Author Archives: Ravie Lakshmanan

A number of firmware security flaws uncovered in HP’s business-oriented high-end notebooks continue to be left unpatched in some devices even months after public disclosure.
Binarly, which first revealed details of the issues at the Black Hat USA conf… Continue reading High-Severity Firmware Security Flaws Left Unpatched in HP Enterprise Devices→

A state-sponsored advanced persistent threat (APT) actor newly christened APT42 (formerly UNC788) has been attributed to over 30 confirmed espionage attacks against individuals and organizations of strategic interest to the Iranian government at least… Continue reading Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents→

The U.S. Treasury Department on Friday announced sanctions against Iran’s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies.
“Since… Continue reading U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania→

More than $30 million worth of cryptocurrency plundered by the North Korea-linked Lazarus Group from online video game Axie Infinity has been recovered, marking the first time digital assets stolen by the threat actor have been seized.
“The seizures r… Continue reading U.S. Seizes Cryptocurrency Worth $30 Million Stolen by North Korean Hackers→

A zero-day flaw in a WordPress plugin called BackupBuddy is being actively exploited, WordPress security company Wordfence has disclosed.
“This vulnerability makes it possible for unauthenticated users to download arbitrary files from the affected sit… Continue reading Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million Attempts→

Multiple security vulnerabilities have been disclosed in Baxter’s internet-connected infusion pumps used by healthcare professionals in clinical environments to dispense medication to patients.
“Successful exploitation of these vulnerabilities could r… Continue reading New Vulnerabilities Reported in Baxter’s Internet-Connected Infusion Pumps→

A malicious campaign mounted by the North Korea-linked Lazarus Group targeted energy providers around the world, including those based in the United States, Canada, and Japan, between February and July 2022.
“The campaign is meant to infiltrate organi… Continue reading North Korean Lazarus Hackers Targeting Energy Providers Around the World→

A Chinese hacking group has been attributed to a new campaign aimed at infecting government officials in Europe, the Middle East, and South America with a modular malware known as PlugX.
Cybersecurity firm Secureworks said it identified the intrusions… Continue reading Chinese Hackers Target Government Officials in Europe, South America and Middle East→

Major financial and insurance companies located in French-speaking nations in Africa have been targeted over the past two years as part of a persistent malicious campaign codenamed DangerousSavanna.
Countries targeted include Ivory Coast, Morocco, Cam… Continue reading Hackers Repeatedly Targeting Financial Services in French-Speaking African Countries→

Microsoft’s threat intelligence division on Wednesday assessed that a subgroup of the Iranian threat actor tracked as Phosphorus is conducting ransomware attacks as a “form of moonlighting” for personal gain.
The tech giant, which is monitoring the ac… Continue reading Microsoft Warns of Ransomware Attacks by Iranian Phosphorus Hacker Group→