Author Archives: Ravie Lakshmanan

Facebook appears to have silently rolled out a tool that allows users to remove their contact information, such as phone numbers and email addresses, uploaded by others.
The existence of the tool, which is buried inside a Help Center page about “Frien… Continue reading This Hidden Facebook Tool Lets Users Remove Their Email or Phone Number Shared by Others→

Security researchers are warning of “a trove of sensitive information” leaking through urlscan.io, a website scanner for suspicious and malicious URLs.
“Sensitive URLs to shared documents, password reset pages, team invites, payment invoices and more … Continue reading Experts Find URLScan Security Scanner Inadvertently Leaks Sensitive URLs and Data→

A phishing-as-a-service (PhaaS) platform known as Robin Banks has relocated its attack infrastructure to DDoS-Guard, a Russian provider of bulletproof hosting services.
The switch comes after “Cloudflare disassociated Robin Banks phishing infrastructu… Continue reading Robin Banks Phishing Service for Cybercriminals Returns with Russian Server→

Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers’ machines with a malware called W4SP Stealer.
“The mai… Continue reading Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer→

Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments.
The tech giant, in its 114-page Digital Defense Report, said it has “observ… Continue reading Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities→

The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach.
“This group abuses Google advertisements for the purpose of m… Continue reading Researchers Detail New Malware Campaign Targeting Indian Government Employees→

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation.
Prominent among them… Continue reading CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software→

A new analysis of tools put to use by the Black Basta ransomware operation has identified ties between the threat actor and the FIN7 (aka Carbanak) group.
This link “could suggest either that Black Basta and FIN7 maintain a special relationship or tha… Continue reading Researchers Find Links b/w Black Basta Ransomware and FIN7 Hackers→

A French-speaking threat actor dubbed OPERA1ER has been linked to a series of more than 30 successful cyber attacks aimed at banks, financial services, and telecom companies across Africa, Asia, and Latin America between 2018 and 2022.
According to Si… Continue reading OPERA1ER APT Hackers Targeted Dozens of Financial Organizations in Africa→

The operators of RomCom RAT are continuing to evolve their campaigns with rogue versions of software such as SolarWinds Network Performance Monitor, KeePass password manager, and PDF Reader Pro.
Targets of the operation consist of victims in Ukraine a… Continue reading Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT→