Sequretek's AI and ML-powered technology protects your enterprise against all threats, known and unknown. Sequretek is one of the very few companies in India that offers a blend of its own core threat intelligence products along with both on-premise and cloud solutions.
Businesses usually tend to trust their partners/ technology partners when related to the security of the data flowing across partners. This approach has changed drastically these days; now businesses themselves need to focus on their cyber security measures. There is a sudden rise in the number of supply chain attacks, by which we can conclude that attackers are easily spotting out vulnerabilities in the supply chain network of the organisations.
Overview Here at Sequretek Malware Analysis lab (SMA-LAB) we observed a new type of clever and sophisticated Ransomware variant dubbed as “AVCRYPT” which attempts to uninstall existing security software present on the victim PCs before performing its malevolent activities. AVCRYPT was discovered by cyber-security researchers which include Lawrence Abrams, MalwareHunterTeam and Michael Gillespie. Technical Analysis […]
Introduction Once infected, Saturn ransomware executes commands to disable Windows repair and clear Windows backup catalog. It encrypts the files and adds Saturn to their name. The ransomware also leaves a ransom note in each folder, which contains a link to the payment site. The authors of the newly-discovered Saturn ransomware are allowing anyone to […]
Introduction With the help of this report I will explain how we make a POC exploitable. In place of malicious payload, I use reverse connection (Shell.exe) payload with the help of Metasploit. Description Dot NET Framework Remote Code Execution Vulnerability. Microsoft Windows is prone to remote code-execution vulnerability. Successfully exploiting this issue may allow attackers […]
Zero-Days Exploit (cve-2017-11826)-Memory Corruption Vulnerability File Details Filename cve-2017-11826.doc.bin Size 680,268 Bytes MD5 B2AE500B7376044AE92976D9E4B65AF8 SHA1 7352EA59DCD83C3A72784DC381A7B6B5616C6629 SHA256 CB3429E608144909EF25DF2605C24EC253B10B6E99CBB6657AFA6B92E9F32FB5 Static Analysis Basic information Latest Patch of Microsoft brought patches for 62 vulnerabilities, including one that fixed СVE-2017-11826 critical zero-day vulnerability used to launch targeted attacks – in all versions of Microsoft Office. To control the memory content at […]
2017 has already seen huge impact of ransomware outbreaks, namely Wannacry and NotPetya and as we come close to the end of the year, another one adds to the list. Bad Rabbit, named such because the authors named the page such where they demand the ransom alongwith bitcoin details Early infection reports suggest the […]
Earlier this week, a new malware with characteristics of ransomware and wiper surfaced with resemblance of Petya, a previous ransomware. Based on our preliminary findings we think this is not a variant of Petya ransomware as publicly reported, but with much more different capabilities and affects. This appears to be a complex attack which involves […]
EPS Processing Zero-Days Exploited File Details Filename 6785e29698444243677300db6a0c519909ae9e620d575e76d9be4862b33ed490.bin Size 251,036 Bytes MD5 2ABE3CC4BFF46455A945D56C27E9FB45 SHA1 0BD354D1EEA9E4864F4C17E6C22BFDB81D88DDEE SHA256 6785E29698444243677300DB6A0C519909AE9E620D575E76D9BE4862B33ED490 Technologies Affected Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack […]
Summary A recent ransomware outbreak occurred termed as “WannaCry”, a different kind of ransomware as compared to the usual traditional ransomwares. This ransomware possesses worm like features, uses Eternalblue exploit which exploits the Microsoft Windows SMB Server vulnerability (MS 17-010). It scans for the vulnerable computers over the network and then performs the attack rather […]