Cyber Threat Intelligence – Alerts

May 5, 2021

CVE 2018-13379, CVE-2020-12812, and CVE-2019-5591- Exploited to gain access

The FBI and CISA believe the APT actors are likely exploiting these Fortinet FortiOS vulnerabilities—CVE 2018-13379, CVE-2020-12812, and CVE-2019-5591—to gain access to multiple government, commercial, and technology services networks.
December 14, 2020

SOLARWINDS ORION NETWORK MANAGEMENT PRODUCTS – Vulnerability

There is a known vulnerability and SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. This attack tactic permits an attacker to gain access to network traffic […]
December 10, 2020

Indian Fake News Mills – State Sponsored Fake News Networks

A European investigative and cyber security group has uncovered an Indian disinformation network and Fake News Network operating since 2005 to discredit nations in conflict with Delhi, particularly Pakistan. In a detail report named as […]
August 12, 2020

Pakistan foils latest cyber attack by Indian Agencies and APT Groups

The Inter-Services Public Relations (ISPR) on Wednesday confirmed that Pakistan’s intelligence agencies had identified a major cyber attack by Indian intelligence agencies and APT groups. This cyber attack was targeting the mobile phones and personal […]
March 17, 2020

Remote Work Guide – Pakistan

In response to the recent viral outbreak in Pakistan, many organizations are asking their employees to work remotely. This, though, brings new challenges to the workplace as workers and companies in Pakistan are adapting to […]
March 12, 2020

Remote Work & Telecommuting – 5 Step Cyber Security Guide

The work-from-home culture or remote work is already adopted by almost one in five workers from around the world, many Pakistani organizations and enterprises are facing the potential of teleworking scenarios. What if in-office employees need to work from home?
December 14, 2019

GALLIUM – TELCO companies attacked around world

After penetrating the company’s network, these criminals begin to collect credentials using common tools and TTP (tactics, methods and procedures). They use compromised credentials and the PsExec utility to move around the network and execute processes on other systems.
July 8, 2019

PPRA.ORG.PK – Hacked Cyber Alert

Tier3 monitoring teams have detected that Public Procurement Regulatory Authority (PPRA) official website ppra.org.pk was earlier this morning by a hacker group “The Crash Rulers” . It is the same group that supposedly hacked Pakistan […]