Month: January 2022

1f6a8 2

Microsoft is now disabling Excel 4.0 macros by default

January 24, 2022

Back in October 2021, Microsoft announced in an email sent to customers that it planned to disable Excel 4.0 macros...

7HWG6XUL7RH47CUB6XMT2I4ZAI 450x600 1

Warning issued over tampered QR codes

January 24, 2022

Avid readers of the Malwarebytes Labs blog are quite aware of QR code shenanigans—both within and outside of the United...

osint

Dark Souls servers taken offline over hacking fears

January 24, 2022

There’s been trouble brewing over the weekend for players of the smash-hit Dark Souls series. PvP servers (player vs player)...

CVE prog

CVE-2021-44701

January 24, 2022

Summary: Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free...

CVE prog

CVE-2022-23094

January 24, 2022

Summary: Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)...

CVE prog

CVE-2021-44049

January 24, 2022

Summary: CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain elevated privileges via a...

CVE prog

CVE-2022-0240

January 24, 2022

Summary: mruby is vulnerable to NULL Pointer Dereference Reference Links(if available): https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca CVSS Score (if available) v2: / MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P...

CVE prog

CVE-2021-25036

January 24, 2022

Summary: The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered...

osint

Russian authorities arrested the kingpin of cybercrime Infraud Organization

January 24, 2022

Russian authorities arrested four alleged members of the international cyber theft ring tracked as ‘Infraud Organization.’ In February 2008, the...

osint

Emotet spam uses unconventional IP address formats to evade detection

January 24, 2022

Experts warn Emotet malware campaign using “unconventional” IP address formats in an attempt to evade detection. Threat actors behind a...

VulnLab 1 709904

VulnLab – A Web Vulnerability Lab Project

January 24, 2022

Contact Website Linkedln Twitter Instagram Download VulnLab If you like the site, please consider joining the telegram channel or supporting...

osint

A week in security (January 17 — 23)

January 24, 2022

Last week on Malwarebytes Labs: CISA calls for urgent action against critical threatsRed Cross begs attackers to “Do the right...

Cobalt Strike

Cobalt Stike Beacon Detected – 185[.]70[.]184[.]92:80

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 116[.]62[.]146[.]245:80

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 150[.]158[.]181[.]145:5000

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 110[.]42[.]140[.]249:443

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 198[.]144[.]183[.]12:443

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 172[.]81[.]240[.]159:443

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 20[.]123[.]207[.]206:443

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 173[.]82[.]236[.]75:8080

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 47[.]106[.]150[.]125:8866

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 192[.]144[.]237[.]203:6000

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 121[.]4[.]228[.]80:80

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike

Cobalt Stike Beacon Detected – 45[.]62[.]121[.]16:1111

January 24, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

CISA

CISA: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

November 24, 2024

CISA

CISA: CISA Releases Four Industrial Control Systems Advisories

November 24, 2024

CISA

CISA: JCDC’s Industry-Government Collaboration Speeds Mitigation of CrowdStrike IT Outage

November 24, 2024

CISA

CISA: CISA Releases Three Industrial Control Systems Advisories

November 24, 2024

CISA

CISA: Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments

November 24, 2024