Cloud Tech Debt Puts Millions of Apps at Risk, Says New Report
A new report has shed light on critical cloud risks, with a focus on the growing threat of cloud tech...
News
Novel Worm-Like Malware P2Pinfect Targets Redis Deployments
A new and sophisticated malware campaign named “P2Pinfect” has been observed targeting publicly-accessible deployments of the Redis data store.According to a...
Canon Inkjet Printers Expose Wi-Fi Threat
Canon has raised concerns over potential security risks linked to the disposal of inkjet printers. In a security advisory published on...
New Infostealer Uncovered in Phishing Scam Targeting Facebook Business Accounts
Unit 42 researchers have uncovered another phishing campaign designed to take over Facebook business accounts using a newly identified infostealer...
US-CERT Vulnerability Summary for the Week of July 24, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infobiltay_technology -- scienta Improper Neutralization of Special Elements used in an SQL...
US-CERT Vulnerability Summary for the Week of July 24, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infobiltay_technology -- scienta Improper Neutralization of Special Elements used in an SQL...
Uncovering RedStinger – Undetected APT cyber operations in Eastern Europe since 2020
This blog post was authored by Malwarebytes' Roberto Santos and Fortinet's Hossein Jazi While the official conflict between Russia and...
Facebook clickbait leads to money scam for users
Online criminals are notorious for lurking on social media sites and tricking users into visiting malicious links. We recently observed a scheme where Facebook users are...
The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on...
Malvertising via brand impersonation is back again
Web search is about to embark on a new journey thanks to artificial intelligence technology that online giants such as Microsoft and...
FakeSG enters the ‘FakeUpdates’ arena to deliver NetSupport RAT
Over 5 years ago, we began tracking a new campaign that we called FakeUpdates (also known as SocGholish) that used...
Ransomware review: July 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on...
Criminals target businesses with malicious extension for Meta’s Ads Manager and accidentally leak stolen accounts
Like all social media platforms, Facebook constantly has to deal with fake accounts, scams and malware. We have written about scams...
Ransomware review: June 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on...
Malicious ad for USPS fishes for banking credentials
We often think of malvertising as being malicious ads that push malware or scams, and quite rightly so these are...
Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan
Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader...
New NodeStealer Targeting Facebook Business Accounts and Crypto Wallets
Cybersecurity researchers have unearthed a Python variant of a stealer malware NodeStealer that's equipped to fully take over Facebook business...
Researchers Expose Space Pirates’ Cyber Campaign Across Russia and Serbia
The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and...
European Bank Customers Targeted in SpyNote Android Trojan Campaign
Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an...
What is Data Security Posture Management (DSPM)?
Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct...
China’s APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe
A nation-state actor with links to China is suspected of being behind a series of attacks against industrial organizations in...
Ongoing STARK#MULE Attack Campaign Discovered
Security researchers have uncovered an ongoing attack campaign dubbed STARK#MULE, which employs US military-related documents as lures to deliver malware...
CISA: New Submarine Backdoor Used in Barracuda Campaign
A Chinese threat actor that compromised federal networks by targeting Barracuda security appliances did so in part thanks to a...
SpyNote Android Spyware Strikes Financial Institutions
The Android spyware known as SpyNote has been targeting financial institutions since late 2022 while expanding its capabilities to carry...
