Author Archives: Ravie Lakshmanan

The cybercrime group called Daixin Team has leaked sample data belonging to AirAsia, a Malaysian low-cost airline, on its data leak portal.
The development comes a little over a week after the company fell victim to a ransomware attack on November 11 … Continue reading Daixin Ransomware Gang Steals 5 Million AirAsia Passengers’ and Employees’ Data→

The notorious Emotet malware has returned with renewed vigor as part of a high-volume malspam campaign designed to drop payloads like IcedID and Bumblebee.
“Hundreds of thousands of emails per day” have been sent since early November 2022, enterprise … Continue reading Notorious Emotet Malware Returns With High-Volume Malspam Campaign→

Google has won a lawsuit filed against two Russian nationals in connection with the operation of a botnet called Glupteba, the company said last week.
The U.S. District Court for the Southern District of New York imposed monetary sanctions against the… Continue reading Google Wins Lawsuit Against Russians Linked to Blockchain-based Glupteba Botnet→

Google Cloud last week disclosed that it identified 34 different hacked release versions of the Cobalt Strike tool in the wild, the earliest of which shipped in November 2012.
The versions, spanning 1.44 to 4.7, add up to a total of 275 unique JAR fil… Continue reading Google Identifies 34 Cracked Versions of Popular Cobalt Strike Hacking Toolkit in the Wild→

The Indian government on Friday released a draft version of the much-awaited data protection regulation, making it the fourth such effort since it was first proposed in July 2018.
The Digital Personal Data Protection Bill, 2022, as it’s called, aims t… Continue reading Indian Government Publishes Draft of Digital Personal Data Protection Bill 2022→

A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware.
Microsoft, which spotted the updated malware delivery meth… Continue reading Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware→

A notorious advanced persistent threat actor known as Mustang Panda has been linked to a spate of spear-phishing attacks targeting government, education, and research sectors across the world.
The primary targets of the intrusions from May to October … Continue reading Chinese ‘Mustang Panda’ Hackers Actively Targeting Governments Worldwide→

Australian software company Atlassian has rolled out security updates to address two critical flaws affecting Bitbucket Server, Data Center, and Crowd products.
The issues, tracked as CVE-2022-43781 and CVE-2022-43782, are both rated 9 out of 10 on th… Continue reading Atlassian Releases Patches for Critical Flaws Affecting Crowd and Bitbucket Products→

Meta Platforms is said to have fired or disciplined over two dozen employees and contractors over the past year for allegedly compromising and taking over user accounts, The Wall Street Journal reported Thursday.
Some of these cases involved bribery, … Continue reading Meta Reportedly Fires Dozens of Employees for Hijacking Users’ Facebook and Instagram Accounts→

The LodaRAT malware has resurfaced with new variants that are being deployed in conjunction with other sophisticated malware, such as RedLine Stealer and Neshta.
“The ease of access to its source code makes LodaRAT an attractive tool for any threat ac… Continue reading LodaRAT Malware Resurfaces with New Variants Employing Updated Functionalities→