CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction
At the end of May, researchers from the nao_sec team reported a new zero-day vulnerability in Microsoft Support Diagnostic Tool...
News
RSA 2022: Prometheus ransomware’s flaws inspired researchers to try to build a near-universal decryption tool
Prometheus—a ransomware build based on Thanos that locked up victims’ computers in the summer of 2021—included a major “vulnerability” that...
Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant
LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the...
Closing the Door: DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme
In this report, we investigate the reasons that the DeadBolt ransomware family is more problematic for its victims than other...
Why It’s Time to Map the Digital Attack Surface
Trend Micro research reveals struggle to control cyber risks against mounting digital attack surfaces. If you like the site, please...
Why It’s Time to Map the Digital Attack Surface
Trend Micro research reveals struggle to control cyber risks against mounting digital attack surfaces. If you like the site, please...
Microsoft Autopatch is here…but can you use it?
Updating endpoints on a network can be a daunting task. Testing before rollout can take time. Delays to patches going...
FBI warns of scammers soliciting donations for Ukraine
The FBI recently issued an announcement about a fraudulent scheme that proves there is no low that’s too low for...
US-CERT Bulletin (SB22-157):Vulnerability Summary for the Week of May 30, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Microsoft seized 41 domains used by Iran-linked Bohrium APT
Microsoft’s Digital Crimes Unit (DCU) announced the seizure of domains used by Iran-linked APT Bohrium in spear-phishing campaigns. Microsoft’s Digital Crimes...
Another nation-state actor exploits Microsoft Follina to attack European and US entities
A nation-state actor is attempting to exploit the Follina flaw in a recent wave of attacks against government entities in...
A week in security (May 30 – June 5)
Last week on Malwarebytes Labs: Intuit phish says “We have put a temporary hold on your account”The Quad commits to...
Red TIM Research discovers a Command Injection with a 9,8 score on Resi
During the bug hunting activity, Red Team Research (RTR) detected 2 zero-day bugs on GEMINI-NET, a RESI Informatica solution. It’s...
Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies
Resecurity, Inc. (USA) has identified an increase in activity within hacktivist groups conducted by a new group called “Cyber Spetsnaz”....
Tor’s (security) role in the future of the Internet, with Alec Muffett
Tor has a storied reputation in the world of online privacy. The open-source project lets people browse the Internet more...
PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online
Proof-of-concept exploits for the critical CVE-2022-26134 vulnerability in Atlassian Confluence and Data Center servers are available online. Proof-of-concept exploits for...
Security Affairs newsletter Round 368 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club
Hackers have stolen over $250,000 in Ethereum from Bored Ape Yacht Club (BAYC), this is the third security breach it...
Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild
Atlassian has addressed on Friday an actively exploited critical remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center...
Anonymous: Operation Russia after 100 days of war
Operation Russia continues, albeit much more slowly than last month, RKPLaw, Vyberi Radio, and Metprom Group are the last victims....
GitLab addressed critical account take over via SCIM email change
GitLab addresses a critical security vulnerability, tracked as CVE-2022-1680, that could be exploited by an attacker to take over users’...
LuoYu APT delivers WinDealer malware via man-on-the-side attacks
Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor An “extremely sophisticated” China-linked APT tracked as LuoYu was delivering malware...
Tutorial: How to Build Your First Node.js gRPC API
Compared to other API technologies like REST and GraphQL, gRPC is lightweight and exceptionally robust, thanks in large part to...
Ransomware: May 2022 review
The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of...
