Backups are not a simple ransomware defense, with Matt Crape: Lock and Code S02E17
A recent spate of ransomware attacks in the US and abroad have derailed major corporations, spurring a fuel shortage on...
A week in security (Sept 6 – Sept 12)
Last week on Malwarebytes Labs Apple delays plans to search devices for child abuse imagery.ProtonMail hands user’s IP address and...
GitHub Identifies Multiple Security Vulnerabilities in Node.js Packages
Cybersecurity researchers at GitHub have uncovered arbitrary code execution vulnerabilities in the open-source Node.js packages, "tar" and "@npmcli/arborist,". The tar package...
TESLA FSD Beta Software Leaked Days Before the Release of Version 10
Full Self Driving (FSD) beta software of the TESLA car has been leaked, and it is circulated in and around...
Microsoft Alerted Azure Customers of Bug That Could Have Allowed Hackers to Access Data
Microsoft alerted some Azure cloud computing users that a vulnerability uncovered by security experts might have given hackers access to...
Scammers in Russia Offer Free Bitcoin on a Hacked Government Website
The website of the Russian government was recently hacked. The fraudsters started a phoney Bitcoin (BTC) scheme, which they then...
Incident response analyst report 2020
Download full report (PDF) The Incident response analyst report provides insights into incident investigation services conducted by Kaspersky in 2020....
US-CERT Bulletin (SB21-256):Vulnerability Summary for the Week of September 6, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Peirates – Kubernetes Penetration Testing Tool
What is Peirates?Peirates, a Kubernetes penetration tool, enables an attacker to escalate privilege and pivot through a Kubernetes cluster. It...
Gokart – A Static Analysis Tool For Securing Go Code
GoKart is a static analysis tool for Go that finds vulnerabilities using the SSA (single static assignment) form of Go...
New Spook.Js attack allows to bypass Google Chrome Site Isolation protections
Spook.js is a new side-channel attack on modern processors that can allow bypassing Site Isolation protections implemented in Google Chrome. Boffins...
BlackMatter ransomware gang hit Technology giant Olympus
Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the...
The new maxtrilha trojan is being disseminated and targeting several banks
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers...
Department of Justice and Constitutional Development of South Africa hit by a ransomware attack
The Department of Justice and Constitutional Development of South Africa was hit by a ransomware attack that crippled bail services....
Google implements new Private Compute Services for Android
Google introduces Private Compute Services, a collection of services aimed at designing to improve privacy in the Android operating system....
CVE-2021-0586
Summary: In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device...
CVE-2021-37694
Summary: @asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. In versions prior to 0.7.0 arbitrary code injection was possible when...
CVE-2021-39141
Summary: XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may...
CVE-2021-39144
Summary: XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may...
CVE-2021-28631
Summary: Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an...
Thousands of Organizations Targeted Via ‘Operation Chimaera’
TeamTNT hacking group has enhanced its abilities by adding a set of tools that allow it to target multiple operating...
Sidewalk Backdoor Being Used By China-Linked Grayfly Gang
A recent study on a backdoor called Sidewalk has shown its attribution with Grayfly, the Chinese spy arm termed the...
Ransomware Groups are Escalating Their Attacks on Healthcare Organizations
Ransomware groups have shown no signs of declining their attacks on hospitals, apparently intensifying attacks on healthcare institutions as countries...
Mēris Botnet is the Perpetrator Behind the DDoS Attack that Hit Yandex
A new botnet dubbed Mēris has launched a record-breaking distributed denial-of-service (DDoS) attack on Russian internet company Yandex. The botnet...
