Chinese hackers attacked a Russian developer of military submarines
Chinese hackers reportedly attacked the Rubin Central Design Bureau for Marine Engineering (СKB Rubin), which designs submarines for the Russian...
Month: May 2021
$2 Million Cryptocurrency Controversy Linked with WallStreetBets Investors
As per a Bloomberg News story, at least $2 million of a cryptocurrency conspiracy was recently tossed from investors of...
Researchers Flag Serious Authentication Bypass Vulnerability After Pega Infinity Hotfix Released
After security researchers discovered a flaw in the Pega Infinity enterprise software platform, users are being advised to upgrade their...
Apple Covered a Mass Hack on 128 Million iPhone Users in 2015
Apple and Epic are now embroiled in a legal dispute, and as a result, some shocking material has surfaced on...
Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015
Court documents revealed that the infamous XcodeGhost malware, which has been active since 2015, infected 128 million iOS users. Documents provided in...
Google open sources cosign tool for verifying containers
Google has released a new open-source tool called cosign that could allow administrators to sign and verify the container images....
FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks
The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. The...
FBI confirmed that Darkside ransomware gang hit Colonial Pipeline
The U.S. FBI confirmed that the attack against the Colonial Pipeline over the weekend was launched by the Darkside ransomware...
CVE-2021-25148
Summary: A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba...
CVE-2021-25150
Summary: A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s):...
CVE-2021-25162
Summary: A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s):...
CVE-2017-11566
Summary: AppUse 4.0 allows shell command injection via a proxy field. Reference Links(if available): https://gist.github.com/shiham101/4807e3dea54ee0f0456c47fcd1400e97 CVSS Score (if available) v2:...
CVE-2021-31996
Summary: An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. There is a double free in merge_sort::merge()....
Alleviating ransomware’s legal headaches with Jake Bernstein: Lock and Code S02E08
This week on Lock and Code, we speak to cybersecurity and privacy attorney Jake Bernstein about ransomware attacks that don’t...
Ransomware attack shuts down Colonial Pipeline fuel supply
UPDATE 10:47 AM Pacific Time, May 10: At 8:55 AM Pacific Time, the FBI confirmed that Colonial Pipeline was attacked...
A week in security (May 3 – 9)
Last week on Malwarebytes Labs, we discussed how Spectre attacks have come back from the dead; why Facebook banned Instragram...
Sloppiness of Student Allows Ryuk Ransomware to Target Bio Research Institute
Cybersecurity vendor Sophos has revealed how using a 'crack' version of a data visualization tool was the cause of a...
Russian Actors Change Techniques After UK and US Agencies Expose Them
After the western agencies outed their techniques, Russian actors from the APT29 group responded to the expose by using a...
CaptureRx Ransomware Hit Multiple Healthcare Provider Clients
CaptureRx, a world-leading San Antonio-based Healthcare technology organization has recently witnessed a ransomware attack wherein hackers accessed the protected health...
Vulnerabilities Exposed Pelton User Data
Special security research published this week, states that unauthorized users might have been able to access confidential user information through...
Colonial Hackers Stole Data on Thursday Ahead of Shutdown
The hackers who caused Colonial Pipeline to shut down the biggest US petrol pipeline last Friday began their blitz against...
DDoS attacks in Q1 2021
News overview Q1 2021 saw the appearance of two new botnets. News broke in January of the FreakOut malware, which...
DNSObserver – A Handy DNS Service Written In Go To Aid In The Detection Of Several Types Of Blind Vulnerabilities
A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors...
CyberBattleSim – An Experimentation And Research Platform To Investigate The Interaction Of Automated Agents In An Abstract Simulated Network Environments
CyberBattleSim is an experimentation research platform to investigate the interaction of automated agents operating in a simulated abstract enterprise network...
