EMA: Some of Pfizer/BioNTech COVID-19 vaccine data was leaked online
The European Medicines Agency (EMA) revealed that some of the Pfizer/BioNTech COVID-19 vaccine data were stolen from its servers. In...
News
Patch Tuesday – January 2021
We arrive at the first Patch Tuesday of 2021 (2021-Jan) with 83 vulnerabilities across our standard spread of products. Windows...
Ubiquiti breach, and other IoT security problems
Networking equipment manufacturer Ubiquiti sent out an email to warn users about a possible data breach. The email stated there...
Cyber Attackers Targets the Montreal Car-Sharing Service Communauto
Threat actors targeted the Montreal-based car-sharing service Communauto but they were unable to get their hands on the sensitive information...
The data of 1.3 million Russian Hyundai customers are on sale
The database, which contains information about 1.3 million Russian owners of Hyundai cars, is put up for sale on Darknet....
Korean Dating App Leaks Private Images and Information of 1 Million Users
Korea is a country where incidents of data breach have significantly risen in number, becoming the new normal. Due to...
Typeform Patched an Information Hijacking Vulnerability
Online survey and form creation tool Typeform allows clients to make website pages for easy information gathering from clients. Each...
ProtOSINT – A Python Script That Helps You Investigate Protonmail Accounts And ProtonVPN IP Addresses
ProtOSINT is a Python script that helps you investigate ProtonMail accounts and ProtonVPN IP addresses.DescriptionThis tool can help you in...
Sigurls – A Reconnaissance Tool, It Fetches URLs From AlienVault’s OTX, Common Crawl, URLScan, Github And The Wayback Machine
sigurls is a reconnaissance tool, it fetches URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback Machine.UsageTo display...
Update on SolarWinds Supply-Chain Attack: SUNSPOT and New Malware Family Associations
This update is a continuation of our previous coverage of the SolarWinds supply-chain attack that was discovered by FireEye in...
Sunspot, the third malware involved in the SolarWinds supply chain attack
Cybersecurity firm CrowdStrike announced to have discovered a third malware strain, named Sunspot, directly involved in the SolarWinds supply chain...
Bitdefender releases free decrypter for Darkside ransomware
Security firm Bitdefender released a tool that allows victims of the Darkside ransomware to recover their files without paying the...
Ubiquiti discloses a data breach
American technology company Ubiquiti Networks is disclosed a data breach and is notifying its customers via email. American technology vendor...
Connecting the dots between SolarWinds and Russia-linked Turla APT
Experts have found some similarities between the Sunburst backdoor used in the SolarWinds supply chain attack and Turla’s backdoor Kazuar. Security experts...
A week in security (January 4 – January 10)
Last week on Malwarebytes Labs, we released survey results about VPN usage and found that 36 percent of our respondents...
JetBrains – A possible Doorway to Massive Hacking Plot?
JetBrains a software company based in the Czech Republic could possibly be used as a doorway by Russian hackers to...
Singapore Witnessed a Sudden Surge in the Bank-Related Phishing Scam
Phishing emails are scams where the actors try to befool the user by sending emails that may concern the user....
Parler on the Verge of Permanent Expulsion
Launched in 2018, Parler has become a place of refuge for individuals that have been prohibited or suspended by popular...
Sunburst backdoor – code overlaps with Kazuar
Introduction On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure...
pongoOS – A Pre-Boot Execution Environment For Apple Boards
A pre-boot execution environment for Apple boards built on top of checkra1n.Building on macOSInstall Xcode + command-line utilities make clean...
Wprecon – A Vulnerability Recognition Tool In CMS WordPress, 100% Developed In Go
Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.Notice:Why is the project...
Russian hacker Andrei Tyurin sentenced to 12 years in prison
A U.S. court on Thursday sentenced the Russian hacker Andrei Tyurin to 12 years in prison for his role in...
Experts found gained access to the Git Repositories of the United Nations
Researchers obtained gained access to the Git Repositories belonging to the United Nations, exposing staff records and credentials. The research...
Source code for malware that targets Qiui Cellmate device was leaked online
The source code for the ChastityLock ransomware that was used in attacks aimed at the users of the Qiui Cellmate...
