Chicago students lose data to ransomware attackers
Chicago Public Schools (CPS) disclosed on Friday that students may have had their data taken in a ransomware incident involving...
News
Update now! Nvidia released fixes for 10 flaws in Windows GPU drivers
Multiple NVIDIA graphic card models have been found to have flaws in their GPU drivers, with six medium-and four high-severity...
Cytrox’s Predator spyware used zero-day exploits in 3 campaigns
Google’s Threat Analysis Group (TAG) uncovered campaigns targeting Android users with five zero-day vulnerabilities. Google’s Threat Analysis Group (TAG) researchers...
A week in security (May 16 – 22)
Last week on Malwarebytes Labs: Fake reCAPTCHA forms dupe users via compromised WordPress sitesHow COVID-19 fuelled a surge in malwareWhy...
Threat actors target the infoSec community with fake PoC exploits
Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon....
Security Affairs newsletter Round 366 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
North Korea-linked Lazarus APT uses Log4J to target VMware servers
North Korea-linked Lazarus APT is exploiting the Log4J remote code execution (RCE) in attacks aimed at VMware Horizon servers. North...
The Pwn2Own Vancouver 2022: Trend Micro and ZDI awarded $1,155,000
The Pwn2Own Vancouver 2022 hacking contest ended, Trend Micro and ZDI awarded a total of $1,155,000 for successful attempts! During...
Asian media company Nikkei suffered a ransomware attack
The media company Nikkei has disclosed a ransomware attack and revealed that the incident might have impacted customer data. The...
Russia-linked Sandworm continues to conduct attacks against Ukraine
Security researchers from ESET reported that the Russia-linked APT group Sandworm continues to target Ukraine. Security experts from ESET reported...
Cisco fixes an IOS XR flaw actively exploited in the wild
Cisco addressed a medium-severity vulnerability affecting IOS XR Software, the company warns that the flaw is actively exploited in the...
QNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devices
Taiwanese vendor QNAP warned customers of a new wave of DeadBolt ransomware attacks and urges them to install the latest...
Pwn2Own Vancouver 2022 D2
During the second day of the Pwn2Own Vancouver 2022 hacking competition, contestants demonstrated a working exploit for Microsoft Windows 11....
Why you should act like your CEO’s password is “querty”
A poor password at the highest levels of an organisation can cost a company millions in losses. Recent findings show...
The activity of the Linux XorDdos bot increased by 254% over the last six months
Microsoft researchers have observed a spike in the activity of the Linux bot XorDdos over the last six months. XORDDoS,...
Conti ransomware is shutting down operations, what will happen now?
The Conti ransomware gang shut down its operation, and some of its administrators announced a branding of the gang. Advanced...
Detect Azure AD Hybrid Cloud Vulnerabilities
AADInternals is a PowerShell module widely used by administrators for administering Azure Active Directory (AD) and Microsoft 365 - learn...
Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware
During the first quarter of 2022, we discovered a significant number of infections using multiple new Emotet variants that employed...
Cyber risk management: Attribution strategies
Discover the importance of cyber attribution, the benefits, and the right tools to assist your efforts so you can better...
Google OAuth client library flaw allowed to deploy of malicious payloads
Google addressed a high-severity flaw in its OAuth client library for Java that could allow attackers with a compromised token...
Pwn2Own Vancouver 2022 D1: MS Teams exploits received $450,000
White hat hackers earned a total of $800,000 on the first day of the Pwn2Own Vancouver 2022, $450,000 for exploits...
How iPhones can run malware even when they’re off
Most people think that turning off their iPhone – or letting the battery die – means that the phone is,...
Cardiologist moonlighted as successful ransomware developer
The US has charged a 55-year-old French-Venezuelan cardiologist from Venezuela with “attempted computer intrusions and conspiracy to commit computer intrusions”....
China-linked Space Pirates APT targets the Russian aerospace industry
A new China-linked cyberespionage group known as ‘Space Pirates’ is targeting enterprises in the Russian aerospace industry. A previously unknown...
