Author Archives: Ravie Lakshmanan

The threat actors behind the Hive ransomware-as-a-service (RaaS) scheme have launched attacks against over 1,300 companies across the world, netting the gang $100 million in illicit payments as of November 2022.
“Hive ransomware has targeted a wide ra… Continue reading Hive Ransomware Attackers Extorted $100 Million from Over 1,300 Companies Worldwide→

An ongoing supply chain attack has been leveraging malicious Python packages to distribute malware called W4SP Stealer, with over hundreds of victims ensnared to date.
“The threat actor is still active and is releasing more malicious packages,” Checkm… Continue reading W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack→

A China-based financially motivated group is leveraging the trust associated with popular international brands to orchestrate a large-scale phishing campaign dating back as far as 2019.
The threat actor, dubbed Fangxiao by Cyjax, is said to have regis… Continue reading Chinese Hackers Using 42,000 Imposter Domains in Massive Phishing Attack Campaign→

A Ukrainian national who has been wanted by the U.S for over a decade has been arrested by Swiss authorities for his role in a notorious cybercriminal ring that stole millions of dollars from victims’ bank accounts using malware called Zeus.
Vyachesla… Continue reading FBI-Wanted Leader of the Notorious Zeus Botnet Gang Arrested in Geneva→

Multiple security vulnerabilities have been disclosed in F5 BIG-IP and BIG-IQ devices that, if successfully exploited, to completely compromise affected systems.
Cybersecurity firm Rapid7 said the flaws could be abused to remote access to the devices … Continue reading High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices→

Iranian government-sponsored threat actors have been blamed for compromising a U.S. federal agency by taking advantage of the Log4Shell vulnerability in an unpatched VMware Horizon server.
The details, which were shared by the U.S. Cybersecurity and I… Continue reading Iranian Hackers Compromised a U.S. Federal Agency’s Network Using Log4Shell Exploit→

Hackers tied to the North Korean government have been observed using an updated version of a backdoor known as Dtrack targeting a wide range of industries in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey, and the U.S.
“Dtrac… Continue reading North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor→

Hundreds of databases on Amazon Relational Database Service (Amazon RDS) are exposing personal identifiable information (PII), new findings from Mitiga, a cloud incident response company, show.
“Leaking PII in this manner provides a potential treasure… Continue reading Researchers Discover Hundreds of Amazon RDS Instances Leaking Users’ Personal Data→

Cybersecurity researchers have unearthed new samples of malware called RapperBot that are being used to build a botnet capable of launching Distributed Denial of Service (DDoS) attacks against game servers.
“In fact, it turns out that this campaign is… Continue reading Warning: New RapperBot Campaign Aims to Launch DDoS Attacks at Game Servers→

Internet behemoth Google on Tuesday said it plans to roll out Privacy Sandbox for Android in beta to mobile devices running Android 13 starting early next year.
“The Privacy Sandbox Beta will be available for ad tech and app developers who wish to tes… Continue reading Google to Roll Out Privacy Sandbox Beta on Android 13 by Early 2023→