Ransomware attack hit WestRock IT and OT systems
Packaging giant WestRock disclosed a ransomware attack that impacted its information technology (IT) and operational technology (OT) systems. American corrugated packaging company...
Cryptomining DreamBus botnet targets Linux servers
Zscaler’s research team recently spotted a Linux-based malware family, tracked as DreamBus botnet, targeting Linux servers. Researchers at Zscaler’s ThreatLabZ...
CVE-2018-16375
Summary: An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c...
CVE-2016-9675
Summary: openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause...
CVE-2016-7163
Summary: Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a...
CVE-2020-12351
Summary: Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access....
CVE-2017-14867
Summary: Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl...
A week in security (January 18 – January 24)
Last week on Malwarebytes Labs, we looked at changes to WhatsApp’s privacy policy, we provided information about Malwarebytes being targeted...
Is North Korea Planning Something Bigger in the Field of Cyber Crime ?
North Korea is excelling in a field of cybercrime with each passing day despite the tight economic sanctions levied by...
Russians Warned for US-led Cyberspace Threat Ensuing Solar Wind Orion
On Thursday evening, the Russian government released a security notice to Russian firms warning of possible US-led cyber-attacks following the...
SonicWall Breached via Zero-Day Flaw
SonicWall revealed on Friday night that, highly sophisticated threat actors assaulted its internal systems by abusing a probable zero-day flaw...
Shellex – C-shellcode To Hex Converter, Handy Tool For Paste And Execute Shellcodes In Gdb, Windbg, Radare2, Ollydbg, X64Dbg, Immunity Debugger And 010 Editor
C-shellcode to hex converter. Handy tool for paste & execute shellcodes in gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger &...
Recon Simplified with Spyse
One of the major struggles in bug bounty hunting is to collect and analyze data during reconnaissance, especially when there...
Finding Results at the Intersection of Security and Engineering
As vice president and head of global security at ActiveCampaign, I’m fortunate to be able to draw on a multitude...
Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked
Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving...
Tesla sues former employee for allegedly stealing sensitive docs
Tesla has accused a former employee, a software engineer, of downloading about 26,000 sensitive files and transferring them on his...
Hacker leaks data of 2.28M users of dating site MeetMindful
A well-known threat actor has leaked data belonging to 2.28 million users registered on the dating website MeetMindful. ZDNet first reported...
CVE-2020-25533
Summary: An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged...
CVE-2020-16119
Summary: Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with...
CVE-2016-4472
Summary: The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause...
CVE-2016-5300
Summary: The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause...
CVE-2018-20843
Summary: In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could...
Ransomware Group Published More Than 4,000 SEPA’s Files Online
Scottish Environment Protection Agency (SEPA) once again fell victim to the threat actors. Hackers published more than 4,000 files on...
Data Breach: Chipmaker Intel Shares Fall by 9%
The stock of Intel Corp was rallied to close in the last minutes of Thursday 21st January 2021 after the...
