Why identity management matters
Today is Identity Management Day, which aims to inform the public about the dangers of casually or improperly managing and...
News
CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog
The U.S. CISA added the CVE-2022-23176 flaw in WatchGuard Firebox and XTM appliances to its Known Exploited Vulnerabilities Catalog. The U.S....
Anonymous hacked Russia’s Ministry of Culture and leaked 446 GB
The Anonymous collective has hacked Russia’s Ministry of Culture and leaked 446 GB of data through the DDoSecrets platform. Data...
US-CERT Bulletin (SB22-101):Vulnerability Summary for the Week of April 4, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
FFDroider, a new information-stealing malware disguised as Telegram app
Cybersecurity researchers spotted a new Windows information-stealing malware, named FFDroider, designed to steal credentials and cookies. Cybersecurity researchers from Zscaler...
Ransomware: March 2022 review
The Malwarebytes Threat Intelligence team continuously monitors the threat landscape to stay on top of existing and emerging attacks. In...
SuperCare Health discloses a data breach that Impacted +300K people
SuperCare Health, a leading respiratory care provider in the Western U.S, disclosed a data breach that impacted more than 300,000...
Denonia cryptominer is first malware to target AWS Lambda
Security researchers at Cado Security, a cybersecurity forensics company, recently discovered the first publicly-known malware targeting Lambda, the serverless computing...
Old Play Store apps served notice by upcoming API level changes
Starting very soon, old and outdated apps on the Google Play Store will no longer be available to download. A...
Credential-stealing malware disguises itself as Telegram, targets social media users
A credential-stealing Windows-based malware, Spyware.FFDroider, is after social media credentials and cookies, according to researchers at ThreatLabz. The version analyzed...
A week in security (April 4 – 10)
Last week on Malwarebytes Labs: Why data protection and privacy are not the same, and why that matters: Lock and...
Microsoft’s Autopatch feature improves the patch management process
Microsoft announced a feature called Autopatch that will allow organizations to keep their systems up-to-date starting with Windows Enterprise E3 (July 2022)....
Dependency Review GitHub Action prevents adding known flaws in the code
Dependency Review GitHub Action scans users’ pull requests for dependency changes and will raise an error if any new dependencies...
Securing Easy Appointments and earning CVE-2022-0482
Easy Appointments contained a very dangerous Broken Access Control vulnerability tracked as CVE-2022-0482 that was exposing PII. Another day, another...
Why data protection and privacy are not the same, and why that matters: Lock and Code S03E09
There’s a mistake commonly made in the United States that a law that was passed to help people move their...
Apr 03 – Apr 09 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective....
NB65 group targets Russia with a modified version of Conti’s ransomware
NB65 hacking group created its ransomware based on the leaked source code of the Conti ransomware and targets Russia. According...
Security Affairs newsletter Round 360 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Facebook blocked Russia and Belarus threat actors’ activity against Ukraine
Facebook/Meta said Russia-linked threat actors are attempting to use the social network against Ukraine with hate speech, bullying, and fake...
A DDoS attack took down Finnish govt sites as Ukraine’s President addresses MPs
A massive DDoS attack took down Finnish government websites while Ukrainian President Zelenskyy addressed Finland’s members of parliament (MPs). On...
SharkBot Banking Trojan spreads through fake AV apps on Google Play
Experts discovered malicious Android apps on the Google Play Store masqueraded as antivirus solutions spreading the SharkBot Trojan. Researchers from the...
China-linked threat actors target Indian Power Grid organizations
China-linked threat actors continue to target Indian power grid organizations, most of the attacks involved the ShadowPad backdoor. Recorded Future’s...
A Mirai-based botnet is exploiting the Spring4Shell vulnerability
Experts warn of a Mirai-based botnet exploiting the recently discovered Spring4Shell vulnerability in attacks in the wild. Trend Micro Threat...
CVE-2022-22965: Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware
We discovered active exploitation of a vulnerability in the Spring Framework designated as CVE-2022-22965 that allows malicious actors to download...
