Typically, when we think of getting ransomwared, in most cases, it is either an executable or an elf file, upon running it on your system, it encrypts your data and demands a ransom payment to decrypt your files. But ransomware gangs have changed their entire operating model and are literally forming syndicates and causing global disruption with advanced techniques to encrypt and are investing to get a few zero-days that aren’t disclosed to the vendor.

One such advancement from the ransomware groups that helps them in evading firewalls, Anti-Virus machines, and makes the defender’s life harder is the fileless malware…

It’s been a long time, right? Many events took place during this period, for starters, I graduated, and from then on I was a bit in a slump but learned a lot, specifically at SOC roles and Malware Analysis. Besides, learning via online resources, I realized getting my hands dirty by performing the tasks and actually learning from the mistakes whilst chasing the target. Like, how not to delete the root on your guest VM machine, the consequences of not having a backup snapshot, and having to do a tedious process from the start.

Until May, roles that I have…

What would be the biggest threat one could consider to their organization? Well, I would say it would depend on what your organization does. I suppose that if you are part of a government organization, then one should be looking out for their adversaries and their state-sponsored threats like APT’s (Advanced Persistent Threats) from China or APT’s Middle East in the case of India. Not only this one would be looking for any exploits being used in the wild, insider threats, and ransomware that is targeting your organizations. This article will be writing about how ransomware gangs have become the…

This is a continuation to the previous article ‘India and its cyberspace part 1’ -Link

In part-1 I have written about the data breaches of big tech organizations in India. In this article, I will try to cover more on scams and cybercrimes that are originating in India along with how organizations are treating their security.

It might take a book to write about cyber scams and cyber frauds in India and as much as I wish I could say there are controls to stop cybercriminals, there aren't good enough cyber frauds and crimes to stop if found it takes…

It’s been a long time that I have published any articles. During this off time, I have been following some data breaches, security incidents, and scams that originate from India. To keep readers from being bored, I have divided the article into 2 parts.

First I will be addressing data leaks and actions that are being taken from both enterprises and the government. Following are some enterprises that had their user data breached

• Bigbasket
• Mobikwik
• UpStox

From now on every week I will try to publish an article under the name ‘Sup Infosec?’ Where I will write about interesting tools, information, or crazy stories other than data breaches or some undervalued topics in security. I will try my best so that everyone could understand. In this article, the topics/stories are

1. Google releases PoC for Spectre-proof web
2. Morpheus “The impenetrable chip”

Google releases PoC for Spectre-proof web

Google’s security research team Project Zero on March 12 released PoC (Proof of Concept) for Spectre-based web exploit. A bit of back story about Spectre, it is a hardware vulnerability in CPU chips like Intel and…

For the past 6 months, it has been one hell of a ride for everyone in cybersecurity, from one of the largest supply chain attacks of SolarWinds to Microsoft Exchange server zero-day vulnerability being exploited by HAFNIUM (APT from China) and the Latest Vulnerabilities found.

I love doing threat intel and threat modeling, and the current scenario couldn't be much better for me to learn a lot of new things. So I will try my best to keep it short and minimalistic so that everyone could understand what I am saying.

Microsoft Exchange Server’s Zero-day vulnerability being exploited by Chinese APT HAFNIUM

On March 2nd Microsoft’s Threat Intelligence Center (MTIC) along…

This article would be my take on how even the strongest or “Highly secured” orgs have their insecure x-factor in their security architecture and what it would be. I am writing this article because in the present cyberspace no one is safe even the security vendors like FireEye and recently Qualys pwned by state-sponsored threat actors.

Note: At some point, this would feel like a rant as but please do judge me, but please correct me as I am still considered new to the cybersecurity domain.

So let us start with the infamous hack of SolarWinds disclosed by FireEye and…