Author Archives: Ravie Lakshmanan

Network-attached storage (NAS) appliance maker QNAP on Wednesday said it’s working on updating its QTS and QuTS operating systems after Netatalk last month released patches to contain seven security flaws in its software.
Netatalk is an open-source im… Continue reading QNAP Advises to Mitigate Remote Hacking Flaws Until Patches are Available→

A China-linked government-sponsored threat actor observed striking European diplomatic entities in March may have been targeting Russian government officials with an updated version of a remote access trojan called PlugX.
Secureworks attributed the at… Continue reading Chinese Hackers Targeting Russian Military Personnel with Updated PlugX Malware→

Google on Tuesday officially began rolling out a new “Data safety” section for Android apps on the Play Store to highlight the type of data being collected and shared with third-parties.
“Users want to know for what purpose their data is being collect… Continue reading Google’s New Safety Section Shows What Data Android Apps Collect About Users→

The U.S. government on Tuesday announced up to $10 million in rewards for information on six hackers associated with the Russian military intelligence service.
“These individuals participated in malicious cyber activities on behalf of the Russian gove… Continue reading U.S. Offers $10 Million Bounty for Information on 6 Russian Military Hackers→

A “logical flaw” has been disclosed in NPM, the default package manager for the Node.js JavaScript runtime environment, that enables malicious actors to pass off rogue libraries as legitimate and trick unsuspecting developers into installing them.
The… Continue reading NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages→

Microsoft on Tuesday disclosed a set of two privilege escalation vulnerabilities in the Linux operating system that could potentially allow threat actors to carry out an array of nefarious activities.
Collectively called “Nimbuspwn,” the flaws “can be… Continue reading Microsoft Discovers New Privilege Escalation Flaws in Linux Operating System→

The threat actor behind the prolific Emotet botnet is testing new attack methods on a small scale before co-opting them into their larger volume malspam campaigns, potentially in response to Microsoft’s move to disable Visual Basic for Applications (V… Continue reading Emotet Testing New Delivery Ideas After Microsoft Disables VBA Macros by Default→

The infamous ransomware group known as Conti has continued its onslaught against entities despite suffering a massive data leak of its own earlier this year, according to new research.
Conti, attributed to a Russia-based threat actor known as Gold Ulr… Continue reading Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak→

A state-backed threat actor with ties to the Democratic People’s Republic of Korea (DRPK) has been attributed to a spear-phishing campaign targeting journalists covering the country with the ultimate goal of deploying a backdoor on infected Windows sy… Continue reading North Korean Hackers Target Journalists with GOLDBACKDOOR Malware→

An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy the Core Impact penetration testing tool on vulnerable systems.
Tracked as CVE-2022-2… Continue reading Iranian Hackers Exploiting VMware RCE Bug to Deploy ‘Core Impact’ Backdoor→