Let’s give a look at the Dark Web Price Index 2022
PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces....
News
It’s official, today you can say goodbye to Internet Explorer. Or can you?
Today, the Internet Explorer (IE) 11 desktop application goes out of support and will be retired for certain versions of...
Email compromise leads to healthcare data breach at Kaiser Permanente
At least 69,000 people have been impacted by a data breach at Kaiser Permanente, a long-running managed healthcare consortium. The...
A flaw in Zimbra email suite allows stealing login credentials of the users
A high-severity vulnerability in the Zimbra email suite could be exploited by an unauthenticated attacker to steal login credentials of...
Addressing Cyber Risk with a Unified Platform
Hear from guest speaker, Forrester analyst, Allie Mellen, as she shares insights and advice on the factors firms should consider...
Karakurt extortion group: Threat profile
The FBI (Federal Bureau of Investigation), together with CISA (Cybersecurity and Infrastructure Security Agency) and other federal agencies, recently released...
Instagram scam steals your selfies to trick your friends
What would you do if a friend of yours set up a NSFW account, and then used it to follow...
“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft
Microsoft has warned that “multiple adversaries and nation-state actors” are making use of the recent Atlassian Confluence RCE vulnerability. A...
Introducing Malwarebytes Vulnerability Assessment for OneView: How to check for Common Vulnerabilities and Exposures (CVEs)
Malwarebytes is happy to announce our Vulnerability Assessment module for OneView, our multi-tenant console where you can manage Malwarebytes Nebula...
Don’t panic! “Unpatchable” Mac vulnerability discovered
Researchers at MIT’s Computer Science & Artificial Intelligence Lab (CSAIL) found an attack surface in a hardware-level security mechanism utilized...
API Security Best Practices
Organizations face the constant need to protect these APIs from attacks so they can protect organizational data. Organizations are rapidly...
SeaFlower campaign distributes backdoored versions of Web3 wallets to steal seed phrases
Chinese cybercriminals are using SeaFlower backdoored versions of iOS and Android Web3 wallets to steal users’ seed phrase. Researchers from...
Experts spotted Syslogk, a Linux rootkit under development
Experts spotted a new Linux rootkit, dubbed ‘Syslogk,’ that uses specially crafted “magic packets” to activate a dormant backdoor on the...
US-CERT Bulletin (SB22-164):Vulnerability Summary for the Week of June 6, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability
Ukraine’s Computer Emergency Response Team (CERT) warns that the Russia-linked Sandworm APT group may exploit the Follina RCE vulnerability. Ukraine’s...
Taking down the IP2Scam tech support campaign
Tech support scams follow a simple business model that has not changed much over the years. After all, why change...
GALLIUM APT used a new PingPull RAT in recent campaigns
China-linked Gallium APT employed a previously undocumented RAT, tracked as PingPull, in recent cyber espionage campaign targeting South Asia, Europe,...
Update Chrome now: Four high risk vulnerabilities found
Users of Chrome have been advised to apply updates as soon as possible related to seven security vulnerabilities. CISA has...
HelloXD Ransomware operators install MicroBackdoor on target systems
Experts observed the HelloXD ransomware deploying a backdoor to facilitate persistent remote access to infected hosts. The HelloXD ransomware first appeared...
Serious vulnerabilities found in ITarian software, patches available for SaaS products
Dutch research group DIVD has identified multiple vulnerabilities in ITarian products. In cooperation with DIVD, ITarian has made patches available...
A week in security (June 6 – June 12)
Last week on Malwarebytes Labs: FBI warns of scammers soliciting donations for UkraineMicrosoft autopatch is here…but can you use it?Prometheus...
Using WiFi connection probe requests to track users
Researchers at the University of Hamburg demonstrated that WiFi connection probe requests expose users to track. A group of academics...
Security Affairs newsletter Round 369 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers
Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware...
