Estimated reading time: 6 minutes
Homoglyph Attacks: How Lookalike Characters Are Exploited for Cyber Deception Table of Contents: Introduction What is a Homoglyph Attack? Practical Homoglyph Confusable Practical Homoglyph Confusable Table Why Homoglyph Attacks Are Effective Common Homoglyph Use Cases and Attack Vectors Real-World...
Estimated reading time: 8 minutes
Weaponizing Legitimate Low-Level Tools: How Ransomware Evades Antivirus Protections Table of Contents Introduction The “Dual-Use Dilemma”: Why Attackers Prefer Legitimate Tools Why Antivirus Neutralization Matters Historical Evolution of Antivirus Neutralization The Ransomware Kill Chain Stages of Abusing Legitimate Low-Level...
Estimated reading time: 10 minutes
Operation GhostMail: Russian APT exploits Zimbra Webmail to Target Ukraine State Agency Contents Introduction Target Phishing Email Infection Analysis Stage-1: JavaScript Loader Stage-2: Browser Stealer Infrastructure and Attribution CVE Assessment Conclusion Seqrite Coverage IOCs MITRE ATT&CK Introduction Seqrite Labs...Estimated reading time: 10 minutes
Contents Introduction Key Targets Industries Affected Geographical focus Infection Chain. Initial Findings Looking into the decoy-document Technical Analysis Stage 1 – Malicious ISO File Stage 2 – Malicious LNK File Stage 3 – Final Payload: FALSECUB Infrastructure & Attribution...
Estimated reading time: 9 minutes
Introduction Over the past few months, tax-themed phishing and malware campaigns have surged, particularly during and after the Income Tax Return (ITR) filing season. With ongoing public discussions around refund timelines, these scams appear more credible, giving attackers the...
Estimated reading time: 10 minutes
Table of Contents Introduction Key Targets. Industries Affected. Geographical Focus. Infection Chain. Initial Findings Looking into the decoy-document Technical Analysis Stage 1 – Malicious LNK Script Stage 2 – Pseudo-Polyglot Trick: All in One. Stage 3 – Final Payload:...
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has uncovered a phishing campaign targeting various Indian government personnel since October 2023. We have also identified targeting of both government and private entities in the defence sector over December. New Rust-based payloads and encrypted PowerShell commands have been utilized...
Estimated reading time: 2 minutes
Welcome to our Cybersecurity News Rundown for the month of October 2017. Here, we will be sharing latest and trending news on events and technological updates from the world of cybersecurity that happened over the past month. Make sure...