Raindrop, a fourth malware employed in SolarWinds attacks
The threat actors behind the SolarWinds attack used malware dubbed Raindrop for lateral movement and deploying additional payloads. Security experts...
News
Fourth SolarWinds malware strain shows diversity of tactics
Researchers have found a fourth strain of malware – Raindrop – that was used in the SolarWinds supply chain attack,...
The story of ZeroLogon
This is the story of a vulnerability that was brought about by the incorrect use of an encryption technique. After...
Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments
A nation state attack leveraging software from SolarWinds has caused a ripple effect throughout the security industry, impacting multiple organizations....
More Than 22 Billion Records Revealed in Data Leaks in 2020
A new record has been set with regards to the data breach, ‘more than 22 billion records were revealed globally...
Patrons Become Victim to Depop Hacks
Since the lockdown started in March, there has been a significant spike in online shopping. This has become a big...
Hackers Altered the Covid-19 Vaccine Records
The European Union's drug regulator has said that COVID-19 vaccine documents that were purloined from its servers in a cyberattack...
Git-Wild-Hunt – A Tool To Hunt For Credentials In Github Wild AKA Git*Hunt
A tool to hunt for credentials in the GitHub wild AKA git*huntGetting startedInstall the tool Configure your GitHub token Search...
HosTaGe – Low Interaction Mobile Honeypot
HosTaGe is a lightweight, low-interaction, portable, and generic honeypot for mobile devices that aims on the detection of malicious, wireless...
InsightIDR: 2020 Highlights and What’s Ahead in 2021
LEQL Multi-groupby in InsightIDRFor a look at the most up-to-date list of Log Search capabilities, check out our help documentation...
FreakOut botnet target 3 recent flaws to compromise Linux devices
Security researchers uncovered a series of attacks conducted by the FreakOut botnet that leveraged recently discovered vulnerabilities. Security researchers from...
Vishing attacks conducted to steal corporate accounts, FBI warns
The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. The...
OpenWRT forum hacked, intruders stole user data
The OpenWRT forum, the community behind the open-source project for embedded operating systems based on Linux, disclosed a data breach....
500K+ records of C-level people from Capital Economics leaked online
Experts from Cyble recently found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. During a routine Darkweb monitoring, researchers...
What’s up with WhatsApp’s privacy policy?
WhatsApp has been in the news recently after changes to its privacy policy caused a surge of interest in rival...
A week in security (January 11 – January 17)
Last week on Malwarebytes Labs, we looked at IoT problems, Microsoft’s Patch Tuesday, and how cybercriminals want access to your...
Russian hackers hacked the first level Olympiad in a second
A new Olympic season has begun in Russia. Many competitions have been moved online due to the COVID-19 pandemic. The...
Cisco Shows no Intentions on Patching EOL Vulnerabilities
Cisco, an American Multinational Conglomerate stated this week it does not plan on fixing vulnerabilities in end-of-life (EOL) Cisco routers,...
WhatsApp Clients Resort to Other Messaging Platforms
WhatsApp has told its two billion clients they should permit it to share information with its parent organization Facebook if...
Colombian Woman purloin Rs 17.71 Lakh from SBI ATM
Bengaluru Police have confronted a freshly growing crime that goes under the name ATM fraud. In this ATM fraud, the...
BigBountyRecon – This Tool Utilises 58 Different Techniques To Expediate The Process Of Intial Reconnaissance On The Target Organisation
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial...
Token-Hunter – Collect OSINT For GitLab Groups And Members And Search The Group And Group Members’ Snippets, Issues, And Issue Discussions For Sensitive Data That May Be Included In These Assets
Collect OSINT for GitLab groups and members and search the group and group members' snippets, issues, and issue discussions for...
Apple paid a $50,000 bounty to two bug bounty hunters for hacking its hosts
A duo of white hat hackers claims to have earned $50,000 from Apple for reporting serious flaws that allowed them...
Rob Joyce is the new NSA Cyber Director
The U.S. National Security Agency has appointed Rob Joyce as the agency’s new director of cybersecurity, who has long experience...
