Microsoft fixed RCE flaw in a driver used by Azure Synapse and Data Factory
Microsoft disclosed a now-fixed vulnerability in Azure Synapse and Azure Data Factory that could have allowed remote code execution. Microsoft...
News
Client side scanning may cost more than it delivers
On May 11, 2022, the EU will publicize a proposal for a law on mandatory chat control. The European Commission...
“Chemical attack” email warnings deliver Jester Stealer malware
Jester Stealer, a malicious file capable of large amounts of data theft, is on the prowl again. The Ukrainian Computer...
Hacktivists hacked Russian TV schedules during Victory Day and displayed anti-war messages
Hacktivists yesterday defaced the Russian TV with pro-Ukraine messages and took down the RuTube video streaming site. Hacktivists and white...
Threat actors are actively exploiting CVE-2022-1388 RCE in F5 BIG-IP
Threat actors are exploiting critical F5 BIG-IP flaw CVE-2022-1388 to deliver malicious code, cybersecurity researchers warn. Threat actors started massively exploiting...
Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service
The Resecurity HUNTER unit identified a new underground service called ‘Frappo’, which is available on the Dark Web. “Frappo” acts...
DCRat, only $5 for a fully working remote access trojan
Researchers warn of a remote access trojan called DCRat (aka DarkCrystal RAT) that is available for sale on Russian cybercrime...
Costa Rica continues defence against sustained Conti ransomware attacks
It’s not been plain sailing recently for Conti ransomware, the Ransomware as a Service (RaaS) group with several major attacks...
Update now! F5 BIG-IP vulnerability being actively exploited
The Australian Cyber Security Centre (ACSC) has announced it is aware of the existence of Proof of Concept (PoC) code...
Recovering from romance scams with Cindy Liebes: Lock and Code S03E10
Earlier this year, many members of the public were introduced to the facets of a long-ignored crime in cyberspace: The...
How to remove Google from your life
Swearing off a company used to be easier. Rude customer service, an unfortunate bout of food poisoning, even standing up...
CERT-UA warns of malspam attacks distributing the Jester info stealer
The Computer Emergency Response Team of Ukraine (CERT-UA) warns of attacks spreading info-stealing malware Jester Stealer. The Computer Emergency Response...
A special browser designed for online banking. Good idea, or not so much?
The German Sparkasse bank has launched a browser that is especially designed to do your online banking. The browser called...
$600 a week to wrap your car? It’s a scam
A friend of mine recently received a text message which they described as “intriguing, but nonsensical”. They were convinced it...
A scanning tool for open-sourced software packages? Yes, please!
The Open Source Security Foundation (OpenSSF), a collective of industry leaders aimed at improving the security of open-source software (OSS),...
A week in security (May 2 – 8)
Last week on Malwarebytes Labs: Google, Apple, and Microsoft step hand in hand into a passwordless futureOpenSea warns of Discord...
Experts developed exploits for CVE-2022-1388 RCE in F5 BIG-IP products
A few days after F5 addressed the critical CVE-2022-1388 Remote Code execution flaw in its BIG-IP products, researchers created exploits...
Experts uncovered a new wave of attacks conducted by Mustang Panda
China-linked Mustang Panda APT group targets entities in Asia, the European Union, Russia, and the US in a new wave of...
Conti ransomware claims to have hacked Peru MOF – Dirección General de Inteligencia (DIGIMIN)
Conti Ransomware gang claims to have hacked the Peru MOF – Dirección General de Inteligencia (DIGIMIN) and stolen 9.41 GB....
May 01 – May 07 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to Russia invasion of Ukraine from the cyber security perspective. Below...
NIST published updated guidance for supply chain risks
The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply-chain attacks. The National Institute...
US agricultural machinery manufacturer AGCO suffered a ransomware attack
The American agricultural machinery manufacturer AGCO announced that has suffered a ransomware attack that impacted its production facilities. AGCO, one of the...
Google, Apple, and Microsoft step hand in hand into a passwordless future
While we recently “celebrated” World Password Day, almost every security outlet keeps telling us that passwords alone are not enough....
Security Affairs newsletter Round 364 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
