Estimated reading time: 5 minutes
How To Defend Against Advanced Persistent Threats (APTs): A Comprehensive Approach In today’s time, one of the most formidable threats organizations face today is the Advanced Persistent Threat (APT). These sophisticated, targeted attacks are designed to infiltrate networks, steal...
Estimated reading time: 4 minutes
The 12 Essential Features Defining Advanced Endpoint Security Solution Endpoint security is a critical aspect of protecting an organization’s network and data from evolving threats. As the sophistication and abundance of endpoint threats continue to grow, advanced endpoint security...
Estimated reading time: 11 minutes
SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Estimated reading time: 5 minutes
The discovery of a zero-day vulnerability in MOVEit Transfer has brought attention to the potential risks of unauthorized access and the exploitation of elevated privileges within the system. MOVEit Transfer is widely recognized as a secure and popular managed...
Estimated reading time: 3 minutes
Our previous blog explored an XSS vulnerability within the Bookly plugin (WordPress Online Booking and Scheduling Plugin – Bookly). Today, we will delve into another XSS vulnerability that came to light during our research on the same plugin. Our...
Estimated reading time: 5 minutes
The pandemic has expedited digital transformation, making technology and data pivotal to most businesses. However, it has also increased cyber threats, especially for small and medium-sized enterprises (SMBs). In addition, data regulations have also become more stringent, with fines...
Estimated reading time: 3 minutes
The world of healthcare is rapidly changing. Technological advancements expose organizations to cyber risks, including ransomware, malware, breaches, viruses, and vulnerabilities. The combination of poor cybersecurity practices, digital transformation in care delivery, operational touchpoints, and sensitive data storage makes...
Estimated reading time: 4 minutes
On June 2, 2022, CVE-2022-26134 “Confluence,” a zero-day remote code execution vulnerability, was discovered in all versions of the Confluence Server and Data Center. The attack was detected to be of high severity (CVSS:9.0/10.0) according to a security advisory...
Estimated reading time: 5 minutes
On May 30, 2022, CVE-2022-30190 “FOLLINA,” a zero-day remote code execution vulnerability discovered in Microsoft Windows Support Diagnostic Tool (MSDT) with high severity (CVSS:9.3). This MSDT tool diagnoses issues with applications such as Microsoft Office documents. Initial attack vector...
Estimated reading time: < 1 minute
The recent zero-day vulnerability in Windows VBScript Engine (CVE-2018-8174), enables attackers to perform a remote code execution on targeted machines. Microsoft has released a security advisory CVE-2018-8174 on May 8, 2018, to address this issue. According to Microsoft, it impacts most of the Windows...