Fake reCAPTCHA forms dupe users via compromised WordPress sites
Researchers at Sucuri investigated a number of WordPress websites complaining about unwanted redirects and found websites that use fake CAPTCHA...
News
Ukrainian national sentenced to 4 years in prison for selling access to hacked servers
A 28-year-old Ukrainian national has been sentenced to four years in prison for selling access to hacked servers. Glib Oleksandr...
A week in security (May 9 – 15)
Last week on Malwarebytes Labs: How to spot the signs of a virtual kidnap scamVirtual credit cards coming to Chrome:...
Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis
This blog post was authored by Hossein Jazi and Jérôme Segura Populations around the world—and in Europe in particular—are following...
Eternity Project: You can pay $260 for a stealer and $490 for a ransomware
Researchers from threat intelligence firm Cyble analyzed the Eternity Project Tor website which offers any kind of malicious code. Researchers...
How to spot the signs of a virtual kidnap scam
Threats and bluster play a key role in most online attacks: Ransomware has its ransom note; trolls threaten to ramp...
May 08 – May 14 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to Russia invasion of Ukraine from the cyber security perspective. Below...
Security Affairs newsletter Round 365 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
Ukraine CERT-UA warns of new attacks launched by Russia-linked Armageddon APT
Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign conducted by Armageddon APT using GammaLoad.PS1_v2 malware. Ukraine Computer Emergency...
Sysrv-K, a new variant of the Sysrv botnet includes new exploits
Microsoft reported that the Sysrv botnet is targeting Windows and Linux servers exploiting flaws in the Spring Framework and WordPress. Microsoft Security...
The LEGION collective calls to action to attack the final of the Eurovision song contest
The Pro-Russian volunteer movement known as LEGION is calling to launch DDoS attacks against the final of the Eurovision song...
OpRussia update: Anonymous breached other organizations
Another week has passed and Anonymous has hacked other Russian companies and leaked their data via DDoSecrets. The #OpRussia launched...
Pro-Russian hacktivists target Italy government websites
Pro-Russian hacker group Killnet targeted the websites of several Italian institutions, including the senate and the National Institute of Health....
SonicWall urges customers to fix SMA 1000 vulnerabilities
SonicWall warns customers to address several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products. SonicWall...
Sandstone CTO shares how to assess cyber risk in the cloud
Chaitanya Pinnamanemi discusses how visibility and prioritization are key to securing your digital attack surface and reducing cyber risk. If...
Zyxel fixed firewall unauthenticated remote command injection issue
Zyxel addressed a critical flaw affecting Zyxel firewall devices that allows unauthenticated, remote attackers to gain arbitrary code execution. Zyxel...
Iran-linked COBALT MIRAGE group uses ransomware in its operations
Iranian group used Bitlocker and DiskCryptor in a series of attacks targeting organizations in Israel, the US, Europe, and Australia....
S4x22: ICS Security Creates the Future
The ICS Security Event S4 was held for the first time in two years, bringing together more than 800 business...
The Difference Between Virtual Machines and Containers
Discover the key differences, use cases, and benefits of virtual machines and containers. If you like the site, please consider...
New Nerbian RAT spreads via malspam campaigns using COVID-19
Researchers spotted a new remote access trojan, named Nerbian RAT, which implements sophisticated evasion and anti-analysis techniques. Researchers from Proofpoint...
Virtual credit cards coming to Chrome: What you need to know
When you’re buying things online, reducing the exposure of payment details during transactions is one way to help reduce the...
Clearview AI banned from selling facial recognition data in the US
Clearview AI, a facial recognition software and surveillance company, is permanently banned from selling its faceprint database within the United...
Massive hacking campaign compromised thousands of WordPress websites
Researchers uncovered a massive hacking campaign that compromised thousands of WordPress websites to redirect visitors to scam sites. Cybersecurity researchers...
Cyberattacks on SATCOM networks attributed to Russian threat actors
The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have updated their joint cybersecurity advisory,...
