Author Archives: Ravie Lakshmanan

The threat actor behind the malware-as-a-service (MaaS) called Eternity has been linked to new piece of malware called LilithBot.
“It has advanced capabilities to be used as a miner, stealer, and a clipper along with its persistence mechanisms,” Zscal… Continue reading Eternity Group Hackers Offering New LilithBot Malware as a Service to Cybercriminals→

Security researchers have shared details about a now-addressed security flaw in Apple’s macOS operating system that could be potentially exploited to run malicious applications in a manner that can bypass Apple’s security measures.
The vulnerability, … Continue reading Details Released for Recently Patched new macOS Archive Utility Vulnerability→

The Australian Federal Police (AFP) has arrested a 19-year-old teen from Sydney for allegedly attempting to leverage the data leaked following the Optus data breach late last month to extort victims.
The suspect is said to have carried out a text mess… Continue reading 19-Year-Old Teen Arrested for Using Leaked Optus Breach Data in SMS Scam→

A U.S. federal court jury has found former Uber Chief Security Officer Joseph Sullivan guilty of not disclosing a 2016 breach of customer and driver records to regulators and attempting to cover up the incident.
Sullivan has been convicted on two coun… Continue reading Former Uber Security Chief Found Guilty of Data Breach Coverup→

A novel Android malware called RatMilad has been observed targeting a Middle Eastern enterprise mobile device by concealing itself as a VPN and phone number spoofing app.
The mobile trojan functions as advanced spyware with capabilities that receives … Continue reading Experts Warn of New RatMilad Android Spyware Targeting Enterprise Devices→

Australia’s largest telecommunications company Telstra disclosed that it was the victim of a data breach through a third-party, nearly two weeks after Optus reported a breach of its own.
“There has been no breach of Telstra’s systems,” Narelle Devine,… Continue reading Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information→

U.S. cybersecurity and intelligence agencies on Tuesday disclosed that multiple nation-state hacking groups potentially targeted a “Defense Industrial Base (DIB) Sector organization’s enterprise network” as part of a cyber espionage campaign.
“[Advanc… Continue reading FBI, CISA, and NSA Reveal How Hackers Targeted a Defense Industrial Base Organization→

A former affiliate of the Netwalker ransomware has been sentenced to 20 years in prison in the U.S., a little over three months after the Canadian national pleaded guilty to his role in the crimes.
Sebastien Vachon-Desjardins, 35, has also been ordere… Continue reading Canadian Netwalker Ransomware Affiliate Sentenced to 20 Years in U.S. Prison→

Microsoft has revised its mitigation measures for the newly disclosed and actively exploited zero-day flaws in Exchange Server after it was found that they could be trivially bypassed.
The two vulnerabilities, tracked as CVE-2022-41040 and CVE-2022-41… Continue reading Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds→

India’s Central Bureau of Investigation (CBI) on Monday disclosed that it has detained a Russian national for allegedly hacking into a software platform used to conduct engineering entrance assessments in the country in 2021.
“The said accused was det… Continue reading Russian Hacker Arrested in India for Reportedly Helping Students Cheat in JEE-Main Exam→