Posts filtered by tags: Ravie Lakshmanan[x]


Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats

Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post. At least 11 U.S. Embassy officials stationed in Uganda or focusing on issues pertaining to the [Author: [email protected] (Ravie Lakshmanan)]
Tags: Apple, Washington Post, Tech, Uganda, Reuters, U S State Department, U S Embassy, NSO Group, Ravie Lakshmanan, U S Embassy and State Department

Warning: Yet Another Zoho ManageEngine Product Found Under Active Attacks

Enterprise software provider Zoho on Friday warned that a newly patched critical flaw in its Desktop Central and Desktop Central MSP is being actively exploited by malicious actors, marking the third security vulnerability in its products to be abused in the wild in a span of four months. The issue, assigned the identifier CVE-2021-44515, is an authentication bypass vulnerability [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Zoho, Ravie Lakshmanan

Researchers Detail How Pakistani Hackers Targeting Indian and Afghan Governments

A Pakistani threat actor successfully socially engineered a number of ministries in Afghanistan and a shared government computer in India to steal sensitive Google, Twitter, and Facebook credentials from its targets and stealthily obtain access to government portals. Malwarebytes' latest findings go into detail about the new tactics and tools adopted by the APT group known as SideCopy, which is [Author: [email protected] (Ravie Lakshmanan)]
Tags: Facebook, India, Tech, Afghanistan, Google Twitter, Ravie Lakshmanan

New Malvertising Campaigns Spreading Backdoors, Malicious Chrome Extensions

A series of malicious campaigns have been leveraging fake installers of popular apps and games such as Viber, WeChat, NoxPlayer, and Battlefield as a lure to trick users into downloading a new backdoor and an undocumented malicious Google Chrome extension with the goal of stealing credentials and data stored in the compromised systems as well as maintaining persistent remote access. Cisco Talos [Author: [email protected] (Ravie Lakshmanan)]
Tags: Google, Tech, Ravie Lakshmanan

New Payment Data Stealing Malware Hides in Nginx Process on Linux Servers

E-commerce platforms in the U.S., Germany, and France have come under attack from a new form of malware that targets Nginx servers in an attempt to masquerade its presence and slip past detection by security solutions. "This novel code injects itself into a host Nginx application and is nearly invisible," Sansec Threat Research team said in a new report. "The parasite is used to steal data from [Author: [email protected] (Ravie Lakshmanan)]
Tags: France, Germany, Tech, Ravie Lakshmanan, Sansec Threat Research

CISA Warns of Actively Exploited Critical Zoho ManageEngine ServiceDesk Vulnerability

The U.S. Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are warning of active exploitation of a newly patched flaw in Zoho's ManageEngine ServiceDesk Plus product to deploy web shells and carry out an array of malicious activities. Tracked as CVE-2021-44077 (CVSS score: 9.8), the issue relates to an unauthenticated, remote code execution [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Cisa, Zoho, U S Federal Bureau of Investigation FBI, Ravie Lakshmanan

Meta Expands Facebook Protect Program to Activists, Journalists, Government Officials

Meta, the company formerly known as Facebook, on Thursday announced an expansion of its Facebook Protect security program to include human rights defenders, activists, journalists, and government officials who are more likely to be targeted by bad actors across its social media platforms. "These people are at the center of critical communities for public debate," said Nathaniel Gleicher, head of [Author: [email protected] (Ravie Lakshmanan)]
Tags: Facebook, Tech, Facebook Protect, Nathaniel Gleicher, Ravie Lakshmanan, Meta Expands Facebook Protect Program

Researches Detail 17 Malicious Frameworks Used to Attack Air-Gapped Networks

Four different malicious frameworks designed to attack air-gapped networks were detected in the first half of 2020 alone, bringing the total number of such toolkits to 17 and offering adversaries a pathway to cyber espionage and exfiltrate classified information. "All frameworks are designed to perform some form of espionage, [and] all the frameworks used USB drives as the physical transmission [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Ravie Lakshmanan, Attack Air Gapped Networks

Researchers Warn Iranian Users of Widespread SMS Phishing Campaigns

Socially engineered SMS messages are being used to install malware on Android devices as part of a widespread phishing campaign that impersonates the Iranian government and social security services to make away with credit card details and steal funds from victims' bank accounts. Unlike other variants of banking malware that bank of overlay attacks to capture sensitive data without the knowledge [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Ravie Lakshmanan

Russian Man Gets 60 Months Jail for Providing Bulletproof Hosting to Cyber Criminals

A Russian national charged with providing bulletproof hosting services for cybercriminals, who used the platform to spread malware and attack U.S. organizations and financial institutions between 2009 to 2015, has received a 60-month prison sentence. 34-year-old Aleksandr Grichishkin, along with Andrei Skvortsov, founded the bulletproof hosting service and rented its infrastructure to other [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Ravie Lakshmanan, Aleksandr Grichishkin, Andrei Skvortsov

Critical Bug in Mozilla’s NSS Crypto Library Potentially Affects Several Other Software

