Category: Threat Intelligence

  • Domain shadowing

    Domain shadowing

    Domain shadowing is a technique listed by MITRE ATT&CK as T1584.001 sub-technique of T1584 This technique is not to be confused with subdomain hijacking What is a domain shadowing attack? Threat actors gain control of the DNS control panel of legitimate domain names by brute force and stealthily insert subdomains pointing to the attackers’ network…

  • Web shell – A primer

    Web shell – A primer

    What is a web shell? A web shell is a malicious script written using commonly used web application languages such as PHP, JSP, or ASP. They provide an attacker with a easy way to attack a compromised web server via web-based vulnerabilities, and once installed on a web server’s operating system, the web shell’s facilitate…

  • DNS KeyTrap vulnerability

    DNS KeyTrap vulnerability

    DNS KeyTrap vulnerability is a critical flaw in the design of DNSSEC (DNS Security Extensions). A single DNS packet can exhaust the CPU, causing a Denial of Service in a DNSSEC validating recursive resolver. Security researchers at the German National Research Center for Applied Cybersecurity ATHENE uncovered the critical flaw, which has been assigned and listed as CVE-2023-50387 and CVE-2023-50868…

  • ATO Scam

    ATO Scam

    Executive Summary Shreshta Threat Intelligence has uncovered a ATO Scam targeting Australian Taxation Office users.  Tax return scams involving myGov are on the rise and these deceptive sites, pretending to be a legitimate ATO website, seek to extract the users login credentials. We urge Australian citizens to be on guard against such phishing websites impersonating…

  • Scams luring faster Ola electric scooter delivery date on the rise

    Scams luring faster Ola electric scooter delivery date on the rise

    Shreshta Threat Intelligence has uncovered scams luring faster Ola electric scooter delivery date. The threat actors are launching phishing campaigns impersonating OLA , deceiving consumers into purchasing Ola electric scooters by promising a faster delivery date. Executive Summary As per our analysis, we conclude with high confidence that the attackers are launching phishing websites impersonating…