Free Demo

Trending

Report: Global Cybersecurity Report 2025          Report: Europe Threat Landscape Report 2025          Report: APAC Cyber Threat Landscape Report 2025          Report: North America Cyber Threat Landscape Report 2025          Report: META Threat Landscape Report 2025          Recognition: Cyble Recognized as 2026 Gartner® Peer Insights™ Strong Performer in “Voice of the Customer” for Brand Protection Software          Recognition: Cyble Recognized in the Gartner® Hype Cycle™ for Cyber-Risk Management, 2025          Recognition: Cyble Named a Sample Vendor in Gartner® Hype Cycle™ for Managed IT Services 2025         
Report: Global Cybersecurity Report 2025          Report: Europe Threat Landscape Report 2025          Report: APAC Cyber Threat Landscape Report 2025          Report: North America Cyber Threat Landscape Report 2025          Report: META Threat Landscape Report 2025          Recognition: Cyble Recognized as 2026 Gartner® Peer Insights™ Strong Performer in “Voice of the Customer” for Brand Protection Software          Recognition: Cyble Recognized in the Gartner® Hype Cycle™ for Cyber-Risk Management, 2025          Recognition: Cyble Named a Sample Vendor in Gartner® Hype Cycle™ for Managed IT Services 2025         

June 2021

16.8M Records Exposed Due to Misconfigured Elastic Database

June 30, 2021 / 2 minutes of reading

 On June 27, 2021, Cyble researchers acquired a misconfigured elastic database comprising 16.8M records of customs data. The compromised data includes business and customs-related information.  Upon further investigation, we found that this incident affects Argentina, Chile, Colombia, Costa Rica, Ecuador, England, India, Korea, Pakistan, Panama, Paraguay, Peru, Russia, Ukraine, Uruguay, USA, and Venezuela.  Figure 1 shows the exposed elastic database.  Figure 1: Exposed Elastic Database  Figure 2 shows the distribution of the exposed data in terms of

16.8M Records Exposed Due to Misconfigured Elastic Database Read More »

Android Application Disguised as Dating App Targets Indian Military Personnel

June 22, 2021 / 4 minutes of reading

During our regular threat hunting exercises, Cyble researchers discovered that threat actors are employing new attack vectors to target users belonging to different sectors across the world. Based on a blog by 360 Core Security, we observed PJobRAT spyware samples disguised as genuine dating and instant-messaging apps.   Our research was in line with the findings of 360 Core Security, and we found the spyware disguising as

Android Application Disguised as Dating App Targets Indian Military Personnel Read More »

DJVU Malware of STOP Ransomware Family Back with New Variant

June 21, 2021 / 3 minutes of reading

In the course of our routine darkweb monitoring, the Cyble research team discovered a new variant of the DJVU malware that belongs to the STOP ransomware family. This new variant has become one of the most widespread file-encrypting viruses of 2021.  DJVU was first identified in December 2018. In addition to attacks in the United States, most of its victims are from Europe, Asia, South American, and Africa. The DJVU malware uses Advanced Encryption Standard (AES) or RSA cryptography algorithms for encrypting files in the victim machine.   The Cyble research team found a sample of the DJVU malware and

DJVU Malware of STOP Ransomware Family Back with New Variant Read More »

Banking Trojan Variant Spreading Through Android App

June 17, 2021 / 3 minutes of reading

During our routine research operations/activities, Cyble Researchers found a variant of a banking Trojan that spreads through Android applications and steals the user’s sensitive information. Based on a post on Twitter, the fake banking application impersonated the prosecutor’s office of South Korea, with Korea as the primary target.  A banking Trojan is a malicious piece of software designed to gain unauthorized access to confidential information stored or processed through online banking systems. Generally, a Trojan performs malicious activities without the knowledge of the user. It establishes remote access connections, captures keyboard inputs, collects system information, downloads/uploads files in the victim’s machine, drops various malware into

Banking Trojan Variant Spreading Through Android App Read More »

Trends in Phishing Attacks and the Industries Commonly Targeted

June 13, 2021 / 6 minutes of reading

Research shows that there has been a considerable uptick in phishing attacks since the onset of the pandemic. Reports indicate that over 91% of information security breaches begin with attackers launching phishing attacks on victims.   According to a report by the Federal Bureau of Investigation (FBI), there were more than 11 times as many phishing attacks and complaints in 2020 than in 2016. Out of all the malware attacks, phishing was the most common

Trends in Phishing Attacks and the Industries Commonly Targeted Read More »

Scroll to Top