Author Archives: Ravie Lakshmanan

The Russia-linked APT29 nation-state actor has been found leveraging a “lesser-known” Windows feature called Credential Roaming as part of its attack against an unnamed European diplomatic entity.
“The diplomatic-centric targeting is consistent with R… Continue reading APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network→

A number of phishing campaigns are leveraging the decentralized Interplanetary Filesystem (IPFS) network to host malware, phishing kit infrastructure, and facilitate other attacks.
“Multiple malware families are currently being hosted within IPFS and … Continue reading Several Cyber Attacks Observed Leveraging IPFS Decentralized Network→

The Keksec threat actor has been linked to a previously undocumented malware strain, which has been observed in the wild masquerading as an extension for Chromium-based web browsers to enslave compromised machines into a botnet.
Called Cloud9 by secur… Continue reading Experts Warn of Browser Extensions Spying On Users via Cloud9 Chrome Botnet Network→

An updated version of a malware loader codenamed IceXLoader is suspected of having compromised thousands of personal and enterprise Windows machines across the world.
IceXLoader is a commodity malware that’s sold for $118 on underground forums for a l… Continue reading New IceXLoader Malware Loader Variant Infected Thousands of Victims Worldwide→

VMware has patched five security flaws affecting its Workspace ONE Assist solution, some of which could be exploited to bypass authentication and obtain elevated permissions.
Topping the list are three critical vulnerabilities tracked as CVE-2022-3168… Continue reading VMware Warns of 3 New Critical Flaws Affecting Workspace ONE Assist Software→

Microsoft’s latest round of monthly security updates has been released with fixes for 68 vulnerabilities spanning its software portfolio, including patches for six actively exploited zero-days.
12 of the issues are rated Critical, two are rated High, … Continue reading Install Latest Windows Update ASAP! Patches Issued for 6 Actively Exploited Zero-Days→

The Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems, researchers have warned.
“Amadey bot, the malware that is used to install LockBit, is being distributed through two methods: one using a malicious Word document … Continue reading Amadey Bot Spotted Deploying LockBit 3.0 Ransomware on Hacked Machines→

Cryptocurrency users are being targeted with a new clipper malware strain dubbed Laplas by means of another malware known as SmokeLoader.
SmokeLoader, which is delivered by means of weaponized documents sent through spear-phishing emails, further acts… Continue reading New Laplas Clipper Malware Targeting Cryptocurrency Users via SmokeLoader→

The U.S. Department of Justice (DoJ) on Monday said it seized 50,676 Bitcoin in November 2021 that was stolen in the 2012 hack of the now-defunct Silk Road dark web marketplace.
The bitcoin, which was obtained in 2012 and valued at $3.36 billion when … Continue reading U.S. Seizes Over 50K Bitcoin Worth $3.3 Billion Linked to Silk Road Dark Web→

Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident.
The attack, according to the company, was detected in its IT netwo… Continue reading Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack→