5 French Minister Phones Affected with Pegasus Spyware
At least five French ministers and President Emmanuel Macron's diplomatic advisor mobile phones have been infected by Israel-made Pegasus spyware,...
A Malicious Firefox Add-On Targets Cryptocurrency Users
Covid-19 pandemic has turned the world upside down in the last year and a half, leaving us with no option...
Hackers Steal $17,000 in ‘Double Your Cash’ Fraud on Bitcoin.org
Bitcoin.org, the authentic website of the Bitcoin project was hacked by criminals who advertised a double your money scam and...
FinSpy: unseen findings
FinSpy, also known as FinFisher or Wingbird, is an infamous surveillance toolset. Kaspersky has been tracking deployments of this spyware...
LittleCorporal – A C# Automated Maldoc Generator
LittleCorporal: A C# Automated Maldoc Generator C:LittleCorporalbinRelease>LittleCorporal.exe C:beacon.bin explorer.exe.____ .__ __ __ .__ _________ .__| | |__|/ |__/ |_| |...
SharpSpray – Active Directory Password Spraying Tool. Auto Fetches User List And Avoids Potential Lockouts
SharpSpray is a Windows domain password spraying tool written in .NET C#. IntroductionSharpSpray is a C# port of DomainPasswordSpray with...
A complete PoC exploit for CVE-2021-22005 in VMware vCenter is available online
An exploit for the recently disclosed CVE-2021-22005 vulnerability in VMware vCenter was publicly released, threat actors are already using it....
Russia-linked Nobelium APT group uses custom backdoor to target Windows domains
Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. Microsoft...
ERMAC, a new banking Trojan that borrows the code from Cerberus malware
ERMAC is a new Android banking Trojan that can steal financial data from 378 banking and wallet apps. Researchers from...
New BloodyStealer malware is targeting the gaming sector
Researchers spotted a new malware, dubbed BloodyStealer, that could allow stealing accounts for multiple gaming platforms. Researchers from Kaspersky have...
Expert found RCE flaw in Visual Studio Code Remote Development Extension
Researchers from the Italian cybersecurity firm Shielder found a remote code execution vulnerability in Visual Studio Code Remote Development Extension....
CVE-2021-1947
Summary: Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial...
CVE-2021-33700
Summary: SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances,...
CVE-2021-33698
Summary: SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files)...
CVE-2021-33692
Summary: SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be...
CVE-2021-33704
Summary: The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke certain functions that...
A week in security (Sept 20 – Sept 26)
Last week on Malwarebytes Labs Freedom Hosting operator gets 27 years for hosting dark web abuse sitesMicrosoft makes a bold...
Cryptoscams Cost Australians About AU$6.6 Million Every Month
From the beginning of the year to the end of August, losses due to cryptocurrency investment scams accounted for over...
Malicious software reportedly generates 39% of all internet traffic
According to experts, the share of malicious bots has been growing for a long time, but the pandemic has accelerated...
Bogus Backup Message from WhatsApp Delivers Malware to Spanish Users
Authorities in Spain have issued a warning about a phishing campaign that impersonates WhatsApp to deceive consumers into installing a...
Newly Discovered ZE Loader Targets Online Banking Users
IBM Security researchers have discovered a new form of overlay malware targeting online banking users. Dubbed ZE Loader, is a...
BloodyStealer and gaming assets for sale
Earlier this year, we covered the threats related to gaming, and looked at the changes from 2020 and the first...
StreamDivert – Redirecting (Specific) TCP, UDP And ICMP Traffic To Another Destination
StreamDivert is a tool to man-in-the-middle or relay in and outgoing network connections on a system. It has the ability...
Cloudquery – Transforms Your Cloud Infrastructure Into SQL Database For Easy Monitoring, Governance And Security
CloudQuery transforms your cloud infrastructure into queryable SQL for easy monitoring, governance and security.What is CloudQuery and why use it?CloudQuery...
