Author Archives: Ravie Lakshmanan

A popular Chinese-language YouTube channel has emerged as a means to distribute a trojanized version of a Windows installer for the Tor Browser.
Kaspersky dubbed the campaign OnionPoison, with all of the victims located in China. The scale of the atta… Continue reading Popular YouTube Channel Caught Distributing Malicious Tor Browser Installer→

Researchers have disclosed details about a now-patched high-severity security flaw in Packagist, a PHP software package repository, that could have been exploited to mount software supply chain attacks.
“This vulnerability allows gaining control of Pa… Continue reading Researchers Report Supply Chain Vulnerability in Packagist PHP Repository→

A 46-year-old man in the U.S. has been sentenced to 25 years in prison after being found guilty of laundering over $9.5 million accrued by carrying out cyber-enabled financial fraud.
Elvis Eghosa Ogiekpolor of Norcross, Georgia, operated a money laund… Continue reading BEC Scammer Gets 25-Year Jail Sentence for Stealing Over $9.5 Million→

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Binding Operational Directive (BOD) that directs federal agencies in the country to keep track of assets and vulnerabilities on their networks six months from now.
To th… Continue reading CISA Orders Federal Agencies to Regularly Track Network Assets and Vulnerabilities→

Australian telecom giant Optus on Monday confirmed that nearly 2.1 million of its current and former customers suffered a leak of their personal information and at least one form of identification number as a result of a data breach late last month.
T… Continue reading Optus Hack Exposes Data of Nearly 2.1 Million Australian Telecom Customers→

A threat actor likely with associations to China has been attributed to a new supply chain attack that involves the use of a trojanized installer for the Comm100 Live Chat application to distribute a JavaScript backdoor.
Cybersecurity firm CrowdStrike… Continue reading Comm100 Chat Provider Hijacked to Spread Malware in Supply Chain Attack→

The recently discovered Linux-Based ransomware strain known as Cheerscrypt has been attributed to a Chinese cyber espionage group known for operating short-lived ransomware schemes.
Cybersecurity firm Sygnia attributed the attacks to a threat actor it… Continue reading Researchers Link Cheerscrypt Linux-Based Ransomware to Chinese Hackers→

The North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver, highlighting new tactics adopted by the state-sponsored adversary.
The Bring Your Own Vulnerable Driver (BY… Continue reading Hackers Exploiting Dell Driver Vulnerability to Deploy Rootkit on Targeted Computers→

A former U.S. National Security Agency (NSA) employee has been arrested on charges of attempting to sell classified information to a foreign spy, who was actually an undercover agent working for the Federal Bureau of Investigation (FBI).
Jareh Sebasti… Continue reading Ex-NSA Employee Arrested for Trying to Sell U.S. Secrets to a Foreign Government→

Microsoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached Exchange servers by chaining the two newly disclosed zero-day flaws in a limited set of attacks aimed at less than 10 organizations globally… Continue reading State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations→