the safety and resilience of its national systems during this vulnerable period

The report "Cybersecurity in Focus: Recent Threats Targeting Singapore Amid National Day Celebrations" highlights the escalating cyber threats faced by Singapore in recent months. These include a surge in ransomware attacks impacting over 30 victims across 15 industry sectors, with notable breaches involving Singapore's Ministry of Finance and Moneylenders Credit Bureau. Hacktivist groups have also intensified their activities, leading to significant data breaches, including the sale of personal data of Singaporean citizens on underground forums. The report emphasizes the urgent need for enhanced cybersecurity measures to protect sensitive information and mitigate the growing risks.

CloudSEK's threat research team has uncovered a ransomware attack disrupting India's banking system, targeting banks and payment providers. Initiated through a misconfigured Jenkins server at Brontoo Technology Solutions, the attack is linked to the RansomEXX group.

This blog details how CVE-2024-23897, a Local File Inclusion (LFI) vulnerability in Jenkins, was exploited to breach Github repositories. Attackers accessed sensitive files, decrypted credentials, and used them to infiltrate private repositories. The article underscores the need for timely patching, strong authentication, and regular security audits to mitigate such threats.

An in-depth analysis of the BORN Group supply chain breach, where IntelBroker exploited a Jenkins vulnerability to exfiltrate sensitive data, impacting multiple global clients

In Indonesia, scammers are using Telegram bots to impersonate digital wallet brands, promoting fake referral reward schemes. These scams deceive users into sharing their account details, leading to significant financial losses. Discover the full details and protective measures in CloudSEK's comprehensive blog report.

WazirX, a leading Indian cryptocurrency exchange, faced a major security breach on July 18, 2024 resulting in significant financial losses of over $200 Million. Dive into our detailed analysis to uncover how the attack unfolded, potential culprits, and the broader implications for WazirX users.

This advisory highlights recent attacks on Indian banks, focusing on two primary attack vectors: geopolitical tensions and credential stealers/social media account takeovers.