Defending Against the Zero Day: Analyzing Attacker Behavior Post-Exploitation of Microsoft Exchange
In recent weeks, there has been quite a lot of reporting on the exploitation of the latest disclosed vulnerabilities in...
News
Google fixes an Android vulnerability actively exploited in the wild
Google addressed a zero-day vulnerability affecting Android devices that use Qualcomm chipsets which is actively exploited in the wild. Google...
CISA is warning of vulnerabilities in GE Power Management Devices
U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns of flaws in GE Power Management Devices that could allow an attacker...
Energy giant Shell discloses data breach caused by Accellion FTA hack
Oil and gas giant Royal Dutch Shell (Shell) discloses a data breach resulting from the compromise of its Accellion File...
Ministry of Defence academy hit by state-sponsored hackers
The Ministry of Defence academy was hit by a major cyber attack, Russia and China state-sponsored hackers are suspected to...
Adobe addresses a critical vulnerability in ColdFusion product
Adobe has released security updates to address a critical vulnerability in the ColdFusion product (versions 2021, 2016, and 2018) that could lead...
Abusing distance learning software to hack into student PCs
Experts uncovered critical flaws in the Netop Vision Pro distance learning software used by many schools to control remote learning...
Safe Connections Act could help domestic abuse survivors take control of their digital lives
A bill introduced in the US Senate could help domestic abuse and sex trafficking survivors—including those tracked by stalkerware-type applications—regain...
How to enable Facebook’s hardware key authentication for iOS and Android
Since 2017 desktop users have had the opportunity to use physical security keys to log in to their Facebook accounts....
Report goes “behind enemy lines” to reveal SilverFish cyber-espionage group
The PRODAFT Threat Intelligence Team has published a report (pdf) that gives an unusually clear look at the size and...
Beware of Android Apps While Giving Access to Your Mobile Data
Have you ever thought about privacy while giving access to the app makers about your contact list, camera, recording, location,...
Malware Campaign Targets Telegram Desktop Application
An independent security researcher based in Basel, Switzerland, Jannis Kirschner, began to look for the widely known Telegram desktop version...
PRODAFT Accessed Servers of a SolarWinds Hacker
A Swiss cybersecurity firm says it has accessed servers utilized by a hacking group attached to the SolarWinds breach, uncovering...
SOC Automation with InsightIDR and InsightConnect: Three Key Use Cases to Explore to Optimize Your Security Operations
You probably already know that SOC automation with InsightIDR and InsightConnect can decrease your #MeanTimeToResponse. It may not be a...
RCE flaw in Apache OFBiz could allow to take over the ERP system
The Apache Software Foundation fixed a high severity remote code execution flaw in Apache OFBiz that could have allowed attackers...
Which is the Threat landscape for the ICS sector in 2020?
The Kaspersky ICS CERT published a report that provided details about the threat landscape for computers in the ICS engineering...
A week in security (March 15 – 21)
Last week on Malwarebytes Labs, our podcast featured Adam Kujawa, who talked us through our 2021 State of Malware report....
Everthing You Need to Know About Ongoing TrickBot Attacks, US Agencies Warn
The Cybersecurity and Infrastructure Security Agency (CISA) in unison with the Federal Bureau of Investigation (FBI) published an advisory on...
CISA releases CHIRP, a tool to detect SolarWinds malicious activity
US CISA has released a new tool that allows detecting malicious activity associated with the SolarWinds hackers in compromised on-premises...
Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft
Department of Justice announced that Swiss hacker Till Kottmann, 21, has been indicted for conspiracy, wire fraud, and aggravated identity...
Security Affairs newsletter Round 306
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Microsoft Defender can now protect servers against ProxyLogon attacks
Microsoft announced that its Defender Antivirus and System Center Endpoint Protection now protects users against attacks exploiting Exchange Server vulnerabilities....
A threat actor exploited 11 zero-day flaws in 2020 campaigns
A hacking group has employed at least 11 zero-day flaws as part of an operation that took place in 2020...
CopperStealer Malware Steals Social Media Credentials
Researchers discovered a certain malware that was so far unidentified which silently hijacked Facebook, Apple, Amazon, Google, and other web...
