Author: CloudSek

Facilitating Phishing and Pig Butchering Activities using Zendesk Infrastructure [Bait & Switch Mode]
This report serves as an advisory to organizations regarding the misuse of Zendesk’s platform for creating subdomains that impersonate legitimate companies, potentially facilitating investment scams. The analysis highlights how these domains can be exploited for phishing attacks, particularly through a technique known as Pig Butchering. Organizations are urged to block or take down suspicious domains to prevent disruptions.…
Read More
15K Fortigate Firewall Configs Leaked By Belsen Group: Dumped Using Zero-Day in 2022
A recent leak of over 15,000 Fortigate firewall configurations has raised concerns about the security of devices vulnerable to CVE-2024-55591 and CVE-2022-40684. The threat actor known as “Belsen_Group” is believed to have exploited these vulnerabilities and subsequently leaked the configurations in January 2025. Organizations are urged to check their exposure and take necessary mitigation steps.…
Read More

CloudSEK’s XVigil is a transformative digital risk protection platform that enhances cybersecurity by providing comprehensive threat monitoring and actionable insights. Its capabilities have proven essential for organizations like Reddoorz in identifying and mitigating cyber threats effectively. #Cybersecurity #DigitalRiskProtection #XVigil

Keypoints :

CloudSEK’s XVigil enhances cybersecurity by monitoring digital ecosystems.…
Read More

The post-holiday season sees a surge in online shopping scams and phishing attacks, as cybercriminals exploit eager consumers seeking deals. These scams include CEO fraud, fake domains, malicious advertising, and fraudulent payment portals. Awareness and vigilance are essential for shoppers to protect themselves from financial loss and identity theft.…
Read More

The TRIAD Team’s investigation reveals significant risks associated with the misuse of Postman workspaces, exposing sensitive information across various industries. Over 30,000 publicly accessible workspaces were found leaking critical data, including API keys and tokens, leading to potential data breaches and malicious activities. Enhanced security practices are essential to mitigate these vulnerabilities.…
Read More

Cyber Monday presents a prime opportunity for cybercriminals, leading to an increase in scams targeting online shoppers. This report analyzes various scam tactics, their psychological underpinnings, and offers mitigation strategies for consumers and businesses to enhance online security. #CyberMonday #OnlineSafety #ScamAwareness

Keypoints :

Cyber Monday attracts millions of consumers, making it a target for cybercriminals.…
Read More

Halloween scams are increasingly prevalent, exploiting the excitement of the season to deceive consumers through various schemes. Awareness and education are essential to safeguard against these scams. #HalloweenScams #OnlineSafety #FraudPrevention

Keypoints :

Scammers exploit Halloween-related online activities to target consumers. Common scams include fake costume websites, phishing emails, and counterfeit event tickets.…
Read More

Deepfakes pose significant challenges to privacy and democracy, especially in the context of the US Elections, where manipulated media can distort public perception and influence voter behavior. This blog explores the implications of deepfakes and the importance of detection technologies. #Deepfakes #USPolitics #DigitalIntegrity

Keypoints :

Deepfakes are AI-generated media that convincingly alter appearances and voices.…
Read More

This report by CloudSEK’s TRIAD team highlights the rising trend of cryptocurrency counterfeiting, particularly focusing on a scam involving a counterfeit token named “BRICS.” This token exploits the legitimacy of the BRICS organization to lure investors into a “rug pull” scam. Awareness and caution are essential for investors to protect themselves from such deceptive practices.…
Read More

CloudSEK’s research team has uncovered a sophisticated scam targeting air travelers through a malicious Android app named ‘Lounge Pass’, which steals SMS messages from victims. The investigation revealed that approximately 450 travelers fell victim, leading to significant financial losses. The app’s Firebase endpoint was exposed, highlighting the extent of the scam.…
Read More