Author Archives: Ravie Lakshmanan

A technically sophisticated threat actor known as SeaFlower has been targeting Android and iOS users as part of an extensive campaign that mimics official cryptocurrency wallet websites intending to distribute backdoored apps that drain victims’ funds… Continue reading Chinese Hackers Distribute Backdoored Web3 Wallets for iOS and Android Users→

A Chinese advanced persistent threat (APT) known as Gallium has been observed using a previously undocumented remote access trojan in its espionage attacks targeting companies operating in Southeast Asia, Europe, and Africa.
Called PingPull, the “diff… Continue reading Chinese ‘Gallium’ Hackers Using New PingPull Malware in Cyberespionage Attacks→

Windows and Linux systems are being targeted by a ransomware variant called HelloXD, with the infections also involving the deployment of a backdoor to facilitate persistent remote access to infected hosts.
“Unlike other ransomware groups, this ransom… Continue reading HelloXD Ransomware Installing Backdoor on Targeted Windows and Linux Systems→

A novel hardware attack dubbed PACMAN has been demonstrated against Apple’s M1 processor chipsets, potentially arming a malicious actor with the capability to gain arbitrary code execution on macOS systems.
It leverages “speculative execution attacks … Continue reading MIT Researchers Discover New Flaw in Apple M1 CPUs That Can’t Be Patched→

A new research undertaken by a group of academics from the University of California San Diego has revealed for the first time that Bluetooth signals can be fingerprinted to track smartphones (and therefore, individuals).
The identification, at its cor… Continue reading Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones→

Cybercriminals are impersonating popular crypto platforms such as Binance, Celo, and Trust Wallet with spoofed emails and fake login pages in an attempt to steal login details and deceptively transfer virtual funds.
“As cryptocurrency and non-fungible… Continue reading Researchers Detail How Cyber Criminals Targeting Cryptocurrency Users→

As many as eight zero-day vulnerabilities have been disclosed in Carrier’s LenelS2 HID Mercury access control system that’s used widely in healthcare, education, transportation, and government facilities.
“The vulnerabilities uncovered allowed us to d… Continue reading Researchers Disclose Critical Flaws in Industrial Access Control System from Carrier→

A newly designed privacy-sensitive architecture aims to enable developers to create smart home apps in a manner that addresses data sharing concerns and puts users in control over their personal information. 
Dubbed Peekaboo by researchers from Carneg… Continue reading New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing→

A previously undocumented Chinese-speaking advanced persistent threat (APT) actor dubbed Aoqin Dragon has been linked to a string of espionage-oriented attacks aimed at government, education, and telecom entities chiefly in Southeast Asia and Australi… Continue reading A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia→

Cybersecurity researchers have taken the wraps off what they call a “nearly-impossible-to-detect” Linux malware that could be weaponized to backdoor infected systems.
Dubbed Symbiote by threat intelligence firms BlackBerry and Intezer, the stealthy ma… Continue reading Symbiote: A Stealthy Linux Malware Targeting Latin American Financial Sector→