News

Update now! Microsoft releases patches, including one for actively exploited zero-day

May 11, 2022

Microsoft has released patches for 74 security problems, including fixes for seven “critical” vulnerabilities, and an actively exploited zero-day vulnerability that...

Canon printer owners: Be careful of bogus driver download sites

May 11, 2022

Think of all the really common, very mundane things you search for of a tech nature. Drivers. Scanners. Printers. A...

Microsoft Patch Tuesday updates for May 2022 fixes 3 zero-days, 1 under active attack

May 11, 2022

Microsoft Patch Tuesday security updates for May 2022 address three zero-day vulnerabilities, one of them actively exploited. Microsoft Patch Tuesday...

EU condemns Russian cyber operations against Ukraine

May 11, 2022

The European Union condemns the cyberattacks conducted by Russia against Ukraine, which targeted the satellite KA-SAT network. The European Union...

Security Above and Beyond CNAPPs

May 10, 2022

How Trend Micro’s unified cybersecurity platform is transforming cloud security If you like the site, please consider joining the telegram...

Examining the Black Basta Ransomware’s Infection Routine

May 10, 2022

We analyze the Black Basta ransomware and examine the malicious actor’s familiar infection tactics. If you like the site, please...

APT34 targets Jordan Government using new Saitama backdoor

May 10, 2022

On April 26th, we identified a suspicious email that targeted a government official from Jordan’s foreign ministry. The email contained...

Microsoft fixed RCE flaw in a driver used by Azure Synapse and Data Factory

May 10, 2022

Microsoft disclosed a now-fixed vulnerability in Azure Synapse and Azure Data Factory that could have allowed remote code execution. Microsoft...

Client side scanning may cost more than it delivers

May 10, 2022

On May 11, 2022, the EU will publicize a proposal for a law on mandatory chat control. The European Commission...

“Chemical attack” email warnings deliver Jester Stealer malware

May 10, 2022

Jester Stealer, a malicious file capable of large amounts of data theft, is on the prowl again. The Ukrainian Computer...

Hacktivists hacked Russian TV schedules during Victory Day and displayed anti-war messages

May 10, 2022

Hacktivists yesterday defaced the Russian TV with pro-Ukraine messages and took down the RuTube video streaming site. Hacktivists and white...

Threat actors are actively exploiting CVE-2022-1388 RCE in F5 BIG-IP

May 10, 2022

Threat actors are exploiting critical F5 BIG-IP flaw CVE-2022-1388 to deliver malicious code, cybersecurity researchers warn. Threat actors started massively exploiting...

Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

May 10, 2022

The Resecurity HUNTER unit identified a new underground service called ‘Frappo’, which is available on the Dark Web. “Frappo” acts...

DCRat, only $5 for a fully working remote access trojan

May 9, 2022

Researchers warn of a remote access trojan called DCRat (aka DarkCrystal RAT) that is available for sale on Russian cybercrime...

Costa Rica continues defence against sustained Conti ransomware attacks

May 9, 2022

It’s not been plain sailing recently for Conti ransomware, the Ransomware as a Service (RaaS) group with several major attacks...

Update now! F5 BIG-IP vulnerability being actively exploited

May 9, 2022

The Australian Cyber Security Centre (ACSC) has announced it is aware of the existence of Proof of Concept (PoC) code...

Recovering from romance scams with Cindy Liebes: Lock and Code S03E10

May 9, 2022

Earlier this year, many members of the public were introduced to the facets of a long-ignored crime in cyberspace: The...

How to remove Google from your life

May 9, 2022

Swearing off a company used to be easier. Rude customer service, an unfortunate bout of food poisoning, even standing up...

CERT-UA warns of malspam attacks distributing the Jester info stealer

May 9, 2022

The Computer Emergency Response Team of Ukraine (CERT-UA) warns of attacks spreading info-stealing malware Jester Stealer. The Computer Emergency Response...

A special browser designed for online banking. Good idea, or not so much?

May 9, 2022

The German Sparkasse bank has launched a browser that is especially designed to do your online banking. The browser called...

$600 a week to wrap your car? It’s a scam

May 9, 2022

A friend of mine recently received a text message which they described as “intriguing, but nonsensical”. They were convinced it...

A scanning tool for open-sourced software packages? Yes, please!

May 9, 2022

The Open Source Security Foundation (OpenSSF), a collective of industry leaders aimed at improving the security of open-source software (OSS),...

A week in security (May 2 – 8)

May 9, 2022

Last week on Malwarebytes Labs: Google, Apple, and Microsoft step hand in hand into a passwordless futureOpenSea warns of Discord...

Experts developed exploits for CVE-2022-1388 RCE in F5 BIG-IP products

May 9, 2022

A few days after F5 addressed the critical CVE-2022-1388 Remote Code execution flaw in its BIG-IP products, researchers created exploits...

News

Update now! Microsoft releases patches, including one for actively exploited zero-day

Canon printer owners: Be careful of bogus driver download sites

Microsoft Patch Tuesday updates for May 2022 fixes 3 zero-days, 1 under active attack

EU condemns Russian cyber operations against Ukraine

Security Above and Beyond CNAPPs

Examining the Black Basta Ransomware’s Infection Routine

APT34 targets Jordan Government using new Saitama backdoor

Microsoft fixed RCE flaw in a driver used by Azure Synapse and Data Factory

Client side scanning may cost more than it delivers

“Chemical attack” email warnings deliver Jester Stealer malware

Hacktivists hacked Russian TV schedules during Victory Day and displayed anti-war messages

Threat actors are actively exploiting CVE-2022-1388 RCE in F5 BIG-IP

Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

DCRat, only $5 for a fully working remote access trojan

Costa Rica continues defence against sustained Conti ransomware attacks

Update now! F5 BIG-IP vulnerability being actively exploited

Recovering from romance scams with Cindy Liebes: Lock and Code S03E10

How to remove Google from your life

CERT-UA warns of malspam attacks distributing the Jester info stealer

A special browser designed for online banking. Good idea, or not so much?

$600 a week to wrap your car? It’s a scam

A scanning tool for open-sourced software packages? Yes, please!

A week in security (May 2 – 8)

Experts developed exploits for CVE-2022-1388 RCE in F5 BIG-IP products

CISA: CISA Releases Nine Industrial Control Systems Advisories

CISA: CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Partners with ASD’s ACSC, CCCS, NCSC-UK, and Other International and US Organizations to Release Guidance on Edge Devices

CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog

You may have missed