Author Archives: Ravie Lakshmanan

Image Source: Toptal
The notorious Emotet malware has turned to deploy a new module designed to siphon credit card information stored in the Chrome web browser.
The credit card stealer, which exclusively singles out Chrome, has the ability to exfiltrat… Continue reading New Emotet Variant Stealing Users’ Credit Card Information from Google Chrome→

An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), even as the Follina flaw continues to be exploited in the wild.
The issue — referenced as DogWalk — relates … Continue reading Researchers Warn of Unpatched “DogWalk” Microsoft Windows Vulnerability→

U.S. cybersecurity and intelligence agencies have warned about China-based state-sponsored cyber actors leveraging network vulnerabilities to exploit public and private sector organizations since at least 2020.
The widespread intrusion campaigns aim t… Continue reading U.S. Agencies Warn About Chinese Hackers Targeting Telecoms and Network Service Providers→

An illicit online marketplace known as SSNDOB was taken down in operation led by U.S. law enforcement agencies, the Department of Justice (DoJ) announced Tuesday.
SSNDOB trafficked in personal information such as names, dates of birth, credit card num… Continue reading FBI Seizes ‘SSNDOB’ ID Theft Service for Selling Personal Info of 24 Million People→

The threat cluster dubbed UNC2165, which shares numerous overlaps with a Russia-based cybercrime group known as Evil Corp, has been linked to multiple LockBit ransomware intrusions in what’s seen as an attempt by the latter to get around sanctions imp… Continue reading Evil Corp Cybercrime Group Shifts to LockBit Ransomware to Evade Sanctions→

Apple has introduced a Rapid Security Response feature in iOS 16 and macOS Ventura that’s designed to deploy security fixes without the need for a full operating system version update.
“macOS security gets even stronger with new tools that make the Ma… Continue reading Apple’s New Feature Will Install Security Updates Automatically Without Full OS Update→

A new wave of phishing campaigns has been observed spreading a previously documented malware called SVCReady.
“The malware is notable for the unusual way it is delivered to target PCs — using shellcode hidden in the properties of Microsoft Office docu… Continue reading Researchers Warn of Spam Campaign Targeting Victims with SVCReady Malware→

10 of the most prolific mobile banking trojans have set their eyes on 639 financial applications that are available on the Google Play Store and have been cumulatively downloaded over 1.01 billion times.
Some of the most targeted apps include Walmart-… Continue reading 10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users→

Cybersecurity researchers have disclosed two unpatched security vulnerabilities in the open-source U-Boot boot loader.
The issues, which were uncovered in the IP defragmentation algorithm implemented in U-Boot by NCC Group, could be abused to achieve … Continue reading Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices→

Microsoft’s Digital Crimes Unit (DCU) last week disclosed that it had taken legal proceedings against an Iranian threat actor dubbed Bohrium in connection with a spear-phishing operation.
The adversarial collective is said to have targeted entities in… Continue reading Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers→