CVE-2019-11074
Summary: A Write to Arbitrary Location in Disk vulnerability exists in PRTG Network Monitor 19.1.49 and below that allows attackers...
CVE-2018-19204
Summary: PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS...
CVE-2018-19203
Summary: PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special...
Binance receives the ban hammer from UK’s FCA
Binance, the world’s largest and most popular cryptocurrency exchange network, has had a rough few days. First, Japan’s financial regulator,...
What is the WireGuard VPN protocol?
In layman’s terms, a VPN uses encryption to create a private online connection between a device and a VPN server....
Lil’ skimmer, the Magecart impersonator
This blog post was authored by Jérôme Segura A very common practice among criminals consists of mimicking legitimate infrastructure when...
Is it game over for VR advergaming?
We’ve been warning about advergaming—the combination of virtual reality (VR) and ads—for years on the Labs Blog. I’ve given a...
REvil Hits Brazilian Healthcare Giant Grupo Fleury
São Paulo-based medical diagnostic firm Grupo Fleury has suffered a ransomware attack that has impaired business operations after the company...
Zyxel Warns Customers About Hackers Targeting its Firewalls & VPN Devices
Zyxel, a manufacturer of enterprise routers and VPN devices, has issued a notification that attackers are targeting its devices and...
Detecting unknown threats: a honeypot how-to
Catching threats is tricky business, especially in today’s threat landscape. To tackle this problem, for many years сybersecurity researchers have...
AWS Pen-Testing Laboratory – Pentesting Lab With A Kali Linux Instance Accessible Via Ssh And Wireguard VPN And With Vulnerable Instances In A Private Subnet
PenTesting laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wireguard...
Heappy – A Happy Heap Editor To Support Your Exploitation Process
Heappy is an editor based on gdb/gef that helps you to handle the heap during your exploitation development. The project...
Microsoft investigates threat actor distributing malicious Netfilter Driver
Microsoft is investigating an strange attack, threat actor used a driver signed by the company, the Netfilter Driver, to implant...
The builder for Babuk Locker ransomware was leaked online
The builder for the Babuk Locker ransomware was leaked online, threat actors can use it to create their own ransomware...
Six typosquatting packages in PyPI repository laced with crypto miner
Researchers discovered six rogue packages in the official Python programming language’s PyPI repository containg cryptocurrency mining malware. Experts from security firm Sonatype have...
CVE-2021-27386
Summary: A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants) (All versions...
CVE-2020-16134
Summary: An issue was discovered on Swisscom Internet Box 2, Internet Box Standard, Internet Box Plus prior to 10.04.38, Internet...
CVE-2021-31769
Summary: MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data...
CVE-2020-25754
Summary: An issue was discovered on Enphase Envoy R3.x and D4.x devices. There is a custom PAM module for user...
CVE-2021-31152
Summary: Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. An attacker can enable remote access, change passwords,...
A week in security (June 21 – June 27)
Last week on Malwarebytes Labs: Want to stop ransomware attacks? Send the cybercriminals to jail, says Brian Honan: Lock and...
Atlassian Patched Vulnerabilities in its Domains
On Wednesday 23rd of June, cyber-security experts uncovered key vulnerabilities in the Atlassian project and software development platform that might...
Hackers are Remotely Erasing Western Digital Hard Drives
The whole goal of using a network-attached storage device is to have a hard drive where you can back up...
This Malware Generated $2 Million After Abusing 222,000 Windows Systems
Avast researchers published a report on Thursday regarding the discovery of a cryptocurrency mining malware that abuses Windows Safe mode...
