Author Archives: Ravie Lakshmanan

The Five Eyes nations comprising Australia, Canada, New Zealand, the U.K., and the U.S., along with Ukraine and the European Union, formally pinned Russia for masterminding an attack on an international satellite communication (SATCOM) provider that h… Continue reading E.U. Blames Russia for Cyberattack on KA-SAT Satellite Network Operated by Viasat→

Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that’s being actively exploited in the wild.
Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in… Continue reading Microsoft Releases Fix for New Zero-Day with May 2022 Patch Tuesday Updates→

The notorious ransomware operation known as REvil (aka Sodin or Sodinokibi) has resumed after six months of inactivity, an analysis of new ransomware samples has revealed.
“Analysis of these samples indicates that the developer has access to REvil’s s… Continue reading New REvil Samples Indicate Ransomware Gang is Back After Months of Inactivity→

Cybersecurity researchers have dissected the inner workings of an information-stealing malware called Saintstealer that’s designed to siphon credentials and system information.
“After execution, the stealer extracts username, passwords, credit card de… Continue reading Experts Detail Saintstealer and Prynt Stealer Info-Stealing Malware Families→

Microsoft on Monday disclosed that it mitigated a security flaw affecting Azure Synapse and Azure Data Factory that, if successfully exploited, could result in remote code execution.
The vulnerability, tracked as CVE-2022-29972, has been codenamed “Sy… Continue reading Microsoft Mitigates RCE Vulnerability Affecting Azure Synapse and Data Factory→

The U.S. Department of Transportation’s Pipeline and Hazardous Materials Safety Administration (PHMSA) has proposed a penalty of nearly $1 million to Colonial Pipeline for violating federal safety regulations, worsening the impact of the ransomware at… Continue reading U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack→

The maintainers of the RubyGems package manager have addressed a critical security flaw that could have been abused to remove gems and replace them with rogue versions under specific circumstances.
“Due to a bug in the yank action, it was possible for… Continue reading Critical Gems Takeover Bug Reported in RubyGems Package Manager→

Cybersecurity researchers have shed light on an actively maintained remote access trojan called DCRat (aka DarkCrystal RAT) that’s offered on sale for “dirt cheap” prices, making it accessible to professional cybercriminal groups and novice actors ali… Continue reading Experts Sound Alarm on DCRat Backdoor Being Sold on Russian Hacking Forums→

A new set of trojanized apps spread via the Google Play Store has been observed distributing the notorious Joker malware on compromised Android devices.
Joker, a repeat offender, refers to a class of harmful apps that are used for billing and SMS frau… Continue reading Another Set of Joker Trojan-Laced Android Apps Resurfaces on Google Play Store→

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of phishing attacks that deploy an information-stealing malware called Jester Stealer on compromised systems.
The mass email campaign carries the subject line “chemical attack” and c… Continue reading Ukrainian CERT Warns Citizens of a New Wave of Attacks Distributing Jester Malware→