A week in security (October 26 – November 1)
We had a very busy week at Malwarebytes Labs. We offered advice on Google’s patch for an actively exploited zero-day...
Russian experts predict a shortage of cybersecurity specialists
Despite the funding cuts caused by the pandemic crisis, companies around the world are going to hire more and more...
Katana: New Variant of Mirai Botnet Posing Serious Threat?
A new variant of the Mirai botnet, Katana is being identified recently by the Avira Protection Lab. The botnet is...
Trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to meet the following requirements: the ability to be deployed...
PowerZure – PowerShell Framework To Assess Azure Security
For a list of functions, their usage, and more, check out https://powerzure.readthedocs.ioWhat is PowerZure?PowerZure is a PowerShell project created to...
Overview of Content Security Policies (CSPs) on the Web
A Content Security Policy is a protocol that allows a site owner to control what resources are loaded on a...
Hackers stole credit card data from JM Bullion online bullion dealer
JM Bullion, the leading online bullion dealer in the United States, has disclosed a data breach, hackers stole customers’ credit...
UK ICO fines hotel chain giant Marriott over data breach
The UK Information Commissioner’s Office fined US hotels group Marriott over the 2018 data breach that affected millions of customers...
Nuclear Regulation Authority shut down email systems after a cyber attack
Japan’s Nuclear Regulation Authority (NRA) issued a warning of temporary suspension of its email systems, likely caused by a cyber...
Maze ransomware is going out of the business
The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape...
Security Affairs newsletter Round 287
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
A data breach broker is selling account databases of 17 companies
A threat actor is offering for sale account databases containing an aggregate total of 34 million user records stolen from...
Wroba mobile banking trojan targets US smartphones
According to details Kaspersky released to the media, the new wave in the U.S. was detected Oct. 29 and targeted...
University of Vermont Health Network Suffers Cyberattack, Six Hospitals Affected
University of Vermont's health network suffered a cyberattack, which has impacted its network infrastructure. The attack has hit six Vermont...
Adaz – Automatically Deploy Customizable Active Directory Labs In Azure
This project allows you to easily spin up Active Directory labs in Azure with domain-joined workstations, Windows Event Forwarding, Kibana,...
PowerShell-Red-Team – Collection Of PowerShell Functions A Red Teamer May Use To Collect Data From A Machine
Collection of PowerShell functions a Red Teamer may use to collect data from a machine or gain access to a...
Promofarma – 1,277,761 breached accounts
In August 2109, a data breach from the Spanish online pharmacy Promofarma appeared for sale on a dark web marketplace....
Alibaba’s Online Store Redmart Suffers Data Breach of More Than Million Accounts, Experts say Company’s Fault
Lazada, a Singapore firm owned by e-commerce company Alibaba, suffered a hacking attack that cost more than one million accounts....
US President’s Twitter Account Hacked; The Ethical Hacker ‘Guessed’ The Password
According to reports by a Dutch media, US President Donald Trump's Twitter account was purportedly hacked, after a Dutch researcher...
APICheck – The DevSecOps Toolset For REST APIs
APICheck is a complete toolset designed and created for testing REST APIs. Why APICheckAPICheck focuses not only in the security...
Nethive-Project – Restructured And Collaborated SIEM And CVSS Infrastructure
The Nethive Project provides a Security Information and Event Management (SIEM) insfrastructure empowered by CVSS automatic measurements. FeaturesMachine Learning powered...
StarTribune – 2,192,857 breached accounts
In October 2019, the Minnesota-based news service StarTribune suffered a data breach which was subsequently sold on the dark web....
Vastaamo psychotherapy data breach sees the most vulnerable victims extorted
“Hell is too nice a place for these people.” Never have we seen outrage about a cybercrime at such a...
California’s Prop 24 splits data privacy supporters
California’s data privacy house is divided. On the Golden State’s November ballot this year is the question as to whether...
