Author Archives: Ravie Lakshmanan

A recently patched critical security flaw in Atlassian Confluence Server and Data Center products is being actively weaponized in real-world attacks to drop cryptocurrency miners and ransomware payloads.
In at least two of the Windows-related incident… Continue reading Atlassian Confluence Flaw Being Used to Deploy Ransomware and Crypto Miners→

A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos’ firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack… Continue reading Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity→

An enterprise-grade surveillanceware dubbed Hermit has been put to use by entities operating from within Kazakhstan, Syria, and Italy over the years since 2019, new research has revealed.
Lookout attributed the spy software, which is equipped to targe… Continue reading Researchers Uncover ‘Hermit’ Android Spyware Used in Kazakhstan, Syria, and Italy→

WordPress websites using a widely used plugin named Ninja Forms have been updated automatically to remediate a critical security vulnerability that’s suspected of having been actively exploited in the wild.
The issue, which relates to a case of code i… Continue reading Over a Million WordPress Sites Forcibly Updated to Patch a Critical Plugin Vulnerability→

Microsoft is warning that the BlackCat ransomware crew is leveraging exploits for unpatched Exchange server vulnerabilities to gain access to targeted networks.
Upon gaining an entry point, the attackers swiftly moved to gather information about the c… Continue reading BlackCat Ransomware Gang Targeting Unpatched Microsoft Exchange Servers→

A “dangerous piece of functionality” has been discovered in Microsoft 365 suite that could be potentially abused by a malicious actor to mount attacks on cloud infrastructure and ransom files stored on SharePoint and OneDrive.
The cloud ransomware att… Continue reading A Microsoft Office 365 Feature Could Help Ransomware Hackers Hold Cloud Files Hostage→

Cybersecurity researchers have detailed a recently patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution.
Tracked as CVE-2022-25845 (CVSS score: 8.1), the issu… Continue reading High-Severity RCE Vulnerability Reported in Popular Fastjson Library→

A new strain of Android malware has been spotted in the wild targeting online banking and cryptocurrency wallet customers in Spain and Italy, just weeks after a coordinated law enforcement operation dismantled FluBot.
The information stealing trojan, … Continue reading MaliBot: A New Android Banking Trojan Spotted in the Wild→

Cisco on Wednesday rolled out fixes to address a critical security flaw affecting Email Security Appliance (ESA) and Secure Email and Web Manager that could be exploited by an unauthenticated, remote attacker to sidestep authentication.
Assigned the C… Continue reading Critical Flaw in Cisco Secure Email and Web Manager Lets Attackers Bypass Authentication→

A new Golang-based peer-to-peer (P2P) botnet has been spotted actively targeting Linux servers in the education sector since its emergence in March 2022.
Dubbed Panchan by Akamai Security Research, the malware “utilizes its built-in concurrency featur… Continue reading Panchan: A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers→