Author Archives: Ravie Lakshmanan

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
Tracked as CVE-2022-303… Continue reading CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems→

As many as 121 new security flaws were patched by Microsoft as part of its Patch Tuesday updates for the month of August, which also includes a fix for a Support Diagnostic Tool vulnerability that the company said is being actively exploited in the wi… Continue reading Microsoft Issues Patches for 121 Flaws, Including Zero-Day Under Active Attack→

Customer engagement platform Twilio on Monday disclosed that a “sophisticated” threat actor gained “unauthorized access” using an SMS-based phishing campaign aimed at its staff to gain information on a “limited number” of accounts.
The social-engineer… Continue reading Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack→

The U.S. Treasury Department on Monday placed sanctions against crypto mixing service Tornado Cash, citing its use by the North Korea-backed Lazarus Group in the high-profile hacks of Ethereum bridges to launder and cash out the ill-gotten money.
Torn… Continue reading U.S. Sanctions Virtual Currency Mixer Tornado Cash for Alleged Use in Laundering→

In what’s yet another instance of malicious packages creeping into public code repositories, 10 modules have been removed from the Python Package Index (PyPI) for their ability to harvest critical data points such as passwords and API tokens.
The pack… Continue reading 10 Credential Stealing Python Libraries Found on PyPI Repository→

Over a dozen military-industrial complex enterprises and public institutions in Afghanistan and Europe have come under a wave of targeted attacks since January 2022 to steal confidential data by simultaneously making use of six different backdoors.
Ru… Continue reading Chinese Hackers Targeted Dozens of Industrial Enterprises and Public Institutions→

A new botnet named Orchard has been observed using Bitcoin creator Satoshi Nakamoto’s account transaction information to generate domain names to conceal its command-and-control (C2) infrastructure.
“Because of the uncertainty of Bitcoin transactions,… Continue reading New Orchard Botnet Uses Bitcoin Founder’s Account Info to Generate Malicious Domains→

A sophisticated scam-as-a-service operation dubbed Classiscam has now infiltrated into Singapore, more than 1.5 years after expanding to Europe.
“Scammers posing as legitimate buyers approach sellers with the request to purchase goods from their listi… Continue reading Researchers Uncover Classiscam Scam-as-a-Service Operations in Singapore→

Facebook parent company Meta disclosed that it took action against two espionage operations in South Asia that leveraged its social media platforms to distribute malware to potential targets.
The first set of activities is what the company described a… Continue reading Meta Cracks Down on Cyber Espionage Operations in South Asia Abusing Facebook→

A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022.
“This family borrows heavily from the original Mirai source code, but what separates it from other IoT malwar… Continue reading New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack→