CVE-2020-0041 – Google / Android – Out-of-bounds write
Summary: CVE-2020-0041 is an out-of-bounds write vulnerability impacting Google Android. An exploit was observed in open source and subsequently shared...
US DoS offers a reward of up to $10M for leaders of REvil ransomware gang
The U.S. government offers up to $10 million for identifying or locating leaders in the REvil/Sodinokibi ransomware operation The Department...
Ukrainian REvil affiliate charged with Ransomware Attack on Kaseya
The US DoJ has charged a REvil ransomware affiliate that is suspected to have orchestrated the attack on Kaseya MSP...
DDoS attacks in Q3 2021
News overview Q3 2021 brought two new DDoS attack vectors, potentially posing a serious threat, including for major web resources....
Conti Ransomware Victim: https-ontec-automation-d
continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...
Multiple video games break after domain name snafu
We’ve seen quite a few complaints from gamers this past weekend, unable to load up and play games on the...
US-CERT Bulletin (SB21-312):Vulnerability Summary for the Week of November 1, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Ransomware attack disrupted store operations in the Netherlands and Germany
Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. Electronics retail...
Koppeling – Adaptive DLL Hijacking / Dynamic Export Forwarding
This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking"...
LockBit 2.0 Ransomware Victim: cool-pak[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: abiom[.]nl
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
Why we fail at getting the cybersecurity basics right, with Jess Dodson: Lock and Code S02E21
The cybersecurity basics should be just that—basic. Easy to do, agreed-upon, and adopted at a near 100 percent rate by...
Healthcare – Patient or Perpetrator? – The Cybercriminals Within
The healthcare industry might be known for the work it does to treat patients. But it is also a prime...
CVE-2021-36923
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access...
CVE-2021-36924
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool...
CVE-2021-36925
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary...
CVE-2020-28702
Summary: A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information. Reference Links(if available):...
CVE-2021-42557
Summary: In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials. Reference...
Operation Cyclone targets Clop Ransomware affiliates
Operation Cyclone – Six alleged affiliates with the Clop ransomware operation were arrested in an international joint law enforcement operation...
Kunyu – More Efficient Corporate Asset Collection
Kunyu, More Efficient Corporate Asset Collection 0x00 IntroduceTool introductionKunyu (kunyu), whose name is taken from , is actually a professional...
A week in security (Nov 1 – Nov 7)
Last week on Malwarebytes Labs Celebrity jewelry house Graff falls victim to ransomwareLessons from a real-life ransomware attackIs Apple’s Safari...
Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw
Experts warn of an ongoing hacking campaign that already compromised at least nine organizations worldwide from critical sectors by exploiting...
Hungarian official confirms Hungary used NSO Group Pegasus spyware
A Hungarian government official confirmed that his government has bought and used the controversial NSO Group’s Pegasus spyware. Lajos Kosa,...
FBI warns of fraudulent schemes using cryptocurrency ATMs and QR for payments
The FBI warns of an increase of fraudulent schemes leveraging cryptocurrency ATMs and QR Codes to facilitate payment. The FBI...
