Author Archives: Ravie Lakshmanan

A Chinese state-backed advanced persistent threat (APT) group known for singling out Japanese entities has been attributed to a new long-running espionage campaign targeting new geographies, suggesting a “widening” of the threat actor’s targeting.
The… Continue reading Researchers Trace Widespread Espionage Attacks Back to Chinese ‘Cicada’ Hackers→

Email marketing service Mailchimp on Monday revealed a data breach that resulted in the compromise of an internal tool to gain unauthorized access to customer accounts and stage phishing attacks. 
The development was first reported by Bleeping Compute… Continue reading Hackers Breach Mailchimp Email Marketing Firm to Launch Crypto Phishing Scams→

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added the recently disclosed remote code execution (RCE) vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on “evidence of acti… Continue reading CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability→

At least three different advanced persistent threat (APT) groups from across the world have launched spear-phishing campaigns in mid-March 2022 using the ongoing Russo-Ukrainian war as a lure to distribute malware and steal sensitive information.
The … Continue reading Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware→

An Android spyware application has been spotted masquerading as a “Process Manager” service to stealthily siphon sensitive information stored in the infected devices.
Interestingly, the app — that has the package name “com.remote.app” — establishes co… Continue reading Researchers Uncover New Android Spyware With C2 Server Linked to Turla Hackers→

A group of academics from the University of Oxford and Armasuisse S+T has disclosed details of a new attack technique against the popular Combined Charging System (CCS) that could potentially disrupt the ability to charge electric vehicles at scale.
D… Continue reading Brokenwire Hack Could Let Remote Attackers Disrupt Charging for Electric Vehicles→

A previously undocumented “sophisticated” information-stealing malware named BlackGuard is being advertised for sale on Russian underground forums for a monthly subscription of $200.
“BlackGuard has the capability to steal all types of information rel… Continue reading Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums→

A variant of the Mirai botnet called Beastmode has been observed adopting newly disclosed vulnerabilities in TOTOLINK routers between February and March 2022 to infect unpatched devices and expand its reach potentially.
“The Beastmode (aka B3astmode) … Continue reading Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers→

A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack, including obtaining unauthorized access to publish rogue packages and execute arbitrary code.
“An atta… Continue reading 15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks→

The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang.
“Both teenagers have been char… Continue reading British Police Charge Two Teenagers Linked to LAPSUS$ Hacker Group→