Microsoft warns of an increase in password spraying attacks
The Microsoft Detection and Response Team (DART) warns of a rise in password spray attacks targeting valuable cloud accounts. The...
News
Iranian Black Shadow hacking group breached Israeli Internet hosting firm
Irananian hacking group Black Shadow breached the Israeli internet hosting company Cyberserve, taking down several of its sites. Iranian hacking...
Minecraft Japanese gamers hit by Chaos ransomware using alt lists as lure
Chaos Ransomware operators target gamers’ Windows devices using Minecraft alt lists as a lure and promoting them on gaming forums....
Graff multinational jeweller hit by Conti gang. Data of its rich clients are at risk, including Trump and Beckham
Conti ransomware gang hit high society jeweller Graff and threatens to release private details of world leaders, actors and tycoons...
Security Affairs newsletter Round 338
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Hacker accessed medical info at UMass Memorial Health
A cyber attack hit the UMass Memorial Health, threat actors had access to employee email system, potentially exposing patients info....
Reading INTERPOL the African Cyberthreat Assessment Report 2021
INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report...
MITRE and CISA publish the 2021 list of most common hardware weaknesses
MITRE and CISA announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. MITRE and...
TrickBot member extradited to US faces up to 60 years in prison
An alleged member of the TrickBot gang, the Russian national Vladimir Dunaev (aka FFX), has been extradited to the US....
ESET found a variant of the Hive ransomware that encrypts Linux and FreeBSD
The Hive ransomware operators have developed a new variant of their malware that can encrypt Linux and FreeBSD. ESET researchers...
Papua New Guinea ‘s finance ministry was hit by a ransomware
A ransomware attack hit Papua New Guinea ‘s finance ministry and disrupted government payments and operations. Government officials confirmed that...
Police arrested 12 individuals involved in 1800 ransomware attacks worldwide
Europol and Norwegian Police arrested 12 individuals over ransomware attacks on organizations worldwide, including critical infrastructure operators. A joint operation...
The return of the Malwarebytes CrackMe
This blog post was authored by Hasherezade Twice in the past (2017, 2018) we published a Capture-The-Flag challenge dedicated to...
Update your OptinMonster WordPress plugin immediately
WordPress, the incredibly popular content management platform, is currently dealing with a nasty plugin bug which allows redirects. What is...
Tips to protect your data, security, and privacy from a hands-on expert
This post was authored by one of the most active helpers on the Malwarebytes forums who wishes to remain anonymous....
NSA and CISA explained how to prevent and detect lateral movement in 5G networks via cloud systems
The US NSA and CISA published a security advisory to warn about threat actors compromising 5G networks via cloud infrastructure....
Shrootless: Microsoft finds Apple macOS vulnerability
Microsoft researchers have discovered a vulnerability in macOS, dubbed Shrootless, that can allow attackers to bypass System Integrity Protection (SIP)...
How we took part in MLSEC and (almost) won
This summer Kaspersky experts took part in the Machine Learning Security Evasion Competition (MLSEC) — a series of trials testing...
Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection
Microsoft finds a flaw in macOS, dubbed Shrootless (CVE-2021-30892), that can allow attackers to bypass System Integrity Protection (SIP). Microsoft discovered a...
Over 1 million WordPress sites affected by OptinMonster plugin flaws
A vulnerability in the popular the OptinMonster plugin allows unauthorized API access and sensitive information disclosure. A high-severity vulnerability (CVE-2021-39341)...
Wslink, a previously undescribed loader for Windows binaries
ESET researchers discovered a previously undescribed loader for Windows binaries, tracked as Wslink, that runs as a server and executes...
AbstractEmu, a new Android malware with rooting capabilities
AbstractEmu is a new Android malware that can root infected devices to take complete control and evade detection with different tricks. Security...
Threat profile: Ranzy Locker ransomware
Ranzy Locker ransomware emerged in late 2020, when the variant began to target victims in the United States. According to a flash alert issued...
German investigators identify crypto millionaire behind REvil operations
German authorities have identified a Russian man named Nikolay K. who is suspected to be a prominent member of the...
