Author Archives: Ravie Lakshmanan

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Food and Drug Administration (FDA) have issued an advisory about critical security vulnerabilities in Illumina’s next-generation sequencing (NGS) software.
Three of the flaws are rat… Continue reading CISA Warned About Critical Vulnerabilities in Illumina’s DNA Sequencing Devices→

A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office “Follina” vulnerability to target government entities in Europe and the U.S.
Enterprise security firm Proofpoint said it blocked attempt… Continue reading State-Backed Hackers Exploit Microsoft ‘Follina’ Bug to Target Entities in Europe and U.S→

Atlassian on Friday rolled out fixes to address a critical security flaw affecting its Confluence Server and Data Center products that have come under active exploitation by threat actors to achieve remote code execution.
Tracked as CVE-2022-26134, th… Continue reading Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild→

GitLab has moved to address a critical security flaw in its service that, if successfully exploited, could result in an account takeover.
Tracked as CVE-2022-1680, the issue has a CVSS severity score of 9.9 and was discovered internally by the company… Continue reading GitLab Issues Security Patch for Critical Account Takeover Vulnerability→

An “extremely sophisticated” Chinese-speaking advanced persistent threat (APT) actor dubbed LuoYu has been observed using a malicious Windows tool called WinDealer that’s delivered by means of man-on-the-side attacks.
“This groundbreaking development … Continue reading Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor→

Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium.
In addition to removing the offending accoun… Continue reading Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies→

The Parrot traffic direction system (TDS) that came to light earlier this year has had a larger impact than previously thought, according to new research.
Sucuri, which has been tracking the same campaign since February 2019 under the name “NDSW/NDSX,… Continue reading Researchers Uncover Malware Controlling Thousands of Sites in Parrot TDS Network→

Atlassian has warned of a critical unpatched remote code execution vulnerability impacting Confluence Server and Data Center products that it said is being actively exploited in the wild.
The Australian software company credited cybersecurity firm Vol… Continue reading Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability→

An analysis of leaked chats from the notorious Conti ransomware group earlier this year has revealed that the syndicate has been working on a set of firmware attack techniques that could offer a path to accessing privileged code on compromised devices… Continue reading Conti Leaks Reveal Ransomware Gang’s Interest in Firmware-based Attacks→

As ransomware infections have evolved from purely encrypting data to schemes such as double and triple extortion, a new attack vector is likely to set the stage for future campaigns.
Called Ransomware for IoT or R4IoT by Forescout, it’s a “novel, proo… Continue reading Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks→