Healthcare – Patient or Perpetrator? – The Cybercriminals Within
The healthcare industry might be known for the work it does to treat patients. But it is also a prime...
CVE-2021-36923
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve unauthorized access...
CVE-2021-36924
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve a pool...
CVE-2021-36925
Summary: RtsUpx.sys in Realtek RtsUpx USB Utility Driver for Camera/Hub/Audio through 1.14.0.0 allows local low-privileged users to achieve an arbitrary...
CVE-2020-28702
Summary: A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information. Reference Links(if available):...
CVE-2021-42557
Summary: In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials. Reference...
Operation Cyclone targets Clop Ransomware affiliates
Operation Cyclone – Six alleged affiliates with the Clop ransomware operation were arrested in an international joint law enforcement operation...
Kunyu – More Efficient Corporate Asset Collection
Kunyu, More Efficient Corporate Asset Collection 0x00 IntroduceTool introductionKunyu (kunyu), whose name is taken from , is actually a professional...
A week in security (Nov 1 – Nov 7)
Last week on Malwarebytes Labs Celebrity jewelry house Graff falls victim to ransomwareLessons from a real-life ransomware attackIs Apple’s Safari...
Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw
Experts warn of an ongoing hacking campaign that already compromised at least nine organizations worldwide from critical sectors by exploiting...
Hungarian official confirms Hungary used NSO Group Pegasus spyware
A Hungarian government official confirmed that his government has bought and used the controversial NSO Group’s Pegasus spyware. Lajos Kosa,...
FBI warns of fraudulent schemes using cryptocurrency ATMs and QR for payments
The FBI warns of an increase of fraudulent schemes leveraging cryptocurrency ATMs and QR Codes to facilitate payment. The FBI...
Conti Ransomware Victim: https-www-argos-company
continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...
Conti Ransomware Victim: http-www-jvckenwood-co
continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...
Hashdb-Ida – HashDB API Hash Lookup Plugin For IDA Pro
HashDB IDA PluginMalware string hash lookup Hash AlgorithmsClick Refresh Algorithms to pull a list of supported hash algorithms from...
Experts spotted a phishing campaign impersonating security firm Proofpoint
Threat actors are impersonating cybersecurity firm Proofpoint to trick victims into providing Microsoft Office 365 and Gmail credentials. Cybercriminals are...
CVE-2021-32762
Summary: Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service...
CVE-2019-7548
Summary: SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. Reference Links(if available): https://github.com/no-security/sqlalchemy_test https://github.com/sqlalchemy/sqlalchemy/issues/4481#issuecomment-461204518 https://lists.debian.org/debian-lts-announce/2019/03/msg00020.html https://access.redhat.com/errata/RHSA-2019:0984...
CVE-2021-30846
Summary: A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS...
CVE-2021-30851
Summary: A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS...
CVE-2021-41103
Summary: containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found...
New Magecart group uses an e-Skimmer that avoids VMs and sandboxes
A new Magecart group leverages a browser script to evade virtualized environments and sandboxes used by researchers. Malwarebytes researchers have...
LockBit 2.0 Ransomware Victim: eberlesrl[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
Etl-Parser – Event Trace Log File Parser In Pure Python
Event Trace Log file reader in pure Python etl-parser is a pure Python 3 parser library for ETL Windows log...
