Blogs | CRAC

Nov 174 min read

Content Security Policy (CSP) Bypass

What is Content Security Policy (CSP) Content Security Policy (CSP) is a browser security standard developed by the W3C to help web...

25 views0 comments

Secure usage of parental control applications

CRAC Learning

Mar 182 min read

Secure usage of parental control applications

Popular parental control apps for Android, iOS could be exploited risking user data and safety. Parental apps are by nature intrusive to...

53 views0 comments

Remcos Everywhere: Decoding the Stealthy Cyber Threat

CRAC Learning

Mar 132 min read

Remcos Everywhere: Decoding the Stealthy Cyber Threat

In the ever-evolving landscape of cybersecurity threats, a new player has emerged: Remcos. This previously undocumented malware has been...

23 views0 comments

MINIBUS Intruders: UNC1549’s Cyber Espionage in the Middle East

Kritika Gaur

Mar 72 min read

MINIBUS Intruders: UNC1549’s Cyber Espionage in the Middle East

A group of hackers, known as UNC1549, has been busy targeting aerospace, aviation, and defense industries in the Middle East. Their focus...

25 views0 comments

Digital Spies and Sneaky Invitations: Unmasking the SPIKEDWINE Backdoor

CRAC Learning

Mar 62 min read

Digital Spies and Sneaky Invitations: Unmasking the SPIKEDWINE Backdoor

A previously unknown threat actor (we’ll call them SPIKEDWINE) has been targeting European officials who are connected to Indian...

15 views0 comments

SSH-Snake: Fresh Self-Adapting Worm Poses Network Risks

CRAC Learning

Mar 12 min read

SSH-Snake: Fresh Self-Adapting Worm Poses Network Risks

The Sysdig Threat Research Team (TRT) has uncovered the malicious utilization of a newly developed network mapping tool named SSH-Snake,...

3 views0 comments

Scientists Recreate Fingerprints from Touchscreen Swiping Sound

Kritika Gaur

Feb 261 min read

Scientists Recreate Fingerprints from Touchscreen Swiping Sound

Researchers have devised a method called PrintListener to recreate fingerprints solely from the sound they produce while swiping a...

11 views0 comments

Auto-Execution in MoqHao Android Malware

Kritika Gaur

Feb 232 min read

Auto-Execution in MoqHao Android Malware

Overview A new variant of Android malware known as MoqHao has been identified by threat hunters. Unlike typical MoqHao variants that...

27 views0 comments

RustDoor: macOS Backdoor Lures Cryptocurrency Firms with Fake Jobs

CRAC Learning

Feb 192 min read

RustDoor: macOS Backdoor Lures Cryptocurrency Firms with Fake Jobs

Previously in our blog, we talked about how Visual Studio fake updates distributed to spread RustDoor malware. Many Cryptocurrency...

10 views0 comments

Malicious 'SNS Sender' Script Abuses AWS for Bulk Smishing Attacks

Kritika Gaur

Feb 192 min read

Malicious 'SNS Sender' Script Abuses AWS for Bulk Smishing Attacks

Overview SentinelLabs has identified SNS Sender, a malicious Python script that uses AWS Simple Notification Service (SNS) to send bulk...

16 views0 comments

Visual Studio fake updates distributed to spread RustDoor malware

CRAC Learning

Feb 141 min read

Visual Studio fake updates distributed to spread RustDoor malware

Overview RustDoor is a new malware strain targeting macOS users by masquerading as a legitimate update for Visual Studio (VS). VS is a...

12 views0 comments

Okta Breach Paves the Way: Nation-State Actor Targets Cloudflare Systems

CRAC Learning

Feb 91 min read

Okta Breach Paves the Way: Nation-State Actor Targets Cloudflare Systems

Cloudflare disclosed a nation-state actor's attempted hack on its self-hosted Atlassian server in November 2023. The attack, utilizing...

18 views0 comments

AnyDesk Breach Detected! Secure Your Account Now!

Kritika Gaur

Feb 61 min read

AnyDesk Breach Detected! Secure Your Account Now!

AnyDesk, a remote desktop software provider, revealed a cyber attack that compromised its production systems. The German company,...

25 views0 comments

Spammers Abuse Google Forms Quizzes to Perform Scams

CRAC Learning

Nov 29, 20231 min read

Spammers Abuse Google Forms Quizzes to Perform Scams

Overview The article highlights a concerning increase in crypto spam and scam messages utilizing Google Forms's Release scores feature to...

19 views0 comments

QR Code Scam Surge and How to Stay Secure

CRAC Learning

Nov 21, 20232 min read

QR Code Scam Surge and How to Stay Secure

A recent report by Palo Alto Networks shows a surge in QR code scan scams in India, with Bengaluru alone reporting approximately 21,000...

7 views0 comments

CRAC Learning

Nov 16, 20232 min read

Cyber attack on ports and harbors

A cyber-attack on Patrick Terminals was spotted on last friday. Patrick terminals, which handles around 40% of Australian imports and...

13 views0 comments

Google Calendar Service Could be Abused by attackers

CRAC Learning

Nov 8, 20231 min read

Google Calendar Service Could be Abused by attackers

Google has issued a warning about a threat involving a public proof-of-concept exploit named Google Calendar RAT (GCR, remote access...

12 views0 comments

CRAC Learning

Nov 1, 20231 min read

Aadhar Data breach

There was a recent data breach of Aadhar cards. According to a report by Resecurity, a US-based cybersecurity company, on October 9,...

12 views0 comments

SIM Swap Scam: How Your Mobile Number Becomes Their Key

CRAC Learning

Oct 30, 20232 min read

SIM Swap Scam: How Your Mobile Number Becomes Their Key

This write-up delves into a recent incident of SIM Swap, also known as a SIM card swap fraud or SIM hijacking, fraud that occurred in...

15 views0 comments

Plastic surgeries offices being targeted by cybercriminals

CRAC Learning

Oct 20, 20232 min read

Plastic surgeries offices being targeted by cybercriminals

(by Kritika Gaur) FBI warned Plastic surgery offices in the United States that they are under a cybersecurity threat of targeted attacks...

7 views0 comments

Address

Connect