HOME space ABOUTCERTIn space KNOWLEDGEBASE space TRAINING space ADVISORIES space VULNOTES space space Facebook space Twitter space Koo space pixs
WLine
DigitalIndia
WLine
csk
WLine
Full Member FIRST
Line
Operational Member TFCSIRT
Line
Accredited Member APCERT
Line
Global Research Partner APWG
Line
Associate Partner Charter
Line
 Directions by CERT-In under  Section 70B, Information  Technology Act 2000
WLine
 Guidelines on Information  Security Practices for  Government Entities
About CERT-in
Line
point point Client's /Citizen's Charter
Line
point point Roles & Functions
Line
point point Advisory Committee
Line
point point Act/Rules/Regulations
Line
point point Internal Complaint Committee         (ICC) 
Line
point point RFC2350 
line
point point Press  
Line
point point Tender 
Line
Line
point Subscribe Mailing List
Line
point Contact Us
Line
Reporting
point
Incident Reporting
Line
Vulnerability Reporting
Line
Feedback
Line
KnowledgeBase
Line
Point Guidelines
Line
Point Presentations
Line
Point White Papers 
Line
Line
point Point Annual Report 
Line
Line
Line
line
Line
Advisories
Line
VulnerabilityNotes
Line
RelatedLinks
Line
point Point World CERTs
Line
point Antivirus Resources
line
FAQ
line
line
line
line
Line
Line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
line
spacer
Home - Current Activities
point

CURRENT ACTIVITIES

Threat Actors exploiting Privilege Escalation Vulnerability in Microsoft Exchange Server
(February 22, 2024)
It has been reported that the threat actors are exploiting Privilege Escalation Vulnerability in Microsoft Exchange Server.
[More >>]
Guidelines for Secure Application Design, Development, Implementation & Operations
(September 25, 2023)
One of the key reason for vulnerabilities in the applications are lack of secure design, development, implementation, and operations. Relying solely on post-development audits for security is inadequate......
[More >>]
API Security: Threats, Best Practices, Challenges, and Way forward using AI
(August 14, 2023)
An Application Programming Interface (API) is a data connection allowing data to be shared with other applications. They can be viewed as digital middlemen between organisations / enterprises and platforms that need to access data for driving innovation, increasing reach, discover new business models, increase partner network, etc.
[More >>]
Mallox Ransomware Targeting Unsecured MS SQL Servers
(July 25, 2023)
It has been observed that Mallox Ransomware is currently targeting unsecured Microsoft SQL Servers, using them as entry points into victims ICT infrastructures to distribute the ransomware.It has also been observed that the threat actor group has used brute force techniques on publicly exposed MS SQL instances to gain initial access to the victims network infrastructure.
[More >>]
INDIA RANSOMWARE REPORT- 2022 by CERT-In
(April 13, 2023)
This report covers the ransomware latest tactics and techniques along with trends observed in the year-2022, specific to Indian cyber space.
[More >>]
Exchange server 2013 End of Support
(February 22, 2023)
Microsoft Exchange Server 2013 will enter its End of Life on Tuesday, April 11, 2023 which means that Microsoft will no longer be offering technical support and updates of security fixes for the old Exchange Server.
[More >>]
Threat actors exploiting authentication bypass vulnerability in Fortinet Products
(December 05, 2022)
It is reported that threat actors are actively exploiting an authentication bypass vulnerability in Fortinet Products. The vulnerability allows the attacker to gain access to administrative interface and perform actions via a specially crafted request.
[More >>]
Threat Actors exploiting RCE vulnerability in Oracle Fusion Middle Ware
(December 01, 2022)
It has been reported that the threat actors are exploiting remote code execution vulnerability in Oracle Fusion Middle Ware.
[More >>]
Threat actors exploiting discontinued Boa web servers to target IoT devices
(November 25, 2022)
It has been reported that implementations of "Boa web server" by different vendors across a variety of IoT devices and popular software development kits (SDKs) can pose a supply chain risk that may affect large number of organizations and devices.
[More >>]
Threat Actors are Actively Exploiting Cisco AnyConnect VPN Vulnerabilities
(October 28, 2022)
It is reported that vulnerabilities in Cisco AnyConnect Secure Mobility Client for Windows are being exploited in the wild by threat actors. These vulnerabilities allow the attacker to execute arbitrary code or copy files to system directories on the targeted Windows devices with system privileges.
[More >>]
Malicious Festival-themed campaign targeting Indian customers
(October 18, 2022)
It has been reported that Adwares are targeting prominent brands and tricking its customers in fraudulent phishing/fraudulent scams.
[More >>]
Redis Services Exposing Databases
(October 13, 2022)
It has been reported that threat actors are targeting unauthenticated Redis servers exposed on the internet in an attempt to install a cryptocurrency miner to conduct malicious attacks. Redis (Remote Dictionary Server) is a BSD license-based open-source project that queries data with Key through a Key-Value Store database.
[More >>]
New "Maggie" Backdoor Targeting Microsoft SQL Servers
(October 07, 2022) (Updated : October 12, 2022)
A novel backdoor variant "Maggie" is reported to be targeting Microsoft SQL servers. The fully functional backdoor disguises as an Extended Stored Procedure DLL, a type of extension used by Microsoft SQL servers.
[More >>]
SOVA Android Trojan targeting Indian banking users
(September 10, 2022)
It has been reported to CERT-In that Indian banking customers are being targeted by a new type of mobile banking malware campaign using SOVA Android Trojan.The first version of this malware appeared for sale in underground markets in September 2021 with the ability to harvest usernames and passwords via keylogging, stealing cookies and adding false overlays to a range of apps.SOVA was earlier focusing on countries like the USA, Russia and Spain, but in July 2022 it added several other countries, including India, to its list of targets. The latest version of this malware hides itself within fake Android applications that show up with the logo of a few famous legitimate apps like Chrome, Amazon, NFT platform to deceive users into installing them. This malware captures the credentials when users log into their net banking apps and access bank accounts. The new version of SOVA seems to be targeting more than 200 mobile applications, including banking apps and crypto exchanges/wallets.
[More >>]
Threat Actors exploiting Zimbra Collaboration Suite Vulnerability
(August 18, 2022)
It is reported that threat actors are actively exploiting an authentication bypass Remote Code Execution vulnerability in Zimbra Collaboration Suite. The vulnerability allows the attacker to gain access to the target network to conduct further attacks.
[More >>]
Previous   |  Next >>
point
Indian Computer Emergency Response Team - CERT-In, Ministry of Electronics and Information Technology, Government of India.
Website Policies |  Terms of Use |  Help Last Updated On July 20, 2024