• News
  • Security
  • Products
  • About Seqrite
Blogs on Information Technology, Network & Cybersecurity | Seqrite Blog
  • News
  • Security
  • Products
  • About Seqrite

Tag: apt

Masslogger Fileless Variant – Spreads via .VBE, Hides in Registry

Masslogger Fileless Variant – Spreads via .VBE, Hides in Registry

Estimated reading time: 9 minutes

During our recent investigation at Seqrite Labs, we identified a sophisticated variant of Masslogger credential stealer malware spreading through .VBE (VBScript Encoded) files. Initially, the variant appeared to be a typical script-based threat, but upon deeper analysis it turned...
Read Blog
June 18, 2025

Operation DRAGONCLONE: Chinese Telecommunication industry targeted via VELETRIX & VShell malware

Operation DRAGONCLONE: Chinese Telecommunication industry targeted via VELETRIX & VShell malware

Estimated reading time: 10 minutes

Operation DRAGONCLONE: Chinese Telecommunication industry targeted via VELETRIX & VShell malware. Contents Introduction Initial Findings Infection Chain. Technical Analysis Stage 0 – Malicious ZIP File. Stage 1 – Malicious VELETRIX implant. Stage 2 – Malicious V-Shell implant. Hunting and...
Read Blog
June 6, 2025

Advisory: Pahalgam Attack themed decoys used by APT36 to target the Indian Government

Advisory: Pahalgam Attack themed decoys used by APT36 to target the Indian Government

Estimated reading time: 6 minutes

Seqrite Labs APT team has discovered “Pahalgam Terror Attack” themed documents being used by the Pakistan-linked APT group Transparent Tribe (APT36) to target Indian Government and Defense personnel. The campaign involves both credential phishing and deployment of malicious payloads,...
Read Blog
April 30, 2025

Goodbye HTA, Hello MSI: New TTPs and Clusters of an APT driven by Multi-Platform Attacks

Goodbye HTA, Hello MSI: New TTPs and Clusters of an APT driven by Multi-Platform Attacks

Estimated reading time: 13 minutes

Seqrite Labs APT team has uncovered new tactics of Pakistan-linked SideCopy APT deployed since the last week of December 2024. The group has expanded its scope of targeting beyond Indian government, defence, maritime sectors, and university students to now...
Read Blog
April 8, 2025

Kimsuky: A Continuous Threat to South Korea with Deceptive Tactics

Kimsuky: A Continuous Threat to South Korea with Deceptive Tactics

Estimated reading time: 8 minutes

Kimsuky: A Continuous Threat to South Korea with Deceptive Tactics Contents Introduction Infection Chain Initial Findings Campaign 1 Looking into PDF document. Campaign 2 Looking into PDF document. Technical Analysis Campaign 1 & 2 Conclusion Seqrite Protection MITRE ATT&CK...
Read Blog
April 4, 2025

Operation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFs

Estimated reading time: 10 minutes

Operation HollowQuill: Malware delivered into Russian R&D Networks via Research Decoy PDFs. Contents Introduction Key Targets Industries Affected Geographical Focus Infection Chain Initial Findings Looking into the decoy-document Technical Analysis Stage 1 – Malicious RAR File Stage 2 –...
Read Blog
March 31, 2025

Unveiling Silent Lynx APT Targeting Entities Across Kyrgyzstan & Neighbouring Nations

Estimated reading time: 10 minutes

Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations Contents Key Targets Industries Affected Geographical Focus Infection Chain Initial Findings Campaign 1 Looking into the malicious email Looking into decoy document. Campaign 2 Looking into the malicious...
Read Blog
January 21, 2025

Umbrella of Pakistani Threats: Converging Tactics of Cyber-operations Targeting India

Umbrella of Pakistani Threats: Converging Tactics of Cyber-operations Targeting India

Estimated reading time: 16 minutes

An open directory hosting malware linked to Transparent Tribe (APT36) has been found by SEQRITE Labs APT team. Further analysis revealed hidden URLs on the same domain containing payloads used by its sub-division APT group SideCopy. Targeting of Indian...
Read Blog
July 25, 2024

SideCopy’s Multi-platform Onslaught: Leveraging WinRAR Zero-Day and Linux Variant of Ares RAT

SideCopy’s Multi-platform Onslaught: Leveraging WinRAR Zero-Day and Linux Variant of Ares RAT

Estimated reading time: 11 minutes

SEQRITE Labs APT-Team has discovered multiple campaigns of APT SideCopy, targeting Indian government and defense entities in the past few months. The threat group is now exploiting the recent WinRAR vulnerability CVE-2023-38831 (See our advisory for more details) to...
Read Blog
November 6, 2023

Double Action, Triple Infection, and a New RAT: SideCopy’s Persistent Targeting of Indian Defence

Double Action, Triple Infection, and a New RAT: SideCopy’s Persistent Targeting of Indian Defence

Estimated reading time: 3 minutes

Overview A new attack campaign of SideCopy APT has been discovered targeting the Indian Defence sector. The group utilizes phishing email attachments & URLs as the infection vector to download malicious archive files leading to the deployment of two...
Read Blog
June 15, 2023
1 2 3 Next →
Featured Authors
  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director of Quick Heal Technologies...

    Read more..
  • Mahua Chakrabarthy
    Mahua Chakrabarthy

    A tea connoisseur who firmly believes that life is too short for dull content....

    Read more..
Topics
apt (21) BYOD (11) Cyber-attack (36) cyber-attacks (58) cyberattack (16) cyberattacks (13) Cybersecurity (326) cyber security (34) Cyber threat (33) cyber threats (48) data breach (55) data breaches (28) data loss (28) data loss prevention (34) data privacy (13) data protection (28) data security (15) DLP (49) Encryption (16) endpoint security (108) Enterprise security (17) Exploit (14) firewall (11) GDPR (12) hackers (11) malware (76) malware attack (23) malware attacks (12) MDM (26) Microsoft (15) Network security (22) Patch Management (12) phishing (27) Ransomware (67) ransomware attack (30) ransomware attacks (30) ransomware protection (14) security (12) Seqrite (35) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (17) windows (11)
Loading
Resources
  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies
About Us
  • About Seqrite
  • Leadership
  • Awards & Certifications
  • Newsroom
Archives
  • By Date
  • By Category
Loading

© 2025 Quick Heal Technologies Ltd. Cookie Policies Privacy Policies