U.S. Treasury Department sanctions darkweb marketplace Hydra Market
The U.S. Treasury Department sanctioned the Hydra Market, the world’s largest and longest-running dark web marketplace. The U.S. Treasury Department...
News
A cyber attack forced the wind turbine manufacturer Nordex Group to shut down some of IT systems
Nordex Group, one of the largest manufacturers of wind turbines, was hit by a cyberattack that forced the company to...
Germany police shut down Hydra Market dark web marketplace
Germany’s Federal Criminal Police Office shut down Hydra Market, the Russian-language darknet marketplace specialized in drug dealing. Germany’s Federal Criminal...
Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload
Both BLISTER and SocGholish are loaders known for their evasion tactics. Our report details what these loaders are capable of...
US-CERT Bulletin (SB22-094):Vulnerability Summary for the Week of March 28, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns
Ukraine CERT-UA spotted a spear-phishing campaign conducted by Russia-linked Armageddon APT targeting local state organizations. Ukraine CERT-UA published a security...
Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique
This blog post was authored by Ankur Saini, with contributions from Hossein Jazi and Jérôme Segura Colibri Loader is a...
Anonymous targets the Russian Military and State Television and Radio propaganda
Anonymous continues to support Ukraine against the Russian criminal invasion targeting the Russian military and propaganda. Anonymous leaked personal details...
CISA advises D-Link users to take vulnerable routers offline
On April 42022, the Cybersecurity & Infrastructure Security Agency (CISA) added CVE-2021-45382 to its known exploited vulnerabilities catalog. But since...
CISA adds Spring4Shell flaw to its Known Exploited Vulnerabilities Catalog
The U.S. CISA added the recently disclosed remote code execution (RCE) vulnerability Spring4Shell to its Known Exploited Vulnerabilities Catalog. The U.S....
GitLab issues security updates; watch out for hard coded passwords
GitLab has issued several critical security updates, with users of the version control software urged to upgrade their installations as...
Spring4Shell (CVE-2022-22965): details and mitigations
Last week researchers found the critical vulnerability CVE-2022-22965 in Spring – the open source Java framework. Using the vulnerability, an...
MailChimp breached, intruders conducted phishing attacks against crypto customers
Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During...
An In-Depth Look at ICS Vulnerabilities Part 2
In part two of our three-part series, we continue to analyze vulnerabilities using MITRE ATT&CK. We also look into the...
VMware released updates to fix the Spring4Shell vulnerability in multiple products
VMware released security updates to address the critical remote code execution vulnerability known as Spring4Shell. VMware has published security updates...
5 ways to spring clean your security
It is now officailly spring in the Northern Hemisphere, and with spring and the longer days comes the inescapable urge...
Experts spotted a new Android malware while investigating by Russia-linked Turla APT
Researchers spotted a new piece of Android malware while investigating activity associated with Russia-linked APT Turla. Researchers at cybersecurity firm...
Brokenwire attack, how hackers can disrupt charging for electric vehicles
Boffins devised a new attack technique, dubbed Brokenwire, against the Combined Charging System (CCS) that could potentially disrupt charging for...
“Free easter chocolate basket” is a social media scam after your personal details
Holidays inspire fraudsters and scammers to create timely and effective ways to string people along and get them to give...
Update now! Zyxel patches critical firewall bypass vulnerability
In a security advisory Zyxel has urged customers to update because a security flaw can lead to the circumvention of...
A week in security (March 28 – April 3)
Last week on Malwarebytes Labs: New UAC-0056 activity: There’s a Go Elephant in the roomGlobant suffers network breach due to...
Borat RAT, a new RAT that performs ransomware and DDoS attacks
Cyble researchers discovered a new remote access trojan (RAT) named Borat capable of conducting DDoS and ransomware attacks. Researchers from...
Experts discovered 15-Year-Old vulnerabilities in the PEAR PHP repository
SonarSource discovered a 15-year-old flaw in the PEAR PHP repository that could have enabled supply chain attacks. Researchers from SonarSource...
China-linked APT Deep Panda employs new Fire Chili Windows rootkit
The China-linked hacking group Deep Panda is targeting VMware Horizon servers with the Log4Shell exploit to install a new Fire...
