AirAsia targeted by Daixin ransomware group losses valuable customer data

AirAsia targeted by Daixin ransomware group losses valuable customer data

AirAsia targeted by Daixin ransomware group losses valuable customer data Air Asia was recently attacked by a ransomware group on November 11 and 12. Daixin team has taken the responsibility of the attack and reportedly five million customer records have been exposed. The attack came to limelight when a security researcher, Soufiane Tahiri shared the […]

Log4shell vulnerability exploited by Iranian hacker to breach US federal agency

Log4shell vulnerability exploited by Iranian hacker to breach US federal agency

Log4shell vulnerability exploited by Iranian hacker to breach US federal agency Iranian hackers have been held accountable for compromising U.S federal agency. As per reports, the hackers took advantage of the Log4shell vulnerability which the US agency had failed to patch. This vulnerability was initially reported on 9th December 2021 now almost a year back […]

Whoosh confirms data breach of 7.2 million customers

Whoosh confirms data breach of 7.2 million customers

Whoosh confirms data breach of 7.2 million customers Whoosh, a scooter rental company has confirmed a data breach of approx. 7.2 million customers when the hacker group started selling the data on various forums. Earlier, the Russian media had released the company’s statement wherein Whoosh had confirmed the cyber-attack however it had also stated that […]

Malicious SEO campaign breached approx 17000 WordPress sites

Malicious SEO campaign breached approx 17000 WordPress sites

Malicious SEO campaign breached approx 17000 WordPress sites Researchers recently discovered malware in the WordPress platform that can redirect visitors to bogus Q&A websites. This type of malware is often used by spammers/adversaries to spam for pharmaceuticals, article writing websites,  technology, etc. In this case, attackers have targeted spamming for fake Q&A websites. Because it […]

Strelastealer malware targeting Outlook and Thunderbird users

Strelastealer malware targeting Outlook and Thunderbird users

Strelastealer malware targeting Outlook and Thunderbird users Strelastealer malware is an information stealing malware which is actively targeting Outlook and Thunderbird users. This information stealing malware was initially discovered by analysts at DCSO CyTec in November and is targeting Spanish users. It specifically steals email account credentials from Outlook and Thunderbird unlike other info stealing […]

Secrets of building strong SOC team: Challenges and Solutions

Secrets of building strong SOC team: Challenges and Solutions

Secrets of building strong SOC team: Challenges and Solutions The SOC team, sometimes also called Blue-team is the first line of defense and is responsible for protecting organizations against cyberattacks. Being part of the SOC team, it is individual’s responsibility to effectively manage security incidents such as Investigating Potential Incidents, Prioritizing Detected Incidents, Responding to […]

70K$ awarded to researcher for reporting Google Pixel vulnerability

70K$ awarded to researcher for reporting Google Pixel vulnerability

70K$ awarded to researcher for reporting Google Pixel vulnerability A researcher recently discovered a vulnerability existing in all google pixel phones. This vulnerability gave the ability to unlock any locked pixel device. Reportedly, the security researcher of this vulnerability was paid 70K$ for identifying and reporting this vulnerability. This issue was pre-existing in all the […]

Tata Power breached data put on sale by Hive Ransomware group

Tata Power breached data put on sale by Hive Ransomware group

Tata Power breached data put on sale by Hive Ransomware group Tata Power is once again making headlines as it bagged a 150 MW solar project in Maharashtra. While this news is a relief for the organization that was under a cyber-attack a few days back. However, as per sources, the hacker group has released […]

Microsoft released patches for critical vulnerabilities on Patch Tuesday

Microsoft released patches for critical vulnerabilities on Patch Tuesday

Microsoft released patches for critical vulnerabilities on Patch Tuesday Microsoft released the monthly report of security updates on patch Tuesday and highlighted 68 vulnerabilities which include patches for six exploited zero days. 11 of these 68 vulnerabilities have been categorized as critical considering the risk and exploit availabilities. These vulnerabilities include RCE (Remote Code Execution), […]

Deloitte India fired an employee running hacking operations globally

Deloitte India fired an employee running hacking operations globally

Deloitte India fired an employee running hacking operations globally Aditya Jain, an employee of Deloitte has been accused of running a global hacking group “WhiteInt”. This hacking group was exposed in an undercover operation that was led by “The Sunday Times” and the Bureau of Investigative Journalism. The hacker group was running its operations from […]