CVE-2021-29607
Summary: TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in `SparseAdd` results in allowing attackers to...
What Cybercriminals Do with Your Personal Information? Here’s How to Defend
We all know that data breach is a major issue that can cause devastating damage to organizations and individuals, but...
Trust Wallet & MetaMask Crypto Wallets: Targeted by New Support Scam
Users of Trust Wallet and MetaMask wallets are the targets of ongoing malicious Twitter phishing attacks aimed at stealing cryptocurrency...
Information security exercises will be held at five cyber polygons in Russia
Russian President Vladimir Putin has set the task of digital transformation of key sectors of the economy. Therefore, to protect...
Ransomware Attacks Growing at a Fast Rate
Ransomware has become a burning concern to every office in the world which wasn't even existing 30 years before. Probably...
Google and Mozilla Develop an API for HTML Sanitization
Google, Mozilla, and Cure53 engineers have collaborated to create an application programming interface (API) that offers a comprehensive solution to...
Bizarro banking Trojan expands its attacks to Europe
Bizarro is yet another banking Trojan family originating from Brazil that is now found in other regions of the world....
Corsair_Scan – A Security Tool To Test Cross-Origin Resource Sharing (CORS)
Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS) misconfigurations. CORS is a mechanism that allows restricted resources...
Eyeballer – Convolutional Neural Network For Analyzing Pentest Screenshots
Eyeballer is meant for large-scope network penetration tests where you need to find "interesting" targets from a huge set of...
Android stalkerware, a danger for victims and stalkers
ESET research shows that Android stalkerware apps are affected by vulnerabilities that further threaten victims. ESET research reveals that common...
Expert released PoC exploit code for Windows CVE-2021-31166 bug
A security researcher has published a working proof-of-concept exploit code for a wormable Windows IIS server vulnerability tracked as CVE-2021-31166....
Bitcoin down: 51% attack? No, put the blame on Elon Musk
The price of Bitcoin falls after Elon Musk declared that its company, Tesla, may have sold holdings of the cryptocurrency...
Conti ransomware demanded $20M ransom to Ireland Health Service Executive
Ireland Health Service Executive (HSE) refuses to pay a $20 million ransom demand after its systems were hit by the Conti...
Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia
Avaddon ransomware gang has breached the France-based financial consultancy firm Acer Finance. Avaddon ransomware gang made the headlines again, the...
CVE-2021-1421
Summary: A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to perform a command...
CVE-2020-26999
Summary: A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications...
CVE-2020-27001
Summary: A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications...
CVE-2020-27002
Summary: A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications...
CVE-2021-31616
Summary: Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted...
A week in security (May 10 – 16)
Last week on Malwarebytes Labs, we watched and reported on the Colonial Pipeline ransomware attack as developments of its story...
Beware of Lorenz Ransomware Gang Targeting Organizations with Customized Attacks
Security researchers have unearthed a new ransomware operation known as Lorenz targeting organizations worldwide with customized attacks and demanding hundreds...
Signal Taunts WhatsApp as Confusion Looms Large Over its New Privacy Policy
WhatsApp will take action against users who have not approved the privacy policy though it will not delete users' accounts...
Remote Access Trojans Target Aerospace and Travel Industries
Earlier this week, Microsoft Security Intelligence tweeted that somehow a remote access Trojan (RAT) campaign was being tracked by them...
FIN7 is Spreading a Backdoor Called Lizar
Under the pretext of being a Windows pen-testing platform for ethical hackers, the infamous FIN7 cybercrime gang, a financially motivated...
