Vivek Halappanavar, Author at DNS Security & Threat Intelligence Blog | Shreshta

Zerodha users targeted with a pig-butchering scam

Vivek Halappanavar and Swapneel Patnekar — Wed, 11 Sep 2024 08:04:56 +0000

Threat researchers at Shreshta have uncovered a pig-butchering scam targeting Zerodha users. The phishing websites are impersonating Zerodha, a reputed stockbroking and financial services company, duping investors into investing in fake crypto and investment schemes. What is a pig-butchering scam? A pig butchering scam, a.k.a. “Sha Zhu Pan” or Shazhupan, (Chinese: 杀猪盘), translated as Killing […]

The post Zerodha users targeted with a pig-butchering scam appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Community Services

Vivek Halappanavar — Tue, 06 Aug 2024 09:30:00 +0000

This page lists the community services we offer, including our CheckOpenResolver, ShadowFinder, Newly registered domain name feeds and Whois API etc Checkopenresolver This service allows Internet users to verify if their router, firewall, or CPE (Customer Premises Equipment) device functions as an open resolver. An open resolver can be exploited in DNS amplification attacks, posing […]

The post Community Services appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

APAC DNS Forum

Vivek Halappanavar — Sat, 03 Aug 2024 07:25:01 +0000

Our CEO Swapneel Patnekar recently delivered a presentation titled “Who is living off your domain name?” at the ICANN APAC DNS Forum 2024. About APAC DNS Forum The Asia Pacific Domain Name System Forum is a meaningful platform for the regional DNS community to network, exchange ideas, and explore collaboration opportunities in relation to the […]

The post APAC DNS Forum appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

DNS-OARC DNS Community Day

Vivek Halappanavar — Tue, 12 Mar 2024 15:35:22 +0000

The DNS-OARC folks organized a DNS Community Day at the APRICOT 2024/APNIC 57 conference on 26th February 2024. About DNS-OARC The DNS Operations, Analysis, and Research Center (DNS-OARC) brings together key operators, implementors, and researchers on a trusted platform so they can coordinate responses to attacks and other concerns, share information and learn together. The […]

The post DNS-OARC DNS Community Day appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Web shell – A primer

Vivek Halappanavar, Swapneel Patnekar and Pranay Patil — Thu, 22 Feb 2024 06:51:44 +0000

What is a web shell? A web shell is a malicious script written using commonly used web application languages such as PHP, JSP, or ASP. They provide an attacker with a easy way to attack a compromised web server via web-based vulnerabilities, and once installed on a web server’s operating system, the web shell’s facilitate […]

The post Web shell – A primer appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

ATO Scam

Vivek Halappanavar — Wed, 14 Feb 2024 08:34:45 +0000

Executive Summary Shreshta Threat Intelligence has uncovered a ATO Scam targeting Australian Taxation Office users. Tax return scams involving myGov are on the rise and these deceptive sites, pretending to be a legitimate ATO website, seek to extract the users login credentials. We urge Australian citizens to be on guard against such phishing websites impersonating […]

The post ATO Scam appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Scams luring faster Ola electric scooter delivery date on the rise

Vivek Halappanavar — Fri, 09 Feb 2024 10:06:32 +0000

Shreshta Threat Intelligence has uncovered scams luring faster Ola electric scooter delivery date. The threat actors are launching phishing campaigns impersonating OLA , deceiving consumers into purchasing Ola electric scooters by promising a faster delivery date. Executive Summary As per our analysis, we conclude with high confidence that the attackers are launching phishing websites impersonating […]

The post Scams luring faster Ola electric scooter delivery date on the rise appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Phishing targeting Commonwealth Bank customers

Vivek Halappanavar — Mon, 23 Jan 2023 15:58:19 +0000

Security researchers at Shreshta IT, using our threat intelligence platform SDINET, have identified a phishing website targeting customers of the Commonwealth Bank of Australia. About Commonwealth Bank The Commonwealth Bank of Australia (CBA), or CommBank, is an Australian multinational bank with businesses across New Zealand, Asia, the United States, and the United Kingdom. It provides a […]

The post Phishing targeting Commonwealth Bank customers appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Phishing targeting Indiana Department of Workforce Development

Vivek Halappanavar — Sat, 21 Jan 2023 06:24:23 +0000

Threat researchers at Shreshta, have identified a phishing campaign targeting Indiana Department of Workforce Development (DWD) automated self-service Unemployment Insurance system. About Indiana Department of Workforce Development’s (DWD) Uplink is the name of the Indiana Department of Workforce Development’s automated self-service Unemployment Insurance system. The Uplink Claimant Self-Service System enables users to receive improved customer service […]

The post Phishing targeting Indiana Department of Workforce Development appeared first on DNS Security & Threat Intelligence Blog | Shreshta.