Ravie Lakshmanan
Ravie Lakshmanan
CRITIC
img-contested
N/A
0 reviews
PUBLIC
img-trusted
100%
8 reviews

RECENT ARTICLES

Sort by:
No Rating
LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload

LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload

Contact/Tip UsFollow Us On Social MediaA threat actor associated with the LockBit 3.0 ransomware-as-a-service (RaaS) operation has been observed abusing the Windows Defender command-line tool to decrypt and load Cobalt Strike payloads.According to a report published by SentinelOne last week, the incident occurred after obtaining initial access via the against an unpatched VMware Horizon Server."Once initial access had been achieved, the threat actors performed a series of enumeration commands and attempted to run multiple post-exploitation tools, including Meterpreter, PowerShell Empire,...

Aug 4
Share
Save
Review
No Rating
New 'ParseThru' Parameter Smuggling Vulnerability Affects Golang-based Applications

New 'ParseThru' Parameter Smuggling Vulnerability Affects Golang-based Applications

Contact/Tip UsFollow Us On Social MediaSecurity researchers have discovered a new vulnerability called ParseThru affecting Golang-based applications that could be abused to gain unauthorized access to cloud-based applications."The newly discovered vulnerability allows a threat actor to bypass validations under certain conditions, as a result of the use of unsafe URL parsing methods built in the language," Israeli cybersecurity firm Oxeye said in a shared with The Hacker News.The issue, at its core, has to do with inconsistencies stemming from changes introduced to Golang's URL parsing...

Aug 4
Share
Save
Review
No Rating
Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike

Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike

Contact/Tip UsFollow Us On Social MediaResearchers have disclosed a new offensive framework called Manjusaka that they call is a "Chinese sibling of Sliver and Cobalt Strike.""A fully functional version of the command-and-control (C2), written in Golang with a User Interface in Simplified Chinese, is freely available and can generate new implants with custom configurations with ease, increasing the likelihood of wider adoption of this framework by malicious actors," Cisco Talos in a new report.and are legitimate adversary emulation frameworks that have been repurposed by threat actors to...

Aug 3
Share
Save
Review
No Rating
VMware Releases Patches for Several New Flaws Affecting Multiple Products

VMware Releases Patches for Several New Flaws Affecting Multiple Products

Contact/Tip UsFollow Us On Social MediaVirtualization services provider VMware on Tuesday shipped updates to affecting multiple products that could be abused by unauthenticated attackers to perform malicious actions.The issues, tracked from CVE-2022-31656 through CVE-2022-31665 (CVSS scores: 4.7 - 9.8), impact VMware Workspace ONE Access, Workspace ONE Access Connector, Identity Manager, Identity Manager Connector, vRealize Automation, Cloud Foundation, and vRealize Suite Lifecycle Manager.The most severe of the flaws is CVE-2022-31656 (CVSS score: 9.8), an authentication bypass...

Aug 3
Share
Save
Review
No Rating
Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users

Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users

Contact/Tip UsFollow Us On Social MediaA new, large-scale phishing campaign has been observed using adversary-in-the-middle (AitM) techniques to get around security protections and compromise enterprise email accounts."It uses an adversary-in-the-middle (AitM) attack technique capable of bypassing multi-factor authentication," Zscaler researchers Sudeep Singh and Jagadeeswar Ramanukolanu in a Tuesday report. "The campaign is specifically designed to reach end users in enterprises that use Microsoft's email services."Prominent targets include fintech, lending, insurance, energy,...

Aug 3
Share
Save
Review
No Rating
VirusTotal Reveals Most Impersonated Software in Malware Attacks

VirusTotal Reveals Most Impersonated Software in Malware Attacks

Contact/Tip UsFollow Us On Social MediaThreat actors are increasingly mimicking legitimate applications like Skype, Adobe Reader, and VLC Player as a means to abuse trust relationships and increase the likelihood of a successful social engineering attack.Other most impersonated legitimate apps by icon include 7-Zip, TeamViewer, CCleaner, Microsoft Edge, Steam, Zoom, and WhatsApp, an analysis from VirusTotal has revealed."One of the simplest social engineering tricks we've seen involves making a malware sample seem a legitimate program," VirusTotal in a Tuesday report. "The icon of these...

Aug 3
Share
Save
Review
No Rating
Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour

Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour

Contact/Tip UsFollow Us On Social MediaA late-stage candidate encryption algorithm that was meant to withstand decryption by powerful quantum computers in the future has been trivially cracked by using a computer running Intel Xeon CPU in an hour's time.The algorithm in question is SIKE — short for Supersingular Isogeny Key Encapsulation — which made it to the of the Post-Quantum Cryptography (PQC) standardization process by the U.S. Department of Commerce's National Institute of Standards and Technology (NIST)."Ran on a single core, the appended breaks the Microsoft $IKEp182 and $IKEp217...

Aug 3
Share
Save
Review
No Rating
Researchers Discover Nearly 3,200 Mobile Apps Leaking Twitter API Keys

Researchers Discover Nearly 3,200 Mobile Apps Leaking Twitter API Keys

Contact/Tip UsFollow Us On Social MediaResearchers have uncovered a list of 3,207 mobile apps that are exposing Twitter API keys in the clear, some of which can be utilized to gain unauthorized access to Twitter accounts associated with them.The takeover is made possible, thanks to a leak of legitimate Consumer Key and Consumer Secret information, respectively, Singapore-based cybersecurity firm exclusively shared with The Hacker News."Out of 3,207, 230 apps are leaking all four authentication credentials and can be used to fully take over their Twitter Accounts and can perform any...

Aug 3
Share
Save
Review
No Rating
Google Chrome Bug Could Let Hackers Bypass CSP Protection; Update Web Browsers

Google Chrome Bug Could Let Hackers Bypass CSP Protection; Update Web Browsers

Contact/Tip UsFollow Us On Social MediaIf you haven't recently updated your Chrome, Opera, or Edge web browser to the latest available version, it would be an excellent idea to do so as quickly as possible.Cybersecurity researchers on Monday disclosed details about a in Chromium-based web browsers for Windows, Mac and Android that could have allowed attackers to entirely bypass Content Security Policy (CSP) rules since Chrome 73.Tracked as (rated 6.5 on the CVSS scale), the issue stems from a CSP bypass that results in arbitrary execution of malicious code on target websites.According to...

August 14, 2020
Share
Save
Review
  • Total 9 items
  • 1
OUTLETS
thehackernews.com

thehackernews.com

CRITIC
img-contested
N/A
PUBLIC
img-trusted
100%