Adult cam site StripChat exposes the data of millions of users and cam models
The popular adult cam site StripChat has suffered a security breach, the personal data of millions of users and adult...
News
New Mac malware raises more questions about Apple’s security patching
Apple’s reputation on security has been taking a beating lately. As mentioned in some of our previous coverage, security researcher...
Intel addresses 2 high-severity issues in BIOS firmware of several processors
Intel disclosed two high-severity vulnerabilities, tracked as CVE-2021-0157 and CVE-2021-0158, that affect the BIOS firmware in several processor families. Intel...
SharkBot, a new Android Trojan targets banks in Europe
Security researchers from Cleafy discovered a new Android banking trojan, named SharkBot, that is targeting banks in Europe. At the...
Operation Reacharound – Emotet malware is back
The Emotet botnet is still active, ten months after an international operation coordinated by Europol shut down its infrastructure. Early...
US-CERT Bulletin (SB21-319):Vulnerability Summary for the Week of November 8, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Cloudflare mitigated 2 Tbps DDoS attack, the largest attack it has seen to date
Cloudflare announced to have mitigated a distributed denial-of-service (DDoS) attack that peaked at almost 2 terabytes per second (Tbps). Cloudflare,...
FBI server hijacked to send up to 100,000 bogus attack mails
If you received a scary missive from what appears to be from the FBI over the last few days, you’re...
North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro
North Korea-linked APT Lazarus targets security researchers using a trojanized pirated version of the popular IDA Pro reverse engineering software....
Microsoft rolled out emergency updates to fix Windows Server auth failures
Microsoft has released out-of-band security updates to address authentication issues affecting Windows Server. Microsoft has released out-of-band updates to fix...
Evasive maneuvers: HTML smuggling explained
Microsoft Threat Intelligence Center (MSTIC) last week disclosed “a highly evasive malware delivery technique that leverages legitimate HTML5 and JavaScript...
Instagram’s memorialize feature abused to memorialize…Instagram’s boss
The mechanisms for memorialising the social network accounts of people who’ve died haven’t really suffered a lot of scrutiny up...
Happy 10th Birthday, Security Affairs
Ten years together! I’m very excited. I launched Security Affairs for passion in 2011 and millions of readers walked with...
QAKBOT Trojan returns using Squirrelwaffle as a dropper
Experts warn of a surge in infections of the QBot (aka Quakbot) banking trojan which seems to be associated with...
A week in security (Nov 8 – Nov 14)
Last week on Malwarebytes Labs Multiple video games break after domain name snafuHow to remove adware on an Android phoneSmart...
Two Sony PS5 exploits disclosed the same day
Threat actors stole PS5 root keys using kernel exploits demonstrating the need to improve the security of the popular gaming...
ENISA – The need for Incident Response Capabilities in the health sector
ENISA analyzed the current state of development of sectoral CSIRT capabilities in the health sector since the implementation of the...
Updated: Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server
Threat actors hacked email servers of the FBI to distribute spam email impersonating FBI warnings of fake cyberattacks. The email...
FTC shares guidance for small businesses to prevent ransomware attacks
The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to increase resilience to ransomware attacks....
Threat Report Portugal: Q3 2021
The Threat Report Portugal: Q3 2021 compiles data collected on the malicious campaigns that occurred from July to September, Q3, of 2021....
Security Affairs newsletter Round 340
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server
Threat actors hacked email servers of the FBI to distribute spam email impersonating FBI warnings of fake cyberattacks. The email...
GravityRAT returns disguised as an end-to-end encrypted chat app
Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors...
Intel and AMD address high severity vulnerabilities in products and drivers
Chipmakers Intel and AMD addressed several vulnerabilities in their products, including high-risk issues in software drivers. Intel and AMD released...
