ThreatNix has uncovered a large scale phishing campaign using GitHub pages and targeted Facebook ads that has affected more than 615000 users. The campaign is targeting Nepal, Egypt, Philippines along with a large number of…
Last Saturday, June 29, 2019, a group calling themselves Black Hawk Caphilates released a list of 37,122 email addresses, supposedly belonging to Nepali people and claimed it to be the largest email leak in Nepal’s…
THREAT CON 2018 – Nepal’s First Hackers’ Convention organised by ThreatNix was successfully concluded on 23rd November. The two day event saw overwhelming participation of IT and cybersecurity professionals along with enthusiasts from various different…
ThreatNix is happy to announce that we have now added IS audit to our already substantial list of cybersecurity related services. IS audit involves a complete assessment of your IT infrastructure that encompasses policies, procedure,…
Nepal Government, in a surprising move, has made provisions for all government employees to be issued official email address (of the form *@mail.nepal.gov.np) and has mandated its compulsory use for all government offices and employees….
The Drupal team publicly acknowledged a serious vulnerability in the open source CMS Drupal on March with the release of a patch to address the vulnerability. The vulnerability stemming from insecure handling of user inputs…
The recent scandal of Facebook’s user data being harvested for use for election manipulation by Cambridge Analytica has brought the issue of data security to wider public discussion. Our private data entrusted to an entity…
Darknet is a concealed part of the Internet that is specially designed to ensure the anonymity of users. While it does exist within the Internet, it can only be accessed with special tools and software….
Threat Report 2017 is a comprehensive report that has analysed the security of Nepali cyberspace. It compiles all the major cybersecurity incidents that occured in the last year within Nepal and all the major issues…
This is a short post about a vulnerability that Prakash Sharma from our web app pentesting team, found in Microsoft Edge. TL;DR Edge failed to recognize HTTP Authentication information (i.e. Authorization Header) as credential information…