Tier3 Cyber Alerts
Blog & News

GALLIUM – TELCO companies attacked around world

A team of researchers from the Microsoft Threat Intelligence Center (MSTIC) has warned of an ongoing attacks by the GALLIUM cybercriminal group targeting telecommunication providers in Southeast Asia, Europe and Africa. Attackers exploit vulnerabilities in the WildFly open ...
Read More

PPRA.ORG.PK – Hacked Cyber Alert

Tier3 monitoring teams have detected that Public Procurement Regulatory Authority (PPRA) official website ppra.org.pk was earlier this morning by a hacker group "The Crash Rulers" . It is the same group that supposedly hacked Pakistan ...
Read More

US – launched cyberattacks on Iran’s Systems

US officials say their attacks on Iranian military computers disabled systems that control missile and rocket launchers. The United States military launched cyberattacks against Iranian missile control systems and a spy network on Thursday after ...
Read More

Hackers attack Pakistani Govt’s passport application tracking site

Scanbox framework used to hack Pakistani Govt’s passport application tracking site http://tracking.dgip.gov.pk Experts uncovered a watering hole attack against the Pakistani Govt’s passport application tracking site, hackers used the Scanbox Framework to steal visitors’ data ...
Read More

WhatsApp Hacked – Vulnerable App used for Surveillance

Hackers were able to use the vulnerability and install other malware on phones. After 2 Weeks WhatsApp confirms its 1.5 Billion users need an upgrade. WhatsApp the most popular messenger app, is also owned by ...
Read More

Fileless Malware Attacks -The Growing threat to Pakistani Enterprises

Fileless malware attacks are increasing every day.They can nowadays be seen as the perfect crime of opportunity. The initial vector of these attack can be a seemingly innocuous business email with a link to an ...
Read More

Authorities Issue Alert Warning of Potential for Cyber Attacks

In a latest security alert email sent by PKNIC (registrar of all .PK domains ) to its customers, it is reported that there has been an increase in cyber attacks on Pakistani IT installations in ...
Read More

Worst passwords for 2018?

Even if security experts continue to make awareness campaign, people continue to use bad passwords exposing their data to the risk of hack. Bad habits are hard to die, 123456 is the most used password ...
Read More

How to Protect yourself from bank fraud and cyber crime in Pakistan?

1. Do not give any personal information (name, address, bank details, email or phone number) to organisations or people before verifying their credentials. Always question unsolicited calls, texts or emails requesting your personal or financial ...
Read More

DEBIT / CREDIT CARD FRAUD in Pakistan. A guide on what to do ?

Payment/ bank card fraud involves the compromise of any personal information from credit, debit or store cards. The personal information stolen from a card, or the theft of a card itself, can be used to ...
Read More
March 10, 2016

Pakistan Energy Resource portal – Data Breached

  Data Breach Alert web address : http://energy.pec.org.pk/ Breach Date : MAR 6TH, 2016 pastebin link : http://pastebin.com/sEznQigs Admin details Username: admin Password: energy211 Users details http://energy.pec.org.pk/si.php Username|password […]
February 5, 2016

safeguard.com.pk – xss vulnerability

Description : safeguard.com.pk Safeguard is a leading antibacterial soap in Pakistan. Safeguard is a leading antibacterial soap in Pakistan. Vulnerability Type : xss Notification & Disclosure Timeline […]
February 5, 2016

tune.pk – xss vulnerability

Description :  tune.pk Tune.pk – Watch, Share & Discover Videos!. bringing you best videos from all over the world – entertainment, sports, news, politics, technology, music, […]
February 5, 2016

nips.org.pk – xss vulnerabitlity

National Institute of Population Studies. National Institute of Population Studies. nips.org.pk Vulnerable URL: http://www.nips.org.pk/signin.php?msg=PGltZyBzcmM9eCBvbmVycm9yPWNvbmZp cm0oJ3hzc3Bvc2VkJykvLw== Other details: Patched: No Vulnerability type: XSS Vulnerability status: Publicly disclosed Alexa […]
January 25, 2016

mitchells.com.pk – xss vulnerability

  Vulnerable Website Description: mitchells.com.pk Mitchell’s Fruit Farms Limited – Welcome!. Vulnerability Details: Verified Yes, at 21.01.2016 Type XSS Status On Hold Expected Full Disclosure 14.04.2016
January 8, 2016

rozee.pk – xss vulnerability

Vulnerable Website Description: ROZEE.PK Jobs in Pakistan, Careers in Pakistan, Jobs, Employment, Careers | ROZEE.PK. Find best Jobs in Pakistan, jobs listings and job opportunities on ROZEE.PK. […]
January 8, 2016

cup.org.pk – xss vulnerability

  Vulnerable Website Description: cup.org.pk CUP-CUP Program Offices. CUP Program Offices. Vulnerability Details: Verified Yes, at 07.01.2016 Type XSS Status On Hold Full Disclosure 31.03.2016
January 6, 2016

Six Cyber Security Trends for 2016

Six Cyber Security Trends for 2016   Well, if you thought you had it rough in 2014 because of big, bad Poodles and an irritating case […]