Author Archives: Ravie Lakshmanan

A new set of phishing attacks delivering the more_eggs malware has been observed striking corporate hiring managers with bogus resumes as an infection vector, a year after potential candidates looking for work on LinkedIn were lured with weaponized jo… Continue reading Hackers Sneak ‘More_Eggs’ Malware Into Resumes Sent to Corporate Hiring Managers→

The “hotpatch” released by Amazon Web Services (AWS) in response to the Log4Shell vulnerabilities could be leveraged for container escape and privilege escalation, allowing an attacker to seize control of the underlying host.
“Aside from containers, u… Continue reading Amazon’s Hotpatch for Log4j Flaw Found Vulnerable to Privilege Escalation Bug→

An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims’ inboxes.
“The code vulnerability […] can be easily exploited by an attacker by sen… Continue reading Unpatched Bug in RainLoop Webmail Could Give Hackers Access to all Emails→

Three security vulnerabilities have been disclosed in the audio decoders of Qualcomm and MediaTek chips that, if left unresolved, could allow an adversary to remotely gain access to media and audio conversations from affected mobile devices.
According… Continue reading Critical Chipset Bugs Open Millions of Android Devices to Remote Spying→

A recent Hive ransomware attack carried out by an affiliate involved the exploitation of “ProxyShell” vulnerabilities in the Microsoft Exchange Server that were disclosed last year to encrypt an unnamed customer’s network.
“The actor managed to achiev… Continue reading New Incident Report Reveals How Hive Ransomware Targets Organizations→

The Five Eyes nations have released a joint cybersecurity advisory warning of increased malicious attacks from Russian state-sponsored actors and criminal groups targeting critical infrastructure organizations amidst the ongoing military siege on Ukra… Continue reading Five Eyes Nations Warn of Russian Cyber Attacks Against Critical Infrastructure→

Google Project Zero called 2021 a “record year for in-the-wild 0-days,” as 58 security vulnerabilities were detected and disclosed during the course of the year.
The development marks more than a two-fold jump from the previous maximum when 28 0-day e… Continue reading Google Project Zero Detects a Record Number of Zero-Day Exploits in 2021→

Details have emerged about a now-patched security vulnerability in the Snort intrusion detection and prevention system that could trigger a denial-of-service (DoS) condition and render it powerless against malicious traffic.
Tracked as CVE-2022-20685,… Continue reading Researchers Detail Bug That Could Paralyze Snort Intrusion Detection System→

Identity and access management provider Okta on Tuesday said it concluded its probe into the breach of a third-party vendor in late January 2022 by the LAPSUS$ extortionist gang and that it was far more limited in scope.
Stating that the “impact of th… Continue reading Okta Says Security Breach by Lapsus$ Hackers Impacted Only Two of Its Customers→

A security flaw in the Windows Print Spooler component that was patched by Microsoft in February is being actively exploited in the wild, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned.
To that end, the agency has added th… Continue reading Hackers Exploiting Recently Reported Windows Print Spooler Vulnerability in the Wild→