Anonymous targets the Russian Military and State Television and Radio propaganda
Anonymous continues to support Ukraine against the Russian criminal invasion targeting the Russian military and propaganda. Anonymous leaked personal details...
News
CISA advises D-Link users to take vulnerable routers offline
On April 42022, the Cybersecurity & Infrastructure Security Agency (CISA) added CVE-2021-45382 to its known exploited vulnerabilities catalog. But since...
CISA adds Spring4Shell flaw to its Known Exploited Vulnerabilities Catalog
The U.S. CISA added the recently disclosed remote code execution (RCE) vulnerability Spring4Shell to its Known Exploited Vulnerabilities Catalog. The U.S....
GitLab issues security updates; watch out for hard coded passwords
GitLab has issued several critical security updates, with users of the version control software urged to upgrade their installations as...
Spring4Shell (CVE-2022-22965): details and mitigations
Last week researchers found the critical vulnerability CVE-2022-22965 in Spring – the open source Java framework. Using the vulnerability, an...
MailChimp breached, intruders conducted phishing attacks against crypto customers
Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During...
An In-Depth Look at ICS Vulnerabilities Part 2
In part two of our three-part series, we continue to analyze vulnerabilities using MITRE ATT&CK. We also look into the...
VMware released updates to fix the Spring4Shell vulnerability in multiple products
VMware released security updates to address the critical remote code execution vulnerability known as Spring4Shell. VMware has published security updates...
5 ways to spring clean your security
It is now officailly spring in the Northern Hemisphere, and with spring and the longer days comes the inescapable urge...
Experts spotted a new Android malware while investigating by Russia-linked Turla APT
Researchers spotted a new piece of Android malware while investigating activity associated with Russia-linked APT Turla. Researchers at cybersecurity firm...
Brokenwire attack, how hackers can disrupt charging for electric vehicles
Boffins devised a new attack technique, dubbed Brokenwire, against the Combined Charging System (CCS) that could potentially disrupt charging for...
“Free easter chocolate basket” is a social media scam after your personal details
Holidays inspire fraudsters and scammers to create timely and effective ways to string people along and get them to give...
Update now! Zyxel patches critical firewall bypass vulnerability
In a security advisory Zyxel has urged customers to update because a security flaw can lead to the circumvention of...
A week in security (March 28 – April 3)
Last week on Malwarebytes Labs: New UAC-0056 activity: There’s a Go Elephant in the roomGlobant suffers network breach due to...
Borat RAT, a new RAT that performs ransomware and DDoS attacks
Cyble researchers discovered a new remote access trojan (RAT) named Borat capable of conducting DDoS and ransomware attacks. Researchers from...
Experts discovered 15-Year-Old vulnerabilities in the PEAR PHP repository
SonarSource discovered a 15-year-old flaw in the PEAR PHP repository that could have enabled supply chain attacks. Researchers from SonarSource...
China-linked APT Deep Panda employs new Fire Chili Windows rootkit
The China-linked hacking group Deep Panda is targeting VMware Horizon servers with the Log4Shell exploit to install a new Fire...
Mar 27 – Apr 02 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective....
Security Affairs newsletter Round 359 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church
Anonymous claims to have hacked the Russian Orthodox Church ‘s charitable wing and leaked 15 GB of alleged stolen data....
UK Police charges two teenagers for their alleged role in the Lapsus$ extortion group
The City of London Police charged two of the seven teenagers who were arrested for their alleged role in the...
Beastmode Mirai botnet now includes exploits for Totolink routers
Operators behind the Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka B3astmode) added exploits for Totolink routers. The Mirai-based distributed denial-of-service (DDoS) botnet Beastmode (aka...
Ukraine intelligence leaks names of 620 alleged Russian FSB agents
The Ukrainian Defense Ministry’s Directorate of Intelligence leaked personal data belonging to 620 alleged Russian FSB agents. The Ukrainian Defense...
Critical CVE-2022-1162 flaw in GitLab allowed threat actors to take over accounts
GitLab has addressed a critical vulnerability, tracked as CVE-2022-1162 (CVSS score of 9.1), that could allow remote attackers to take over...
