Author Archives: Ravie Lakshmanan

Tata Power Company Limited, India’s largest integrated power company, on Friday confirmed it was targeted by a cyberattack.
The intrusion on IT infrastructure impacted “some of its IT systems,” the company said in a filing with the National Stock Exch… Continue reading Indian Energy Company Tata Power’s IT Infrastructure Hit By Cyber Attack→

Details have emerged about a now-patched security flaw in Windows Common Log File System (CLFS) that could be exploited by an attacker to gain elevated permissions on compromised machines.
Tracked as CVE-2022-37969 (CVSS score: 7.8), the issue was add… Continue reading Researchers Detail Windows Zero-Day Vulnerability Patched Last Month→

Telecommunications and IT service providers in the Middle East and Asia are being targeted by a previously undocumented Chinese-speaking threat group dubbed WIP19.
The espionage-related attacks are characterized by the use of a stolen digital certific… Continue reading New Chinese Cyberespionage Group Targeting IT Service Providers and Telcos→

A PHP version of an information-stealing malware called Ducktail has been discovered in the wild being distributed in the form of cracked installers for legitimate apps and games, according to the latest findings from Zscaler.
“Like older versions (.N… Continue reading New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts→

Web infrastructure and security company Cloudflare disclosed this week that it halted a 2.5 Tbps distributed denial-of-service (DDoS) attack launched by a Mirai botnet.
Characterizing it as a “multi-vector attack consisting of UDP and TCP floods,” res… Continue reading Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack→

A proof-of-concept (PoC) exploit code has been made available for the recently disclosed critical security flaw affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager, making it imperative that users move quickly to apply the patches.
“FortiOS… Continue reading PoC Exploit Released for Critical Fortinet Auth Bypass Bug Under Active Attacks→

A previously undocumented command-and-control (C2) framework dubbed Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems.
“Alchimist C2 has a web interface written in Simplified Chinese and can generate a configured p… Continue reading New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems→

A novel timing attack discovered against the npm’s registry API can be exploited to potentially disclose private packages used by organizations, putting developers at risk of supply chain threats.
“By creating a list of possible package names, threat … Continue reading New Timing Attack Against NPM Registry API Could Expose Private Packages→

An advanced persistent threat (APT) actor known as Budworm targeted a U.S.-based entity for the first time in more than six years, according to latest research.
The attack was aimed at an unnamed U.S. state legislature, the Symantec Threat Hunter team… Continue reading Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization→

An unofficial version of the popular WhatsApp messaging app called YoWhatsApp has been observed deploying an Android trojan known as Triada.
The goal of the malware is to steal the keys that “allow the use of a WhatsApp account without the app,” Kaspe… Continue reading Modified WhatsApp App Caught Infecting Android Devices with Malware→