Author Archives: Ravie Lakshmanan

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed critical flaw impacting Atlassian’s Bitbucket Server and Data Center to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active … Continue reading CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability→

Threat actors have been found deploying never-before-seen post-compromise implants in VMware’s virtualization software to seize control of infected systems and evade detection.
Google’s Mandiant threat intelligence division referred to it as a “novel … Continue reading New Malware Families Found Targeting VMware ESXi Hypervisors→

An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks against Middle Eastern governments.
Broadcom’s Symantec Threat Hunter Team attributed the u… Continue reading Cyber Attacks Against Middle East Governments Hide Malware in Windows logo→

A social engineering campaign leveraging job-themed lures is weaponizing a years-old remote code execution flaw in Microsoft Office to deploy Cobalt Strike beacons on compromised hosts.
“The payload discovered is a leaked version of a Cobalt Strike be… Continue reading New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons→

A “highly operational, destructive, and sophisticated nation-state activity group” with ties to North Korea has been weaponizing open source software in their social engineering campaigns aimed at companies around the world since June 2022.
Microsoft’… Continue reading North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks→

Microsoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following reports of in-the-wild exploitation.
“The first vulnerability, identified as CVE-2022-41040, is a Server-Sid… Continue reading Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild→

Security researchers are warning of previously undisclosed flaws in fully patched Microsoft Exchange servers being exploited by malicious actors in real-world attacks to achieve remote code execution on affected systems.
That’s according to Vietnamese… Continue reading WARNING: New Unpatched Microsoft Exchange Zero-Day Under Active Exploitation→

A Brazilian threat actor known as Prilex has resurfaced after a year-long operational hiatus with an advanced and complex malware to steal money by means of fraudulent transactions.
“The Prilex group has shown a high level of knowledge about credit an… Continue reading Brazilian Prilex Hackers Resurfaced With Sophisticated Point-of-Sale Malware→

A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to deploy an unknown payload on compromised machines.
The highly-targeted intrus… Continue reading Researchers Uncover Covert Attack Campaign Targeting Military Contractors→

A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform.
Leaked details include usernames, email addresses, password hashe… Continue reading Swachh City Platform Suffers Data Breach Leaking 16 Million User Records→