Author Archives: Ravie Lakshmanan

Industrial engineers and operators are the target of a new campaign that leverages password cracking software to seize control of Programmable Logic Controllers (PLCs) and co-opt the machines to a botnet.
The software “exploited a vulnerability in the… Continue reading Hackers Distributing Password Cracking Tool for PLCs and HMIs to Target Industrial Systems→

Juniper Networks has pushed security updates to address several vulnerabilities affecting multiple products, some of which could be exploited to seize control of affected systems.
The most critical of the flaws affect Junos Space and Contrail Networki… Continue reading Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking→

Following the launch of a new “Data safety” section for the Android app on the Play Store, Google appears to be readying to remove the app permissions list from both the mobile app and the web.
The change was highlighted by Esper’s Mishaal Rahman earl… Continue reading Google Removes “App Permissions” List from Play Store for New “Data Safety” Section→

VoIP phones using Digium’s software have been targeted to drop a web shell on their servers as part of an attack campaign designed to exfiltrate data by downloading and executing additional payloads.
“The malware installs multilayer obfuscated PHP bac… Continue reading Hackers Targeting VoIP Servers By Exploiting Digium Phone Software→

Researchers have disclosed details about a security vulnerability in the Netwrix Auditor application that, if successfully exploited, could lead to arbitrary code execution on affected devices. 
“Since this service is typically executed with extensive… Continue reading New Netwrix Auditor Bug Could Let Attackers Compromise Active Directory Domain→

A group of academics from the New Jersey Institute of Technology (NJIT) has warned of a novel technique that could be used to defeat anonymity protections and identify a unique website visitor.
“An attacker who has complete or partial control over a w… Continue reading New Cache Side Channel Attack Can De-Anonymize Targeted Online Users→

An emerging threat cluster originating from North Korea has been linked to developing and using ransomware in cyberattacks targeting small businesses since September 2021.
The group, which calls itself H0lyGh0st after the ransomware payload of the sam… Continue reading North Korean Hackers Targeting Small and Midsize Businesses with H0lyGh0st Ransomware→

The botnet behind the largest HTTPS distributed denial-of-service (DDoS) attack in June 2022 has been linked to a spate of attacks aimed at nearly 1,000 Cloudflare customers.
Calling the powerful botnet Mantis, the web performance and security company… Continue reading Mantis Botnet Behind the Largest HTTPS DDoS Attack Targeting Cloudflare Customers→

Joshua Schulte, a former programmer with the U.S. Central Intelligence Agency (CIA), has been found guilty of leaking a trove of classified hacking tools and exploits dubbed Vault 7 to WikiLeaks.
The 33-year-old engineer had been charged in June 2018 … Continue reading Former CIA Engineer Convicted of Leaking ‘Vault 7’ Hacking Secrets to WikiLeaks→

Nation-state hacking groups aligned with China, Iran, North Korea, and Turkey have been targeting journalists to conduct espionage and spread malware as part of a series of campaigns since early 2021.
“Most commonly, phishing attacks targeting journal… Continue reading State-Backed Hackers Targeting Journalists in Widespread Espionage Campaigns→