Unnamed Ransomware gang uses a Python script to encrypt VMware ESXi servers
An unnamed ransomware gang used a custom Python script to target VMware ESXi and encrypt all the virtual machines hosted...
News
Facebook shoots own foot, hits Instagram and WhatsApp too
Mark Zuckerberg was left counting the personal cost of bad PR yesterday (about $6 billion, according to Bloomberg) on a...
Criminals were inside Syniverse for 5 years before anyone noticed
“A global privacy disaster”, “espionage gold”, and “a state-sponsored wet dream” are just some of the comments one can read...
Telco service provider giant Syniverse had unauthorized access since 2016
Syniverse service provider discloses a security breach, threat actors have had access to its databases since 2016 and gained some...
Windows 11 is out. Is it any good for security?
Windows 11, the latest operating system (OS) from Microsoft, launches today, and organizations have begun asking themselves when and if...
Dark web marketplace White House announces end to its operations
The dark web marketplace White House Market shuts down its operation, last week its operators announced that they were retiring....
Misconfigured Apache Airflow servers leak thousands of credentials
Experts discovered many misconfigured Apache Airflow servers exposed online that were leaking sensitive information from prominent tech firms. Apache Airflow is an...
US-CERT Bulletin (SB21-277):Vulnerability Summary for the Week of September 27, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Neiman Marcus data breach affects millions
Millions of Neiman Marcus customers have had their personal and financial information exposed in a data breach. In a press...
Facebook, WhatsApp, and Instagram are down worldwide, it’s panic online
Users worldwide are experiencing problems while accessing Facebook services, including Instagram and WhatsApp. Users worldwide are not able to access...
Police take a piece out of a ransomware gang, but won’t say which one
One of the world’s ransomware groups appears to be a couple of members short today—and about two million dollars less...
Pottawatomie County paid the ransom to recover its systems
Pottawatomie County restored operations that were suspended after a ransomware attack hit its systems on September 17, 2021. Officials at...
Two ransomware operators were arrested in Kyiv with EUROPOL’s support
Two ransomware operators arrested in Kyiv, Ukraine, that are suspected to have attacked more than 100 companies causing more than...
New APT ChamelGang Targets energy and aviation companies in Russia
ChamelGang APT is a new cyberespionage group that focuses on fuel and energy organizations and aviation industry in Russia ChamelGang...
Does Cybersecurity Awareness Month actually improve security?
October is Cybersecurity Awareness Month, formerly known as National Cybersecurity Awareness Month. The idea is to raise awareness about cybersecurity,...
A week in security (Sept 27 – Oct 3)
Last week on Malwarebytes Labs Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18Phone screenshots...
LockBit 2.0 ransomware hit Israeli defense firm E.M.I.T. Aviation Consulting
Israeli Aerospace & Defense firm E.M.I.T. Aviation Consulting Ltd. was hit by LockBit 2.0 ransomware, operators will leak files on...
TA544 group behind a spike in Ursnif malware campaigns targeting Italy
Proofpoint researchers reported that TA544 threat actors are behind a new Ursnif campaign that is targeting Italian organizations. Proofpoint researchers...
CVE-2021-38647 OMIGOD flaw impacts IBM QRadar Azure
Experts warn that CVE-2021-38647 OMIGOD flaws affect IBM QRadar Azure and can be exploited by remote attackers to execute arbitrary...
Security Affairs newsletter Round 334
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
The Biden administration will work with 30 countries to curb global cybercrime
The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime....
Threat actors exploit a flaw in Coinbase 2FA to steal user funds
Threat actors stole funds from the accounts of more than 6,000 users of the crypto exchange Coinbase exploiting a flaw...
Flubot Android banking Trojan spreads via fake security updates
The Flubot Android malware is now leveraging fake security updates warning to trick users into installing the malicious code. Threat...
Tim’s RED Team Research reports 3 new CVEs, two of which in 4G/5G
Telecom Italia Red Team Research (RTR) laboratory led by Massimiliano Brolli reported three new flaws in Oracle GlassFish and Nokia...
