Author Archives: Ravie Lakshmanan

Cisco on Wednesday rolled out patches to address three security flaws affecting its products, including a high-severity weakness disclosed in NVIDIA Data Plane Development Kit (MLNX_DPDK) late last month.
Tracked as CVE-2022-28199 (CVSS score: 8.6), t… Continue reading Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products→

Former members of the Conti cybercrime cartel have been implicated in five different campaigns targeting Ukraine from April to August 2022.
The findings, which come from Google’s Threat Analysis Group (TAG), builds upon a prior report published in Jul… Continue reading Some Members of Conti Group Targeting Ukraine in Financially Motivated Attacks→

An international law enforcement operation has resulted in the dismantling of WT1SHOP, an online criminal marketplace that specialized in the sales of stolen login credentials and other personal information.
The seizure was orchestrated by Portuguese … Continue reading Authorities Shut Down WT1SHOP Site for Selling Stolen Credentials and Credit Cards→

A new piece of stealthy Linux malware called Shikitega has been uncovered adopting a multi-stage infection chain to compromise endpoints and IoT devices and deposit additional payloads.
“An attacker can gain full control of the system, in addition to … Continue reading New Stealthy Shikitega Malware Targeting Linux Systems and IoT Devices→

The prolific North Korean nation-state actor known as the Lazarus Group has been linked to a new remote access trojan called MagicRAT.
The previously unknown piece of malware is said to have been deployed in victim networks that had been initially bre… Continue reading North Korean Hackers Deploying New MagicRAT Malware in Targeted Campaigns→

A variant of the Mirai botnet known as MooBot is co-opting vulnerable D-Link devices into an army of denial-of-service bots by taking advantage of multiple exploits.
“If the devices are compromised, they will be fully controlled by attackers, who coul… Continue reading Mirai Variant MooBot Botnet Exploiting D-Link Router Vulnerabilities→

Networking equipment maker Zyxel has released patches for a critical security flaw impacting its network-attached storage (NAS) devices.
Tracked as CVE-2022-34747 (CVSS score: 9.8), the issue relates to a “format string vulnerability” affecting NAS326… Continue reading Critical RCE Vulnerability Affects Zyxel NAS Devices — Firmware Patch Released→

High-profile companies and local governments located primarily in Asia are the subjects of targeted attacks by a previously undocumented espionage group dubbed Worok that has been active since late 2020.
“Worok’s toolset includes a C++ loader CLRLoad,… Continue reading Worok Hackers Target High-Profile Asian Companies and Governments→

Cybersecurity researchers have offered insight into a previously undocumented software control panel used by a financially motivated threat group known as TA505.
“The group frequently changes its malware attack strategies in response to global cybercr… Continue reading TA505 Hackers Using TeslaGun Panel to Manage ServHelper Backdoor Attacks→

A new phishing-as-a-service (PhaaS) toolkit dubbed EvilProxy is being advertised on the criminal underground as a means for threat actors to bypass two-factor authentication (2FA) protections employed against online services.
“EvilProxy actors are usi… Continue reading New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Security→