US-CERT Bulletin (SB21-305):Vulnerability Summary for the Week of October 25, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Vimana is a modular security framework designed to audit Python web applications.The base of the Vimana is composed of crawlers...
The US FBI has published a flash alert warning private organizations of the evolution of the HelloKitty ransomware (aka FiveHands)....
Ransomware attacks, despite dramatically increasing in frequency this summer, remain opaque for many potential victims. It isn’t anyone’s fault, necessarily,...
Operators behind the Squid Game cryptocurrency have exit scam making off with an estimated $2.1 million. Operators behind the Squid Game cryptocurrency have exit...
Summary: Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file...
Summary: Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file. Reference Links(if available):...
Summary: A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.0.1,...
Summary: An authorization issue was addressed with improved state management. This issue is fixed in iOS 15 and iPadOS 15....
Summary: An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS...
Data on countless celebrities, including politicians, is apparently now in the hands of ransomware attackers after a group using the...
Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. Positive...
Cybersecurity researchers uncovered a huge botnet, tracked as Pink, that already infected over 1.6 million devices most of them located...
A tool to hunt/mine for Cobalt Strike beacons and "reduce" their beacon configuration for later indexing. Hunts can either be...
Last week on Malwarebytes Labs Beyond the VPN: Ultimate online privacy with the Tor Project’s Isabela Bagueros: Lock and Code...
Meet Balikbayan Foxes: a threat group impersonating the Philippine gov’t Experts uncovered a new threat actor, tracked as Balikbayan Foxes,...
The Microsoft Detection and Response Team (DART) warns of a rise in password spray attacks targeting valuable cloud accounts. The...