3.8 Billion Phone Numbers of Clubhouse Users up for Sale on Dark Web
On a hacking forum, a threat actor has begun selling the confidential database of Clubhouse, which contains 3.8 billion phone...
Using MITRE D3FEND Framework (0.9.3-BETA-1)
The MITRE Corporation, one of the most respected organizations in the cybersecurity field, has released D3FEND, a complementary framework to...
TokenTactics – Azure JWT Token Manipulation Toolset
Azure JSON Web Token ("JWT") Manipulation Toolset Azure access tokens allow you to authenticate to certain endpoints as a user...
Reconmap – VAPT (Vulnerability Assessment And Penetration Testing) Automation And Reporting Platform
Reconmap is a vulnerability assessment and penetration testing (VAPT) platform. It helps software engineers and infosec pros collaborate on security...
South Africa’s logistics company Transnet SOC hit by a ransomware attack
Transnet SOC Ltd, a large South African rail, port and pipeline company, announced it was hit by a disruptive cyber attack. South Africa’s logistics company...
DIVD discloses three new unpatched Kaseya Unitrends zero-days
Experts found three new zero-day flaws in the Kaseya Unitrends service and warn users to avoid exposing the service to...
Hackers flooded the Babuk ransomware gang’s forum with gay porn images
The Babuk ransomware operators seem to have suffered a ransomware attack, threat actors flooded their forum gay orgy porn images....
Apple fixes CVE-2021-30807 flaw, the 13th zero-day this year
Apple released a security update that addresses CVE-2021-30807 flaw in macOS and iOS that may have been actively exploited to...
No More Ransom helped ransomware victims to save almost €1B
The No More Ransom initiative celebrates its fifth anniversary, over 6 million victims of ransomware attacks recover their files for...
CVE-2021-34301
Summary: A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll...
CVE-2021-34298
Summary: A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll...
CVE-2021-34329
Summary: A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter...
CVE-2021-34328
Summary: A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter...
CVE-2021-34326
Summary: A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter...
OSX.XLoader hides little except its main purpose: What we learned in the installation process
Last week, Check Point Research described a new Mac variant of malware they call XLoader. It was identified as being...
A week in security (July 19 – July 25)
Last week on Malwarebytes Labs: Stopransomware(dot)gov, a one-stop hub for ransomware resourcesBeware, crypto-scammer seeks foreigner with BLOCK CHAIN ACCOUNTRemcos RAT...
IT expert: How To Avoid being Tracked by Photos
The director of the company IT-Reserve Pavel Myasoedov spoke about how to protect yourself from surveillance using photographs.Standards that allow...
Cloud-Delivered Malware Increased 68% in Q2, Netskope Reports
Cybersecurity firm Netskope published the fifth edition of its Cloud and Threat Report that covers the cloud data risks, menaces,...
GitHub Brings Suite of Supply Chain Security Features to Go
GitHub has released a number of supply chain security updates for Go programming language modules.In a blog post published on...
Misconfigured Argo Workflows Instances Employed for Attacking Kubernetes Clusters
Intezer has discovered new Kubernetes cluster attack vectors using misconfigured instances of Argo Workflows. Threat actors have already been benefitted...
Dorothy – Tool To Test Security Monitoring And Detection For Okta Environments
Created by David French (@threatpunter) at Elastic Security Dorothy is a tool to help security teams test their monitoring and...
Juumla – Tool Designed To Identify And Scan For Version, Config Files In The CMS Joomla!
Juumla is a python tool developed to identify the current Joomla version and scan for readable Joomla config files.Installing /...
Hiding Malware inside a model of a neural network
Researchers demonstrated how to hide malware inside an image classifier within a neural network in order to bypass the defense...
Microsoft publishes mitigations for the PetitPotam attack
Microsoft published mitigations for the recently discovered PetitPotam attack that allows attackers to force remote Windows machines to share their...
