BigBasket: Data Breach Leaks 20 Million User Data
A threat actor dropped about 20 million Big Basket user reports containing personally identifiable details and hashed passwords on a...
News
Bye Bye Emotet, law enforcement pushed the uninstall code via the botnet
European law enforcement has conducted an operation aimed at performing a mass-sanitization of computers infected with the infamous Emotet Windows...
Prometei botnet is targeting ProxyLogon Microsoft Exchange flaws
Attackers are exploiting the ProxyLogon flaws in Microsoft Exchange to recruit machines in a cryptocurrency botnet tracked as Prometei. Experts...
A supply chain attack compromised the update mechanism of Passwordstate Password Manager
The software company Click Studios was the victim of a supply chain attack, hackers compromised its Passwordstate password management application. Another...
A week in security (April 19 – 25)
Last week on Malwarebytes Labs, we interviewed Youssef Sammouda, a 21-year-old bug bounty hunter who is focused on finding vulnerabilities...
Flubot can Spy on Phones and can Gather Online Banking Details
Experts cautioned that a text message scam infecting Android phones is expanding across the UK. The message, which appears to...
Here’s a Quick Look at the Role of ‘Covalent BlockChain Data API’ in Terms of Data Gathering
In this article, we’re going to deep dive into the role of Covalent, the unified blockchain API. So, the first...
Hackers Demand $50 Million Ransom From Apple
A Russian hacking group claims to have obtained schematics for some yet-to-be-released Apple products. The hackers have demanded a $50...
Concerns Raised as Postal Service of America Monitors Social Media Accounts of the Natives
A program that monitors and collects the Social Media posts of the American public even on issues related to planned...
ClickStudios told Clients to Change Passwords After a Cyberattack
Following a cyberattack on the corporate password manager Passwordstate, Click Studios, an Australian software house, has advised consumers to reset...
Hackers are targeting Soliton FileZen file-sharing servers
Threat actors are exploiting two flaws in the popular file-sharing server FileZen to steal sensitive data from businesses and government...
Security Affairs newsletter Round 311
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely
10,000+ unpatched ABUS Secvest home alarm systems could be remotely disabled exposing customers to intrusions and thefts. Researchers from Eye Security have...
The cybersecurity researcher Dan Kaminsky has died
The cybersecurity community has lost its star, the popular hacker Dan Kaminsky has passed away. The popular cyber security researcher...
ToxicEye RAT exploits Telegram communications to steal data from victims
ToxicEye is a new Remote Access Trojan (RAT) that exploits the Telegram service as part of it command and control...
Russian hackers reportedly stole secret device blueprints from Apple
Hackers reportedly gained access to blueprints of the latest Apple developments by attacking the servers of the Taiwanese company Quanta...
‘Sysrv’ – New Crypto-Mining Botnet is Silently Expanding it’s Reach
It appears that the developers of the ‘Sysrv’ botnet have been working hard in putting out a more sophisticated version...
Experts have warned of a cyberattack on Facebook Messenger users
Attackers distribute offers to install the "latest update" of the messenger disguised as official Facebook posts. Victims risk losing access...
ToxicEye: Trojan Abuses Telegram to Steal Data
The Telegram service is being exploited by operators of a new Remote Access Trojan (RAT) to keep control of their...
Ransomware Attack by REvil on Apple, Demands $50 Million
While Apple was working on the preparations for the 'Spring Loaded' event that went live on Tuesday, 20th April, the...
A new Linux Botnet abuses IaC Tools to spread and other emerging techniques
A new Linux botnet uses Tor through a network of proxies using the Socks5 protocol, abuses legitimate DevOps tools, and other emerging techniques....
Following similar move in US, Europol prepares coup de gras for Emotet’s remains
On Sunday, Europol will end a three-month-long process of dismantling the Emotet botnet by triggering a time-activated .dll to delete...
SUPERNOVA malware discovered on SolarWinds Orion server
The Cybersecurity and Infrastructure Security Agency (CISA) has reported finding the SUPERNOVA web shell collecting credentials on a SolarWinds Orion...
Artificial Intelligence ban slammed for failing to address “vast abuse potential”
A written proposal to ban several uses of artificial intelligence (AI) and to place new oversight on other “high-risk” AI...
