Author Archives: Ravie Lakshmanan

An unofficial patch has been made available for an actively exploited security flaw in Microsoft Windows that makes it possible for files signed with malformed signatures to sneak past Mark-of-the-Web (MotW) protections.
The fix, released by 0patch, a… Continue reading Unofficial Patch Released for New Actively Exploited Windows MotW Vulnerability→

A now-patched security flaw has been disclosed in the Galaxy Store app for Samsung devices that could potentially trigger remote command execution on affected phones.
The vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-s… Continue reading Samsung Galaxy Store Bug Could’ve Let Hackers Secretly Install Apps on Targeted Devices→

Cloud-based repository hosting service GitHub has addressed a high-severity security flaw that could have been exploited to create malicious repositories and mount supply chain attacks.
The RepoJacking technique, disclosed by Checkmarx, entails a bypa… Continue reading GitHub Repojacking Bug Could’ve Allowed Attackers to Takeover Other Users’ Repositories→

Communication services provider Twilio this week disclosed that it experienced another “brief security incident” in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information.
The… Continue reading Twilio Reveals Another Breach from the Same Hackers Behind the August Hack→

Multiple high-severity security flaws have been disclosed as affecting Juniper Networks devices, some of which could be exploited to achieve code execution.
Chief among them is a remote pre-authenticated PHP archive file deserialization vulnerability … Continue reading High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices→

Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and performing on-device f… Continue reading These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets→

A recently discovered hacking group known for targeting employees dealing with corporate transactions has been linked to a new backdoor called Danfuan.
This hitherto undocumented malware is delivered via another dropper called Geppei, researchers from… Continue reading Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers→

Google on Thursday rolled out emergency fixes to contain an actively exploited zero-day flaw in its Chrome web browser.
The vulnerability, tracked as CVE-2022-3723, has been described as a type confusion flaw in the V8 JavaScript engine.
Security rese… Continue reading Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability→

The Raspberry Robin worm is becoming an access-as-a-service malware for deploying other payloads, including IcedID, Bumblebee, TrueBot (aka Silence), and Clop ransomware.
It is “part of a complex and interconnected malware ecosystem, with links to oth… Continue reading Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints→

A 34-year-old U.K. national has been arraigned in the U.S. for operating a dark web marketplace called The Real Deal that specialized in the sales of hacking tools and stolen login credentials.
Daniel Kaye, who went by a litany of pseudonyms Popopret,… Continue reading British Hacker Charged for Operating “The Real Deal” Dark Web Marketplace→