Mozilla has rolled out fixes to address a critical security weakness in its cross-platform Network Security Services (NSS) cryptographic library that could be potentially exploited by an adversary to crash a vulnerable application and even execute arbitrary code. Tracked as CVE-2021-43527, the flaw affects NSS versions prior to 3.73 or 3.68.1 ESR, and concerns a heap overflow vulnerability when [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Mozilla, NSS, ESR, Ravie Lakshmanan, Network Security Services NSS

New EwDoor Botnet Targeting Unpatched AT&T Network Edge Devices

A newly discovered botnet capable of staging distributed denial-of-service (DDoS) attacks targeted unpatched Ribbon Communications (formerly Edgewater Networks) EdgeMarc appliances belonging to telecom service provider AT&T by exploiting a four-year-old flaw in the network appliances. Chinese tech giant Qihoo 360's Netlab network security division, which detected the botnet first on October 27, [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Ribbon Communications, Netlab, Ravie Lakshmanan, T Network Edge Devices, Edgewater Networks EdgeMarc

Hackers Increasingly Using RTF Template Injection Technique in Phishing Attacks

Three different state-sponsored threat actors aligned with China, India, and Russia have been observed adopting a new method called RTF (aka Rich Text Format) template injection as part of their phishing campaigns to deliver malware to targeted systems. "RTF template injection is a novel technique that is ideal for malicious phishing attachments because it is simple and allows threat actors to [Author: [email protected] (Ravie Lakshmanan)]
Tags: Russia, Tech, China India, Ravie Lakshmanan

Hacker Jailed for Stealing Millions of Dollars in Cryptocurrencies by SIM Hijacking

A sixth member associated with an international hacking group known as The Community has been sentenced in connection with a multimillion-dollar SIM swapping conspiracy, the U.S. Department of Justice (DoJ) said. Garrett Endicott, 22, from the U.S. state of Missouri, who pleaded guilty to charges of wire fraud and aggravated identity theft following an indictment in 2019, was sentenced to 10 [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Missouri, U S Department of Justice DOJ, Ravie Lakshmanan, Garrett Endicott

Twitter Bans Users From Posting ‘Private Media’ Without a Person's Consent

Twitter on Tuesday announced an expansion to its private information policy to include private media, effectively prohibiting the sharing of photos and videos without express permission from the individuals depicted in them with an aim to curb doxxing and harassment. "Beginning today, we will not allow the sharing of private media, such as images or videos of private individuals without their [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Ravie Lakshmanan

Critical Wormable Security Flaw Found in Several HP Printer Models

Cybersecurity researchers on Tuesday disclosed multiple security flaws affecting 150 different multifunction printers (MFPs) from HP Inc that could be potentially abused by an adversary to take control of vulnerable devices, pilfer sensitive information, and infiltrate enterprise networks to mount other attacks. The two weaknesses — collectively called Printing Shellz — were discovered and [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, HP Inc, Ravie Lakshmanan

Panasonic Suffers Data Breach After Hackers Hack Into Its Network

Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers. "As the result of an internal investigation, it was determined that some data on a file server had been accessed during the intrusion," the company said in a short statement published on November 26. [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Panasonic, Ravie Lakshmanan, Panasonic Suffers Data Breach

Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS

Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation (LPE) on vulnerable systems. Tracked as CVE-2021-24084 (CVSS score: 5.5), the flaw concerns an information disclosure vulnerability in the Windows Mobile Device Management component that could enable an attacker to gain [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Ravie Lakshmanan

WIRTE Hacker Group Targets Government, Law, Financial Entities in Middle East

Government, diplomatic entities, military organizations, law firms, and financial institutions primarily located in the Middle East have been targeted as part of a stealthy malware campaign as early as 2019 by making use of malicious Microsoft Excel and Word documents. Russian cybersecurity company Kaspersky attributed the attacks with high confidence to a threat actor named WIRTE, adding the [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Middle East, Kaspersky, Microsoft Excel, Ravie Lakshmanan

4 Android Banking Trojan Campaigns Targeted Over 300,000 Devices in 2021

Four different Android banking trojans were spread via the official Google Play Store between August and November 2021, resulting in more than 300,000 infections through various dropper apps that posed as seemingly harmless utility apps to take full control of the infected devices. Designed to deliver Anatsa (aka TeaBot), Alien, ERMAC, and Hydra, cybersecurity firm ThreatFabric said the malware [Author: [email protected] (Ravie Lakshmanan)]
Tags: Google Play Store, Tech, Hydra, Ravie Lakshmanan, ThreatFabric, Android Banking Trojan Campaigns, Anatsa

New Chinotto Spyware Targets North Korean Defectors, Human Rights Activists

North Korean defectors, journalists who cover North Korea-related news, and entities in South Korea are being zeroed in on by a nation-state-sponsored advanced persistent threat (APT) as part of a new wave of highly-targeted surveillance attacks. Russian cybersecurity firm Kaspersky attributed the infiltrations to a North Korean hacker group tracked as ScarCruft, also known as APT37, Reaper [Author: [email protected] (Ravie Lakshmanan)]
Tags: South Korea, North Korea, Tech, Kaspersky, Ravie Lakshmanan, ScarCruft

Hackers Using Compromised Google Cloud Accounts to Mine Cryptocurrency

Threat actors are exploiting improperly-secured Google Cloud Platform (GCP) instances to download cryptocurrency mining software to the compromised systems as well as abusing its infrastructure to install ransomware, stage phishing campaigns, and even generate traffic to YouTube videos for view count manipulation. "While cloud customers continue to face a variety of threats across applications [Author: [email protected] (Ravie Lakshmanan)]
Tags: Google, Youtube, Tech, Ravie Lakshmanan

Interpol Arrests Over 1,000 Cyber Criminals From 20 Countries; Seizes $27 Million

A joint four-month operation coordinated by Interpol, the international criminal police organization, has culminated in the arrests of more than 1,000 cybercriminals and the recovery of $27 million in illicit proceeds. Codenamed "HAECHI-II," the crackdown enabled law enforcement units from across 20 countries, as well as Hong Kong and Macao, close 1,660 cases alongside blocking 2,350 bank [Author: [email protected] (Ravie Lakshmanan)]
Tags: Hong Kong, Tech, Interpol, Macao, Ravie Lakshmanan

Italy's Antitrust Regulator Fines Google and Apple for "Aggressive" Data Practices

Italy's antitrust regulator has fined both Apple and Google €10 million each for what it calls are "aggressive" data practices and for not providing consumers with clear information on commercial uses of their personal data during the account creation phase. The Autorità Garante della Concorrenza e del Mercato (AGCM) said "Google and Apple did not provide clear and immediate information on the [Author: [email protected] (Ravie Lakshmanan)]
Tags: Apple, Google, Tech, Italy, Ravie Lakshmanan, Mercato AGCM

Hackers Targeting Biomanufacturing Facilities With Tardigrade Malware

An advanced persistent threat (APT) has been linked to cyberattacks on two biomanufacturing companies that occurred this year with the help of a custom malware loader called "Tardigrade." That's according to an advisory published by Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) this week, which noted that the malware is actively spreading across the sector with the likely goal of [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Ravie Lakshmanan

Crypto Hackers Using Babadeda Crypter to Make Their Malware Undetectable

A new malware campaign has been discovered targeting cryptocurrency, non-fungible token (NFT), and DeFi aficionados through Discord channels to deploy a crypter named "Babadeda" that's capable of bypassing antivirus solutions and stage a variety of attacks. "[T]his malware installer has been used in a variety of recent campaigns to deliver information stealers, RATs, and even LockBit ransomware, [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, NFT, Ravie Lakshmanan, Babadeda Crypter, Babadeda

CronRAT: A New Linux Malware That’s Scheduled to Run on February 31st

Researchers have unearthed a new remote access trojan (RAT) for Linux that employs a never-before-seen stealth technique that involves masking its malicious actions by scheduling them for execution on February 31st, a non-existent calendar day. Dubbed CronRAT, the sneaky malware "enables server-side Magecart data theft which bypasses browser-based security solutions," Sansec Threat Research said [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Magecart, Ravie Lakshmanan, Sansec Threat Research

Israel Bans Sales of Hacking and Surveillance Tools to 65 Countries

Israel's Ministry of Defense has dramatically restricted the number of countries to which cybersecurity firms in the country are allowed to sell offensive hacking and surveillance tools to, cutting off 65 nations from the export list. The revised list, details of which were first reported by the Israeli business newspaper Calcalist, now only includes 37 countries, down from the previous 102: [Author: [email protected] (Ravie Lakshmanan)]
Tags: Israel, Tech, Ministry of Defense, Calcalist, Ravie Lakshmanan

This New Stealthy JavaScript Loader Infecting Computers with Malware

Threat actors have been found using a previously undocumented JavaScript malware strain that functions as a loader to distribute an array of remote access Trojans (RATs) and information stealers. HP Threat Research dubbed the new, evasive loader "RATDispenser," with the malware responsible for deploying at least eight different malware families in 2021. Around 155 samples of this new malware [Author: [email protected] (Ravie Lakshmanan)]
Tags: Tech, Ravie Lakshmanan

Hackers Using Microsoft MSHTML Flaw to Spy on Targeted PCs with Malware

A new Iranian threat actor has been discovered exploiting a now-addressed critical flaw in the Microsoft Windows MSHTML platform to target Farsi-speaking victims with a new PowerShell-based information stealer designed to harvest extensive details from infected machines. "[T]he stealer is a PowerShell script, short with powerful collection capabilities — in only ~150 lines, it provides the [Author: [email protected] (Ravie Lakshmanan)]
Tags: Microsoft, Tech, Farsi, Ravie Lakshmanan

show more filters
October - 2021
November - 2021
December - 2021