Author Archives: Ravie Lakshmanan

Threat actors associated with the notorious Emotet malware are continually shifting their tactics and command-and-control (C2) infrastructure to escape detection, according to new research from VMware.
Emotet is the work of a threat actor tracked as M… Continue reading New Report Uncovers Emotet’s Delivery and Evasion Techniques Used in Recent Attacks→

Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week.
The published content contains Unified Extensible Firmware Interf… Continue reading Intel Confirms Leak of Alder Lake BIOS Source Code→

BNB Chain, a blockchain linked to the Binance cryptocurrency exchange, disclosed an exploit on a cross-chain bridge that drained around $100 million in digital assets.
“There was an exploit affecting the native cross-chain bridge between BNB Beacon Ch… Continue reading Hackers Steal $100 Million Cryptocurrency from Binance Bridge→

A severe remote code execution vulnerability in Zimbra’s enterprise collaboration software and email platform is being actively exploited, with no patch currently available to remediate the issue.
The shortcoming, assigned CVE-2022-41352, carries a cr… Continue reading Hackers Exploiting Unpatched RCE Flaw in Zimbra Collaboration Suite→

Microsoft on Friday disclosed it has made more improvements to the mitigation method offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server.
To that end, the tech giant has revised t… Continue reading Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities→

Fortinet has privately warned its customers of a security flaw affecting FortiGate firewalls and FortiProxy web proxies that could potentially allow an attacker to perform unauthorized actions on susceptible devices.
Tracked as CVE-2022-40684, the hig… Continue reading Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy→

Meta Platforms on Friday disclosed that it had identified over 400 malicious apps on Android and iOS that it said targeted online users with the goal of stealing their Facebook login information.
“These apps were listed on the Google Play Store and Ap… Continue reading Facebook Detects 400 Android and iOS Apps Stealing Users Log-in Credentials→

Multiple campaigns that distributed trojanized and typosquatted packages on the NPM open source repository have been identified as the work of a single threat actor dubbed LofyGang.
Checkmarx said it discovered 199 rogue packages totaling thousands of… Continue reading LofyGang Distributed ~200 Malicious NPM Packages to Steal Credit Card Data→

In what’s a new phishing technique, it has been demonstrated that the Application Mode feature in Chromium-based web browsers can be abused to create “realistic desktop phishing applications.”
Application Mode is designed to offer native-like experien… Continue reading Hackers Can Use ‘App Mode’ in Chromium Browsers’ for Stealth Phishing Attacks→

In yet another case of bring your own vulnerable driver (BYOVD) attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions.
“The evasion technique supports disabling a whopping l… Continue reading BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions→