Massive increase in XorDDoS Linux malware in last six months
Microsoft says it’s recorded a massive increase in XorDDoS activity (254 percent) in the last six months. XorDDoS, a Linux...
News
How the Saitama backdoor uses DNS tunnelling
Thanks to the Malwarebytes Threat Intelligence Team for the information they provided for this article. Understandably, a lot of cybersecurity...
Chaining Zoom bugs is possible to hack users in a chat by sending them a message
Security flaws in Zoom can be exploited to compromise another user over chat by sending specially crafted messages. A set...
Update now! Multiple vulnerabilities patched in Google Chrome
Google has announced an update for the Chrome browser that includes 32 security fixes. The severity rating for one of...
CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure...
The Fault in Our kubelets: Analyzing the Security of Publicly Exposed Kubernetes Clusters
While researching cloud-native tools, our Shodan scan revealed over 200,000 publicly exposed Kubernetes clusters and kubelet ports that can be...
US-CERT Bulletin (SB22-143):Vulnerability Summary for the Week of May 16, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT
Trend Micro addressed a DLL hijacking issue in Trend Micro Security actively exploited by a China-linked threat group to deploy...
Instagram verification services: What are the dangers?
Instagram, like other social platforms, has a verification system for high profile accounts. A verified badge means Instagram has confirmed that...
Microsoft warns of new highly evasive web skimming campaigns
Threat actors behind web skimming campaigns are using malicious JavaScript to mimic Google Analytics and Meta Pixel scripts to avoid...
General Motors suffers credential stuffing attack
American car manufacturer General Motors (GM) says it experienced a credential stuffing attack last month. During the attack customer information...
Nation-state malware could become a commodity on dark web soon, Interpol warns
Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary...
Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware
The Google Threat Analysis Group (TAG) has revealed that of the nine zero-day vulnerabilities affecting Chrome, Android, Apple and Microsoft...
Unknown APT group has targeted Russia repeatedly since Ukraine invasion
An unknown Advanced Persistent Threat (APT) group has targeted Russian government entities with at least four separate spear phishing campaigns...
ISaPWN – research on the security of ISaGRAF Runtime
In early 2020, we notified the Rockwell Automation Product Security Incident Response Team (RA PSIRT) of several vulnerabilities we had...
Russia-linked Turla APT targets Austria, Estonia, and NATO platform
Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College....
Russia-linked Fronton botnet could run disinformation campaigns
Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed...
Hunting down your data with Whitney Merrill: Lock and Code S03E11
Depending on where you live, you can ask a company to hand over all the data it has collected about...
A flaw in PayPal can allow attackers to steal money from users’ account
A security researcher announced the discovery of an unpatched flaw in PayPal that could allow attackers to steal money from...
Chicago students lose data to ransomware attackers
Chicago Public Schools (CPS) disclosed on Friday that students may have had their data taken in a ransomware incident involving...
Update now! Nvidia released fixes for 10 flaws in Windows GPU drivers
Multiple NVIDIA graphic card models have been found to have flaws in their GPU drivers, with six medium-and four high-severity...
Cytrox’s Predator spyware used zero-day exploits in 3 campaigns
Google’s Threat Analysis Group (TAG) uncovered campaigns targeting Android users with five zero-day vulnerabilities. Google’s Threat Analysis Group (TAG) researchers...
A week in security (May 16 – 22)
Last week on Malwarebytes Labs: Fake reCAPTCHA forms dupe users via compromised WordPress sitesHow COVID-19 fuelled a surge in malwareWhy...
Threat actors target the infoSec community with fake PoC exploits
Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon....
