Home - Checkmate

Stalkerware – Is Somebody Watching You?

Trigger Warning – Abuse, Stalking, Death She runs through an endless corridor of darkness, confused and helpless. Her heartbeat racing, her mind on overdrive. Why would he? How could he [more]
Technical Analysis of DearCry Ransomware

Note: This is a technical deep-dive into DearCry ransomware. If you want a preliminary analysis of the ransomware, you can find it here. The Network Intelligence team initiated a Static [more]
DearCry Makes Organisations Cry

Note: We have also done a technical analysis on DearCry. Read here. It’s a warm summer morning. While sipping your morning coffee, you access the work email. But you’re unable [more]
New Wave of Targeted Hacking Campaigns and Ransomware Attacks Exploiting Microsoft Exchange Server Vulnerabilities

Multiple threat actors, including Hafnium, LuckyMouse, Calypso, Winnti, Bronze Butler, Websiic, Tonto, Mikroceen, and DLTMiner, are actively targeting four zero-day Microsoft Exchange vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065) in their targeted [more]
Vulnerabilities and Privacy Issues with Clubhouse App

Clubhouse and its exponential growth during COVID-19 Clubhouse is an invite-only audio-chat iPhone app founded by Paul Davison and Rohan Seth. It allows users to create groups for conversations, including [more]

What is the security feature bypass vulnerability & update affecting Windows customers worldwide?

March 2, 2021 0

Brief about the vulnerability The security feature bypass vulnerability (CVE-2020-0689) allows attackers to bypass the secure boot feature and load untrusted or malicious software during the Windows boot-up process. While [more]

How to Evaluate the ROI on Your Cyber Security Investments?

January 29, 2021 0

Global Cyber Security Spends The world seems to have undergone a decade’s worth of cybersecurity acceleration within a brief period of one year. And that shows in the cybersecurity spends [more]

SAP Security Assessment Methodology Part 3 – Credential Centric Attack Vectors

January 22, 2021 0

Before proceeding with this methodology some SAP terminologies are to be understood: Client – A client is a 3-digit number that could be understood as a specific customer. This means [more]

SAP Security Assessment Methodology Part 2 -Credential-less Attack Vectors

December 31, 2020 0

You can read Part 1 here. It may be possible that multiple SAP servers could run across different systems. Identify all the servers before proceeding with the assessment. This [more]

SAP Security Assessment Methodology Part 1 – A Penetration Tester Meets SAP

December 11, 2020 2

SAP is a software suite that offers standard business solutions; it is used by thousands of customers across the globe to manage their businesses to manage financial, asset, and cost [more]