Author Archives: Ravie Lakshmanan

Cybersecurity researchers have detailed as many as five severe security flaws in the implementation of TLS protocol in several models of Aruba and Avaya network switches that could be abused to gain remote access to enterprise networks and steal valua… Continue reading Critical TLStorm 2.0 Bugs Affect Widely-Used Aruba and Avaya Network Switches→

An analysis of four months of chat logs spanning more than 40 conversations between the operators of Conti and Hive ransomware and their victims has offered an insight into the groups’ inner workings and their negotiation techniques.
In one exchange, … Continue reading Experts Analyze Conti and Hive Ransomware Gangs’ Chats With Their Victims→

Cybersecurity researchers have disclosed a new variant of the AvosLocker ransomware that disables antivirus solutions to evade detection after breaching target networks by taking advantage of unpatched security flaws. 
“This is the first sample we obs… Continue reading AvosLocker Ransomware Variant Using New Trick to Disable Antivirus Protection→

A Chinese-aligned cyberespionage group has been observed striking the telecommunication sector in Central Asia with versions of malware such as ShadowPad and PlugX.
Cybersecurity firm SentinelOne tied the intrusions to an actor it tracks under the nam… Continue reading Chinese Hackers Caught Exploiting Popular Antivirus Products to Target Telecom Sector→

Cybersecurity researchers have disclosed an unpatched security vulnerability that could pose a serious risk to IoT products.
The issue, which was originally reported in September 2021, affects the Domain Name System (DNS) implementation of two popular… Continue reading Unpatched DNS Related Vulnerability Affects a Wide Range of IoT Devices→

A newly discovered suspected espionage threat actor has been targeting employees focusing on mergers and acquisitions as well as large corporate transactions to facilitate bulk email collection from victim environments.
Mandiant is tracking the activi… Continue reading New Hacker Group Pursuing Corporate Employees Focused on Mergers and Acquisitions→

Cloud-based code hosting platform GitHub described the recent attack campaign involving the abuse of OAuth access tokens issued to Heroku and Travis-CI as “highly targeted” in nature.
“This pattern of behavior suggests the attacker was only listing or… Continue reading GitHub Says Recent Attack Involving Stolen OAuth Tokens Was “Highly Targeted”→

A Russian state-sponsored threat actor has been observed targeting diplomatic and government entities as part of a series of phishing campaigns commencing on January 17, 2022.
Threat intelligence and incident response firm Mandiant attributed the atta… Continue reading Russian Hackers Targeting Diplomatic Entities in Europe, Americas, and Asia→

A Chinese state-sponsored espionage group known as Override Panda has resurfaced in recent weeks with a new phishing attack with the goal of stealing sensitive information.
“The Chinese APT used a spear-phishing email to deliver a beacon of a Red Team… Continue reading Chinese “Override Panda” Hackers Resurface With New Espionage Attacks→

Google has officially released the first developer preview for the Privacy Sandbox on Android 13, offering an “early look” at the SDK Runtime and Topics API to boost users’ privacy online.
“The Privacy Sandbox on Android Developer Preview program will… Continue reading Google Releases First Developer Preview of Privacy Sandbox on Android 13→