Shreshta Blog

We uncover badness.

Information Security

Phishing targeting Indiana Department of Workforce Development

Information Security, SDINET, Threat Intelligence / By

Security researchers at Shreshta IT, using our threat intelligence platform SDINET, have identified a phishing targeting Indiana Department of Workforce Development (DWD) automated self-service Unemployment Insurance system. About Indiana Department of Workforce Development’s (DWD) Uplink is the name of the Indiana Department of Workforce Development’s automated self-service Unemployment Insurance system. The Uplink Claimant Self-Service System enables …

Phishing targeting Indiana Department of Workforce Development Read More »

Domain shadowing attack

Attackers targeting .lk domains using domain shadowing attack

Information Security / By

Before we deep dive into how attackers target .lk domains using domain shadowing attack, first, a primer on registration of a domain name under .lk namespace. tl;dr registration of a domain name under .lk namespace is regulated The domain registration policy says the LK registry may ask for documents supporting the request for a domain …

Attackers targeting .lk domains using domain shadowing attack Read More »

Phishing targeting HDFC Bank customers

Information Security / By

Security researchers at Shreshta IT, using our threat intelligence platform SDINET, have identified a phishing website and Android app targeting HDFC Bank customers. About HDFC Bank Limited HDFC Bank Limited is an Indian banking and financial services company headquartered in Mumbai. It is India’s largest private sector bank by assets and world’s 10th largest bank …

Phishing targeting HDFC Bank customers Read More »

Phishing campaign targeting Github

DNS, Information Security, SDINET, Threat Intelligence / By

Earlier this week, on 21st September, GitHub published a blog post – Security alert: new phishing campaign targets GitHub users The gist of it was, On September 16, GitHub Security learned that threat actors were targeting GitHub users with a phishing campaign by impersonating CircleCI to harvest user credentials and two-factor codes. While GitHub itself …

Phishing campaign targeting Github Read More »

Phishing Campaign – Adidas and Nike

DNS, Information Security, Protective DNS, Threat Intelligence / By

Our threat intelligence platform – SDINET, ingests DNS data from various sources. Our security researchers have detected a phishing campaign wherein the adversaries have registered domain names impersonating brands such as Adidas and Nike. Adidas AG is a German multinational corporation, founded and headquartered in Herzogenaurach, Bavaria, that designs and manufactures shoes, clothing and accessories. …

Phishing Campaign – Adidas and Nike Read More »