• News
  • Security
  • Products
  • About Seqrite
Blogs on Information Technology, Network & Cybersecurity | Seqrite Blog
  • News
  • Security
  • Products
  • About Seqrite

Technical Archive

The Exploitation of Legitimate Remote Access Tools in Modern Ransomware Campaigns

The Exploitation of Legitimate Remote Access Tools in Modern Ransomware Campaigns

Estimated reading time: 7 minutes

Introduction Ransomware is one of the most disruptive cyber threats, encrypting critical organizational data and demanding ransom payments for restoration. While early campaigns relied on mass phishing or opportunistic malware distribution, modern ransomware operations have evolved into highly sophisticated,...
Read Blog
October 3, 2025

Deconstructing a Cyber Deception: An Analysis of the Clickfix HijackLoader Phishing Campaign 

Deconstructing a Cyber Deception: An Analysis of the Clickfix HijackLoader Phishing Campaign 

Estimated reading time: 6 minutes

Table of Contents  Introduction  The Evolving Threat of Attack Loaders  Objective of This Blog  Technical Methodology and Analysis  Initial Access and Social Engineering  Multi-Stage Obfuscation and De-obfuscation  Anti-Analysis Techniques  The Final Payload  Conclusion  IOCs  Quick Heal \ Seqrite Protection ...
Read Blog
September 12, 2025

Echoleak- Send a prompt , extract secret from Copilot AI!( CVE-2025-32711)

Echoleak- Send a prompt , extract secret from Copilot AI!( CVE-2025-32711)

Estimated reading time: 5 minutes

Introduction: What if your Al assistant wasn’t just helping you – but quietly helping someone else too? A recent zero-click exploit known as EchoLeak revealed how Microsoft 365 Copilot could be manipulated to exfiltrate sensitive information – without the...
Read Blog
September 12, 2025

SAP NetWeaver Metadata Uploader Vulnerability (CVE-2025-31324)

SAP NetWeaver Metadata Uploader Vulnerability (CVE-2025-31324)

Estimated reading time: 3 minutes

Executive Summary CVE-2025-31324 is a critical remote code execution (RCE) vulnerability affecting the SAP NetWeaver Development Server, one of the core components used in enterprise environments for application development and integration. The vulnerability stems from improper validation of uploaded...
Read Blog
September 10, 2025

Operation BarrelFire: NoisyBear targets entities linked to Kazakhstan’s Oil & Gas Sector.

Operation BarrelFire: NoisyBear targets entities linked to Kazakhstan’s Oil & Gas Sector.

Estimated reading time: 10 minutes

Recent Development: KMG Group of Companies Confirm Simulation, Not a Real Attack Thankfully, as KMG has publicly acknowledged, this was not an actual cyberattack but an internal simulation exercise. Contents Introduction Key Targets Industries Affected. Geographical Focus. Infection Chain....
Read Blog
September 4, 2025

Google Salesforce Breach: A Deep dive into the chain and extent of the compromise

Google Salesforce Breach: A Deep dive into the chain and extent of the compromise

Estimated reading time: 10 minutes

Executive Summary In early June 2025, Google’s corporate Salesforce instance (used to store contact data for small‑ and medium‑sized business clients) was compromised through a sophisticated vishing‑extortion campaign orchestrated by the threat‑group tracked as UNC6040 & UNC6240 (online cybercrime collective known...
Read Blog
September 2, 2025

PromptLock: The First AI-Powered Ransomware & How It Works

PromptLock: The First AI-Powered Ransomware & How It Works

Estimated reading time: 4 minutes

Introduction AI-powered malware has become quite a trend now. We have always been discussing how threat actors could perform attacks by leveraging AI models, and here we have a PoC demonstrating exactly that. Although it has not yet been...
Read Blog
August 29, 2025

Operation HanKook Phantom: North Korean APT37 targeting South Korea

Operation HanKook Phantom: North Korean APT37 targeting South Korea

Estimated reading time: 13 minutes

Table of Contents: Introduction Threat Profile Infection Chain Campaign-1 Analysis of Decoy: Technical Analysis Fingerprint of ROKRAT’s Malware Campaign-2 Analysis of Decoy Technical analysis Detailed analysis of Decoded tony31.dat Conclusion Seqrite Protections MITRE Att&ck: IoCs Introduction: Seqrite Lab has...
Read Blog
August 29, 2025

WinRAR Directory Traversal & NTFS ADS Vulnerabilities (CVE-2025-6218 & CVE-2025-8088)

WinRAR Directory Traversal & NTFS ADS Vulnerabilities (CVE-2025-6218 & CVE-2025-8088)

Estimated reading time: 4 minutes

Executive Summary Two high-severity vulnerabilities in WinRAR for Windows — CVE-2025-6218 and CVE-2025-8088 — allow attackers to write files outside the intended extraction directory. CVE-2025-6218 involves traditional path traversal, while CVE-2025-8088 extends the attack using NTFS Alternate Data Streams...
Read Blog
August 25, 2025

Unmasking the SVG Threat: How Hackers Use Vector Graphics for Phishing Attacks

Unmasking the SVG Threat: How Hackers Use Vector Graphics for Phishing Attacks

Estimated reading time: 3 minutes

Introduction In the ever-evolving cybersecurity landscape, attackers constantly seek new ways to bypass traditional defences. One of the latest and most insidious methods involves using Scalable Vector Graphics (SVG)—a file format typically associated with clean, scalable images for websites...
Read Blog
August 7, 2025
1 2 … 5 Next →
Featured Authors
  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director of Quick Heal Technologies...

    Read more..
  • Mahua Chakrabarthy
    Mahua Chakrabarthy

    A tea connoisseur who firmly believes that life is too short for dull content....

    Read more..
Topics
apt (23) BYOD (11) Cyber-attack (36) cyber-attacks (58) cyberattack (16) cyberattacks (15) Cybersecurity (332) cyber security (34) Cyber threat (33) cyber threats (49) data breach (56) data breaches (29) data loss (28) data loss prevention (33) data privacy (13) data protection (28) data security (15) DLP (49) Encryption (16) endpoint security (110) Enterprise security (18) Exploit (13) GDPR (13) malware (76) malware analysis (12) malware attack (23) malware attacks (12) MDM (27) Microsoft (15) mobile device management (11) Network security (23) Patch Management (12) phishing (29) Ransomware (69) ransomware attack (30) ransomware attacks (30) ransomware protection (14) security (11) Seqrite (37) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (16) zero trust (12)
Loading
Resources
  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies
About Us
  • About Seqrite
  • Leadership
  • Awards & Certifications
  • Newsroom
Archives
  • By Date
  • By Category
Loading

© 2025 Quick Heal Technologies Ltd. Cookie Policies Privacy Policies