With more than 11,000 athletes from 206 countries participating, the world is watching the delayed Tokyo 2020 Olympic Games with great enthusiasm. But, unfortunately, while the Olympics showcases the very best in sporting talent, it also has a history of attracting cybersecurity threats from those seeking to cause politically motivated harm, make easy money, spread […]

Introduction With each passing day, the world is waking up to new global cybersecurity challenges. The latest one was unearthed this month. Move over SolarWinds, Microsoft Exchange vulnerabilities, and REvil ransomware. It is now time for Pegasus! Pegasus is spyware that aids in cyber-espionage developed by the NSO Group of Israel. Recent investigations reveal that […]

Big Ticket Data Breaches How do they go undetected for so long? Introduction July 15, 2020 – PII Data of around 270 million Wattpad (a social storytelling website) users’ was leaked by an unknown hacker. The hacker released private data in public forums. According to researchers, the breach happened in June 2020. March 30, 2021 […]

Introduction “For those on the ramparts of the world’s sole superpower, the digital winds are blowing an icy chill through the triumphant glow of the post-Cold War,” reads the tagline for the article titled, “Farewell to arms,” by journalist and writer, John Carlin. The article that delves into the potentially devastating effects of cyber-warfare became […]

Trigger Warning – Abuse, Stalking, Death She runs through an endless corridor of darkness, confused and helpless. Her heartbeat racing, her mind on overdrive. Why would he? How could he have known? How did he access her information? Her text messages, images, contact details, chats, places where she had visited, recordings of her phone calls […]

Note: This is a technical deep-dive into DearCry ransomware. If you want a preliminary analysis of the ransomware, you can find it here. The Network Intelligence team initiated a Static analysis of the ransomware sample we received. The team used a tool called PEstudio, which helps in the static analysis of executable files. Static Analysis […]

Note: We have also done a technical analysis on DearCry. Read here. It’s a warm summer morning. While sipping your morning coffee, you access the work email. But you’re unable to log in. After trying a few tricks you’ve read up in some tech blogs, you reach out to your IT team. They remote log-in […]

Multiple threat actors, including Hafnium, LuckyMouse, Calypso, Winnti, Bronze Butler, Websiic, Tonto, Mikroceen, and DLTMiner, are actively targeting four zero-day Microsoft Exchange vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065) in their targeted malware attacks and hacking campaigns. These threat actors managed to compromise nearly 30,000 Microsoft Exchange servers located within the United States. Approximately 7,000 organizations worldwide […]

Clubhouse and its exponential growth during COVID-19 Clubhouse is an invite-only audio-chat iPhone app founded by Paul Davison and Rohan Seth. It allows users to create groups for conversations, including podcasts, audio conferences, etc. Launched in April 2020, the application became popular during the COVID-19 pandemic, reaching 600,000 registered users in December 2020, which exploded […]

Brief about the vulnerability The security feature bypass vulnerability (CVE-2020-0689) allows attackers to bypass the secure boot feature and load untrusted or malicious software during the Windows boot-up process. While this vulnerability created panic among Microsoft customers, Microsoft released a security update (KB4535680) to tackle the same. But the update has caused further inconvenience to […]