Author Archives: Ravie Lakshmanan

Europol on Tuesday announced the dismantling of an organized crime group that dabbled in phishing, fraud, scams, and money laundering activities.
The cross-border operation, which involved law enforcement authorities from Belgium and the Netherlands, … Continue reading Europol Busts Phishing Gang Responsible for Millions in Losses→

The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022.
The switch in modus operandi, spotted by Romanian company Bitdefender, com… Continue reading RIG Exploit Kit Now Infects Victims’ PCs With Dridex Instead of Raccoon Stealer→

An advanced persistent threat (APT) actor codenamed ToddyCat has been linked to a string of attacks aimed at government and military entities in Europe and Asia since at least December 2020.
The relatively new adversarial collective is said to have co… Continue reading New ToddyCat Hacker Group on Experts’ Radar After Targeting MS Exchange Servers→

Nearly five dozen security vulnerabilities have been disclosed in devices from 10 operational technology (OT) vendors due to what researchers call are “insecure-by-design practices.”
Collectively dubbed OT:ICEFALL by Forescout, the 56 issues span as m… Continue reading Researchers Disclose 56 Vulnerabilities Impacting OT Devices from 10 Vendors→

A 36-year-old former Amazon employee was convicted of wire fraud and computer intrusions in the U.S. for her role in the theft of personal data of no fewer than 100 million people in the 2019 Capital One breach.
Paige Thompson, who operated under the … Continue reading Former Amazon Employee Found Guilty in 2019 Capital One Data Breach→

A new kind of Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System (DFS): Namespace Management Protocol (MS-DFSNM) to seize control of a domain.
“Spooler service disabled, RPC filters installed to pr… Continue reading New NTLM Relay Attack Lets Attackers Take Control Over Windows Domain→

A security flaw in Apple Safari that was exploited in the wild earlier this year was originally fixed in 2013 and reintroduced in December 2016, according to a new report from Google Project Zero.
The issue, tracked as CVE-2022-22620 (CVSS score: 8.8)… Continue reading Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild→

The operators behind BRATA have once again added more capabilities to the Android mobile malware in an attempt to make their attacks against financial apps more stealthy.
“In fact, the modus operandi now fits into an Advanced Persistent Threat (APT) a… Continue reading BRATA Android Malware Gains Advanced Mobile Threat Capabilities→

Cybersecurity researchers have disclosed details about 15 security flaws in Siemens SINEC network management system (NMS), some of which could be chained by an attacker to achieve remote code execution on affected systems.
“The vulnerabilities, if exp… Continue reading Over a Dozen Flaws Found in Siemens’ Industrial Network Management System→

The U.S. Department of Justice (DoJ) on Thursday disclosed that it took down the infrastructure associated with a Russian botnet known as RSOCKS in collaboration with law enforcement partners in Germany, the Netherlands, and the U.K.
The botnet, opera… Continue reading Authorities Shut Down Russian RSOCKS Botnet That Hacked Millions of Devices→