The Fault in Our kubelets: Analyzing the Security of Publicly Exposed Kubernetes Clusters
While researching cloud-native tools, our Shodan scan revealed over 200,000 publicly exposed Kubernetes clusters and kubelet ports that can be...
News
US-CERT Bulletin (SB22-143):Vulnerability Summary for the Week of May 16, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT
Trend Micro addressed a DLL hijacking issue in Trend Micro Security actively exploited by a China-linked threat group to deploy...
Instagram verification services: What are the dangers?
Instagram, like other social platforms, has a verification system for high profile accounts. A verified badge means Instagram has confirmed that...
Microsoft warns of new highly evasive web skimming campaigns
Threat actors behind web skimming campaigns are using malicious JavaScript to mimic Google Analytics and Meta Pixel scripts to avoid...
General Motors suffers credential stuffing attack
American car manufacturer General Motors (GM) says it experienced a credential stuffing attack last month. During the attack customer information...
Nation-state malware could become a commodity on dark web soon, Interpol warns
Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary...
Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware
The Google Threat Analysis Group (TAG) has revealed that of the nine zero-day vulnerabilities affecting Chrome, Android, Apple and Microsoft...
Unknown APT group has targeted Russia repeatedly since Ukraine invasion
An unknown Advanced Persistent Threat (APT) group has targeted Russian government entities with at least four separate spear phishing campaigns...
ISaPWN – research on the security of ISaGRAF Runtime
In early 2020, we notified the Rockwell Automation Product Security Incident Response Team (RA PSIRT) of several vulnerabilities we had...
Russia-linked Turla APT targets Austria, Estonia, and NATO platform
Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College....
Russia-linked Fronton botnet could run disinformation campaigns
Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed...
Hunting down your data with Whitney Merrill: Lock and Code S03E11
Depending on where you live, you can ask a company to hand over all the data it has collected about...
A flaw in PayPal can allow attackers to steal money from users’ account
A security researcher announced the discovery of an unpatched flaw in PayPal that could allow attackers to steal money from...
Chicago students lose data to ransomware attackers
Chicago Public Schools (CPS) disclosed on Friday that students may have had their data taken in a ransomware incident involving...
Update now! Nvidia released fixes for 10 flaws in Windows GPU drivers
Multiple NVIDIA graphic card models have been found to have flaws in their GPU drivers, with six medium-and four high-severity...
Cytrox’s Predator spyware used zero-day exploits in 3 campaigns
Google’s Threat Analysis Group (TAG) uncovered campaigns targeting Android users with five zero-day vulnerabilities. Google’s Threat Analysis Group (TAG) researchers...
A week in security (May 16 – 22)
Last week on Malwarebytes Labs: Fake reCAPTCHA forms dupe users via compromised WordPress sitesHow COVID-19 fuelled a surge in malwareWhy...
Threat actors target the infoSec community with fake PoC exploits
Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon....
Security Affairs newsletter Round 366 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
North Korea-linked Lazarus APT uses Log4J to target VMware servers
North Korea-linked Lazarus APT is exploiting the Log4J remote code execution (RCE) in attacks aimed at VMware Horizon servers. North...
The Pwn2Own Vancouver 2022: Trend Micro and ZDI awarded $1,155,000
The Pwn2Own Vancouver 2022 hacking contest ended, Trend Micro and ZDI awarded a total of $1,155,000 for successful attempts! During...
Asian media company Nikkei suffered a ransomware attack
The media company Nikkei has disclosed a ransomware attack and revealed that the incident might have impacted customer data. The...
Russia-linked Sandworm continues to conduct attacks against Ukraine
Security researchers from ESET reported that the Russia-linked APT group Sandworm continues to target Ukraine. Security experts from ESET reported...
