Hackers Exploit Windows Smartscreen Flaw To Drop Darkgate Malware
A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security...
News
Fortinet Warns Of Critical Rce Bug In Endpoint Management Software
Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote...
Us Govt Probes If Ransomware Gang Stole Change Healthcare Data
The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack...
Pixpirate Android Malware Uses New Tactic To Hide On Phones
The latest version of the PixPirate banking trojan for Android employs a new method to hide on phones while remaining...
Pen Test Vendor Rotation Do You Need To Change Annually
You might have heard about the practice of pen test vendor rotation, or even tried it yourself. This is where...
Nearly 13 Million Secrets Spilled Via Public GitHub Repositories
Developers accidentally leaked 12.8 million secrets on public GitHub repositories in 2023, a 28% increase on the previous year, according...
Investment Scams Grow, 13,000 Domains Detected in January 2024
Internet security experts have detected and blocked nearly 13,000 fake investment platform domains across more than 7000 IPs in January...
Single RCE Bug Features Among 60 CVEs in March Patch Tuesday
Microsoft fixed 60 vulnerabilities in this month’s Patch Tuesday security update round, including just two critical bugs.These both affect Windows...
Cloud Account Attacks Surged 16-Fold in 2023
Cloud account threats increased 16-fold in 2023, with attackers adopting new techniques in these environments, according to Red Canary’s 2024...
New Research Exposes Security Risks in ChatGPT Plugins
Security researchers have uncovered critical security flaws within ChatGPT plugins. By exploiting these flaws, attackers could seize control of an...
Ransomware In 2023 Recap 5 Key Takeaways
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Massive Utility Scam Campaign Spreads Via Online Ads
For many households, energy costs represent a significant part of their overall budget. And when customers want to discuss their...
Ransomware Review February 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Remote Monitoring Management Software Used In Phishing Attacks
Remote Monitoring & Management (RMM) software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today,...
One Year Later Rhadamanthys Is Still Dropped Via Malvertising
It was just a little over a year ago that the Rhadamanthys stealer was first publicly seen distributed via malicious...
Fakebat Delivered Via Several Active Malvertising Campaigns
February was a particularly busy month for search-based malvertising with the number of incidents we documented almost doubling. We saw...
Ransomware Review March 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Pikabot Malware On The Rise What Organizations Need To Know
A new type of malware is being used by ransomware gangs in their attacks, and its name is PikaBot. A...
Stopping A Targeted Attack On A Managed Service Provider Msp With Threatdown Mdr
In late January 2024, the ThreatDown Managed Detection and Response (MDR) team found and stopped a three-month long malware campaign...
Over 12 Million Auth Secrets And Keys Leaked On Github In 2023
GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the...
Microsoft March 2024 Patch Tuesday Fixes 60 Flaws 18 Rce Bugs
Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code...
Google Paid 10 Million In Bug Bounty Rewards Last Year
Google awarded $10 million to 632 researchers from 68 countries in 2023 for finding and responsibly reporting security flaws in...
Tors New Webtunnel Bridges Mimic Https Traffic To Evade Censorship
The Tor Project officially introduced WebTunnel, a new bridge type specifically designed to help bypass censorship targeting the Tor network...
Acer Confirms Philippines Employee Data Leaked On Hacking Forum
Acer Philippines confirmed that employee data was stolen in an attack on a third-party vendor who manages the company's employee...
