Author Archives: Ravie Lakshmanan

Three high-impact Unified Extensible Firmware Interface (UEFI) security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices.
Tr… Continue reading New Lenovo UEFI Firmware Vulnerabilities Affect Millions of Laptops→

A previously unknown zero-click exploit in Apple’s iMessage was used to install mercenary spyware from NSO Group and Candiru against at least 65 individuals as part of a “multi-year clandestine operation.”
“Victims included Members of the European Par… Continue reading Experts Uncover Spyware Attacks Against Catalan Politicians and Activists→

GitHub on Monday noted that it had notified all victims of an attack campaign, which involved an unauthorized party downloading private repository contents by taking advantage of third-party OAuth user tokens maintained by Heroku and Travis CI.
“Custo… Continue reading GitHub Notifies Victims Whose Private Data Was Accessed Using OAuth Tokens→

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI) and the Treasury Department, warned of a new set of ongoing cyber attacks carried out by the Lazarus Group targeting blockchain comp… Continue reading FBI, U.S. Treasury and CISA Warn of North Korean Hackers Targeting Blockchain Companies→

An 18-month-long analysis of the PYSA ransomware operation has revealed that the cybercrime cartel followed a five-stage software development cycle from August 2020, with the malware authors prioritizing features to improve the efficiency of its workf… Continue reading Researchers Share In-Depth Analysis of PYSA Ransomware Group→

Cybersecurity researchers have disclosed an advanced version of the SolarMarker malware that packs in new improvements with the goal of updating its defense evasion abilities and staying under the radar.
“The recent version demonstrated an evolution f… Continue reading New SolarMarker Malware Variant Using Updated Techniques to Stay Under the Radar→

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new wave of social engineering campaigns delivering IcedID malware and leveraging Zimbra exploits with the goal of stealing sensitive information.
Attributing the IcedID phishin… Continue reading New Hacking Campaign Targeting Ukrainian Government with IcedID Malware→

Elementor, a WordPress website builder plugin with over five million active installations, has been found to be vulnerable to an authenticated remote code execution flaw that could be abused to take over affected websites.
Plugin Vulnerabilities, whic… Continue reading Critical RCE Flaw Reported in WordPress Elementor Website Builder Plugin→

The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity’s Ronin Network last month.
On Thursday, the Treasury tied the Ethereum wallet address that … Continue reading Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector→

Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations.
“An attacker abused stole… Continue reading GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens→