Estimated reading time: 4 minutes Introduction:  Originating in March 2023, Abyss Locker, a recently established ransomware operation, has swiftly targeted companies, transforming into a significant threat across various sectors, such as industrial control systems (ICS), enterprises, and public-sector organizations. It poses a significant threat to both Windows and Linux systems.  This escalation is tied to introducing a bespoke Linux encryptor, meticulously crafted to infiltrate VMware’s ESXi virtualized environments. This strategic move expands Abyss Locker’s reach and amplifies it ..read more

Estimated reading time: 4 minutes Recently, we came across a new banking trojan called Coyote, which utilizes a tool/library called Squirrel Installer, developed to install and manage updates of windows applications. The malware looks more evolved than our normal banking trojans and can potentially be at a higher threat level in the coming days.  Some Background:  This newly found trojan targets different Brazilian Banking Institutions and points out the market it focuses on. The interesting thing is the involvement of Squirrel Installer. In the initial stage, it disguises itself as ..read more

Estimated reading time: 3 minutes On Friday, March 29, developer Andres Freund detected unusual behavior in his Debian sid environment. In response, he contacted an open-source security mailing list to report his discovery of an upstream backdoor in the commonly used command-line tool XZ Utils (liblzma). The backdoor was surreptitiously added by a long-time open-source contributor, affecting XZ Utils versions 5.6.0 and 5.6.1, and assigned the CVE-2024-3094 identifier. What is CVE-2024-3094 The XZ library, also known as liblzma, is a widely used open-source data compression library, providing h ..read more

Estimated reading time: 3 minutes ‍In today’s interconnected world, the manufacturing industry is increasingly vulnerable to cyber-attacks. Recent incidents, such as the cyber attack on Suzuki motorcycles and the impact on billion-dollar companies like NVIDIA and Colonial Pipeline, highlight the devastating consequences of these attacks. Manufacturers must understand the complexities of managing cybersecurity in manufacturing and strengthen their defenses against cyber threats. The Rising Threat Landscape in the Manufacturing Industry Cyber attacks in the manufacturing industry are on the rise ..read more

Estimated reading time: 3 minutes A study by the Ponemon Institute reveals that 68% of organizations have experienced one or more endpoint attacks that successfully compromised data and their IT infrastructure. In this data-centric world, protecting sensitive data has become a top priority for organizations of all sizes. With the rise of remote work and the increasing use of personal devices, the need for endpoint data loss prevention has become more critical than ever before. What is Endpoint Data Loss Prevention? Endpoint Data Loss Prevention (DLP) is a comprehensive security measure designe ..read more

Estimated reading time: 4 minutes In today’s interconnected digital world, traditional security models that rely on a secure network perimeter are no longer sufficient to protect against sophisticated cyber threats. That’s where zero trust security comes into play. Zero trust is a security strategy that challenges the assumption that everything inside a network can be trusted by default. Instead, it operates on the principle of least-privileged access and requires verification and continuous reassessment of every entity, including users, applications, services, and devices. What is Zero Trust ..read more

Estimated reading time: 3 minutes ‍The first India Cyber Threat Report 2023 revealed the automotive supply chain as the most cyberattacked sector. Over the past three to four years, the global adoption of Industry 4.0 has marked a transformative trend, witnessing extensive digitalization integration across industries. The industry, once considered relatively secure, now faces escalating cyber threats. In 2023, a notable surge in cyber-attacks targeted the automotive sector, marking a shift from its earlier perceived safety. Supply chains within the automotive industry experienced the highest n ..read more

Estimated reading time: 2 minutes The year 2023 was eventful, witnessing a myriad of advanced threats targeting prominent economies, including India. Many still remember the fake IRCTC app that stole sensitive user information or the infamous loan apps that devastated many innocent lives. Malware like Expiro and state-sponsored Hacktivist groups were in full swing, creating havoc in the private and public sectors. As we progress through the current year, the trend persists, urging businesses and individuals to grasp the dynamics of the country’s cyber threat environment and brace themselves fo ..read more

Estimated reading time: 3 minutes India’s swift enactment of the Digital Personal Data Protection (DPDP) Act has triggered considerable apprehension among businesses, mainly due to the impending deadline for compliance. Several myths regarding the Act have further intensified the confusion. To educate the business community on various nitty-gritty of the Act, SEQRITE and ET CISO recently organized a webinar, “Navigating the Digital Personal Data Protection Act – Opportunities, Challenges, and Solutions,” where SEQRITE’s Senior Director – Product Management, Mr. Vinaya Sathyanarayana shared his ..read more

Estimated reading time: 4 minutesWhat is XDR? Let us understand what is XDR, also called as Extended Detection and Response.  XDR is a cybersecurity solution that goes beyond traditional security measures by unifying threat data from various sources within an organization’s IT ecosystem. XDR provides enhanced visibility and context into advanced threats by collecting and correlating data from email, endpoints, servers, cloud workloads, and networks. This comprehensive approach allows security teams to analyse, prioritize, hunt, and remediate threats more effectively, reducing the severity ..read more