Author: Souma Sadhu

HomeArchives

Analysis Report on Infamous Chisel Malware

In the present-day conflict, cyberwarfare has become a force to reckon with. It is much more in evidence in the Russian-Ukraine war, where cybersecurity agencies of five countries have found a new malware called the Infamous Chisel. The new mobile...

Continue Reading  

Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 Across Nations

A number of cybersecurity and other agencies have identified indicators of compromise at an Aeronautical Sector organization in January 2023. These organisations include the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Cyber National Mission Force....

Continue Reading  

Donor Information from Multiple Charities Leaked onto the Dark Web

Cybercriminals are on the prowl. In April 2023, they hacked Pareto Phone, a Brisbane-based telemarketing company that contacts potential donors for charities. This hacking led to information about thousands of potential donors being leaked onto the dark web and affecting...

Continue Reading  

Top Vulnerabilities Exploited By Cybercriminals

The year 2022 saw cybercriminals targeting unpatched, internet-facing systems and older software vulnerabilities. The criminals seem to have exploited the publicly available Proof of Concept (PoC) code. The success of such actors appears to be more in exploiting known vulnerabilities...

Continue Reading  

More Than $557 Million Claimed By Fraudsters—ATO Reveals

The month of July is taxation time for Australians as they log into their myGov account to file tax returns. The expectations of millions of Australians about their myGov account are that it will safeguard their information. But alas! The...

Continue Reading  

Ivanti EPMM Vulnerabilities Exploited By Threat Actors

It has been reported that Ivanti EPMM vulnerabilities such as CVE-2023-35078 and CVE-2023-356081 are exploited by threat actors to gain access to sensitive personal and business information. In fact, Advanced persistent threat actors exploited such vulnerabilities from April 2023 through...

Continue Reading  

How Can Businesses Prevent Web Application Access Control Abuse

Beware! Developers, designers, vendors, and end-user organisations using web applications. This is because web applications have been found to have vulnerabilities called IDOR, or Insecure Direct Object Reference. These are access control vulnerabilities that enable malicious actors to do a...

Continue Reading  

Medibank Faces $250 Million as Penalty for Data Breach

Medibank’s travails after being hit by cybercriminals do not seem to be ending. APRA, The Australian Prudential Regulation Authority, has asked the insurer to hold another $250 million in capital as security. This is a punishment meted out to Medibank...

Continue Reading  

Most Dangerous Software Vulnerabilities – 2023 CWE

The spectre of cybercrime is spreading fast and has engulfed scores of businesses across industries and geography. The statistics are worrisome. In 2023 alone, about 33 billion accounts are expected to be breached. It means 97 cybercrime victims per hour...

Continue Reading  

Shareholder Class Action Suit on Medibank After Cyberattack

The Australian health insurance giant Medibank is in trouble again. It is caught up in a class action suit filed by Phi Finney McDonald, a law firm. This comes on the heels of a $250 million fine imposed by the...

Continue Reading