Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has uncovered a phishing campaign targeting various Indian government personnel since October 2023. We have also identified targeting of both government and private entities in the defence sector over December. New Rust-based payloads and encrypted PowerShell commands have been utilized...
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Estimated reading time: 3 minutes
In a monumental leap for India’s space exploration journey, the Indian Space Research Organisation (ISRO) has captured the world’s attention with its successful Chandrayaan 3 moon landing. The culmination of meticulous planning, dedication, and scientific prowess, this achievement marks...
Estimated reading time: 3 minutes
Overview A new attack campaign of SideCopy APT has been discovered targeting the Indian Defence sector. The group utilizes phishing email attachments & URLs as the infection vector to download malicious archive files leading to the deployment of two...
Estimated reading time: 2 minutes
Overview APT Transparent Tribe (APT36) is luring the Indian Army into opening the malicious file themed ‘Revision of Officers posting policy.’ Quick Heal’s APT Team has been constantly tracking this persistent threat group and has encountered a new attack...
Estimated reading time: 5 minutes
Threat actors use multiple methods to distribute malware to infect specific targets. Even though various phishing methods are actively used and evolving, an alternative approach to increase their success rate is to call the target corporate companies. Techniques like...
Estimated reading time: 2 minutes
On 19th November at 8:17 am, we became aware of a false positive detection on excel files and the same getting quarantined on some customer devices. We sincerely regret the inconvenience caused. We immediately took necessary actions investigating the matter,...
Estimated reading time: 5 minutes
On May 30, 2022, CVE-2022-30190 “FOLLINA,” a zero-day remote code execution vulnerability discovered in Microsoft Windows Support Diagnostic Tool (MSDT) with high severity (CVSS:9.3). This MSDT tool diagnoses issues with applications such as Microsoft Office documents. Initial attack vector...
Estimated reading time: 2 minutes
A Zero-day Remote Code Execution Vulnerability with high severity has been identified as CVE-2022-30190 “FOLLINA” in Microsoft Windows Support Diagnostic Tool (MSDT). MSDT is a tool present on Windows version 7 and above and is used for the diagnosis...
Estimated reading time: 4 minutes
The Internet, as we all know it, is approaching a crossroads. The issues it’s currently facing are associated with the centralized model of computing (top-down, data-driven, and not necessarily human-centric), during which a finite number of private entities control...