NICER Protocol Deep Dive: Internet Exposure of Citrix ADC/NetScaler
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
SEC Consult SA-20201104-0 :: Multiple vulnerabilities in Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA)
Posted by SEC Consult Vulnerability Lab on Nov 04SEC Consult Vulnerability Lab Security Advisory < 20201104-0 > ======================================================================= title: Multiple...
Update your Chrome again as Google patches second zero-day in two weeks
Before you start to Google for election news, we’d like you to check whether your browser is at the latest...
Maze ransomware gang announces retirement
The threat actors behind Maze ransomware have announced their retirement. On November 1, they posted the retirement announcement on the...
Hospital ransomware: Gangs are back to target healthcare
Healthcare is not in a good place right now. With some countries and states deciding to go back in to...
Google Drive Notifications Used to Send Malicious Links to Hundreds of Thousands of Users
Cybercriminals have now resorted to utilizing a legitimate Google Drive collaboration feature to trick users into clicking on pernicious...
FileWall, a Content Disarm and Reconstruction Solution for Microsoft 365 by Odix
In recent months, there has been an exponential surge in malware attacks. According to the checkpoint, the last quarter itself...
APT trends report Q3 2020
For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of...
DeepBlueCLI – a PowerShell Module for Threat Hunting via Windows Event Logs
DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs Eric Conrad, Backshore Communications, LLC deepblue at backshore...
Webshell-Analyzer – Web Shell Scanner And Analyzer
Web shell analyzer is a cross platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files...
The Story Behind Security Breaches
There are many potential causes of security breaches, including malicious attacks, system glitches, equipment failures, software bugs, and zero days....
Minted – 4,418,182 breached accounts
In May 2020, the online marketplace for independent artists Minted suffered a data breach that exposed 4.4M unique customer records...
A week in security (October 26 – November 1)
We had a very busy week at Malwarebytes Labs. We offered advice on Google’s patch for an actively exploited zero-day...
Russian experts predict a shortage of cybersecurity specialists
Despite the funding cuts caused by the pandemic crisis, companies around the world are going to hire more and more...
Katana: New Variant of Mirai Botnet Posing Serious Threat?
A new variant of the Mirai botnet, Katana is being identified recently by the Avira Protection Lab. The botnet is...
Trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to meet the following requirements: the ability to be deployed...
PowerZure – PowerShell Framework To Assess Azure Security
For a list of functions, their usage, and more, check out https://powerzure.readthedocs.ioWhat is PowerZure?PowerZure is a PowerShell project created to...
Overview of Content Security Policies (CSPs) on the Web
A Content Security Policy is a protocol that allows a site owner to control what resources are loaded on a...
Hackers stole credit card data from JM Bullion online bullion dealer
JM Bullion, the leading online bullion dealer in the United States, has disclosed a data breach, hackers stole customers’ credit...
UK ICO fines hotel chain giant Marriott over data breach
The UK Information Commissioner’s Office fined US hotels group Marriott over the 2018 data breach that affected millions of customers...
Nuclear Regulation Authority shut down email systems after a cyber attack
Japan’s Nuclear Regulation Authority (NRA) issued a warning of temporary suspension of its email systems, likely caused by a cyber...
Maze ransomware is going out of the business
The Maze ransomware operators are shutting down their operations for more than one year the appeared on the threat landscape...
Security Affairs newsletter Round 287
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
A data breach broker is selling account databases of 17 companies
A threat actor is offering for sale account databases containing an aggregate total of 34 million user records stolen from...
