Author Archives: Ravie Lakshmanan

A group of academics has designed a new system known as “Privid” that enables video analytics in a privacy-preserving manner to combat concerns with invasive tracking.
“We’re at a stage right now where cameras are practically ubiquitous. If there’s a … Continue reading Privid: A Privacy-Preserving Surveillance Video Analytics System→

Cybersecurity researchers have shed more light on a malicious loader that runs as a server and executes received modules in memory, laying bare the structure of an “advanced multi-layered virtual machine” used by the malware to fly under the radar.
Ws… Continue reading Experts Detail Virtual Machine Used by Wslink Malware Loader for Obfuscation→

A threat actor dubbed “RED-LILI” has been linked to an ongoing large-scale supply chain attack campaign targeting the NPM package repository by publishing nearly 800 malicious modules.
“Customarily, attackers use an anonymous disposable NPM account fr… Continue reading A Large-Scale Supply Chain Attack Distributed Over 800 Malicious NPM Packages→

An independent security researcher has shared what’s a detailed timeline of events that transpired as the notorious LAPSUS$ extortion gang broke into a third-party provider linked to the cyber incident at Okta in late January 2022.
In a set of screens… Continue reading New Report on Okta Hack Reveals the Entire Episode LAPSUS$ Attack→

Cybersecurity firm Sophos on Monday warned that a recently patched critical security vulnerability in its firewall product is being actively exploited in real-world attacks.
The flaw, tracked as CVE-2022-1040, is rated 9.8 out of 10 on the CVSS scorin… Continue reading Critical Sophos Firewall RCE Vulnerability Under Active Exploitation→

A new email phishing campaign has been spotted leveraging the tactic of conversation hijacking to deliver the IcedID info-stealing malware onto infected machines by making use of unpatched and publicly-exposed Microsoft Exchange servers.
“The emails u… Continue reading Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware→

The operators of the Purple Fox malware have retooled their malware arsenal with a new variant of a remote access trojan called FatalRAT, while also simultaneously upgrading their evasion mechanisms to bypass security software.
“Users’ machines are ta… Continue reading ‘Purple Fox’ Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks→

Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system.
The vulnerability relates to CVE-2022-0543, a Lua sandbox escape flaw i… Continue reading Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability→

The U.S. Federal Communications Commission (FCC) on Friday moved to add Russian cybersecurity company Kaspersky Lab to the “Covered List” of companies that pose an “unacceptable risk to the national security” of the country.
The development marks the … Continue reading FCC Adds Kaspersky and Chinese Telecom Firms to National Security Threat List→

A Chinese-speaking threat actor called Scarab has been linked to a custom backdoor dubbed HeaderTip as part of a campaign targeting Ukraine since Russia embarked on an invasion last month, making it the second China-based hacking group after Mustang P… Continue reading Another Chinese Hacking Group Spotted Targeting Ukraine Amid Russia Invasion→