Microsoft disables the ms-appinstaller protocol because it was abused to spread malware
Microsoft temporarily disabled the ms-appinstaller protocol for MSIX because it was abused by malware, such as Emotet. Microsoft announced to have temporarily...
US Telecom providers requested $5.6B to replace Chinese equipment
The Federal Communications Commission (FCC) says that small telecom providers have requested $5.6 billion to replace Chinese gear. The U.S....
How to avoid being scammed this Valentine’s Day
With Valentine’s Day approaching, you can be sure that the scammers will want to take advantage of lovebirds everywhere. From...
Hackers breached a server of National Games of China days before the event
An unnamed Chinese-language-speaking hacking group compromised systems at National Games of China in 2021. Researchers at cybersecurity firm Avast discovered...
LockBit 2.0 Ransomware Victim: COFRAP ESPAÑOLA SA
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion...
Invoke-EDRChecker – Checks Running Processes, Process Metadata, Dlls Loaded Into Your Current Process And The Each DLLs Metadata, Common Install Directories, Installed Services, The Registry And Running Drivers For The Presence Of Known Defensive Products Such As AV’s, EDR’s And Logging Tools
The script will check running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common...
Securitas breached, 3TB of airport employee records exposed
An unsecured AWS server, found open to the public Internet, is the root cause of a huge compromise of data...
A week in security (January 31 – February 6)
Last week on Malwarebytes Labs: Threat actor steals email with Zimbra zero-dayFBI warns of bogus job postings on recruitment sitesInvestment...
Cobalt Stike Beacon Detected – 8[.]141[.]51[.]8:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 123[.]56[.]98[.]161:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]227[.]255[.]187:8000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 108[.]136[.]88[.]61:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 188[.]93[.]233[.]171:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Mastodon privilege escalation | CVE-2022-24307
NAME Mastodon privilege escalation Platforms Affected:Mastodon Mastodon 3.3.1 Mastodon Mastodon 3.4.5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Mastodon could allow a remote attacker...
Airspan Networks Mimosa product line code execution | CVE-2022-21196
NAME Airspan Networks Mimosa product line code execution Platforms Affected:Airspan Networks MMP 1.0.2 Airspan Networks PTP 2.8.6.0 Airspan Networks PTMP...
Insyde InsydeH2O buffer overflow | US-CERT VU#796611
NAME Insyde InsydeH2O buffer overflow Platforms Affected:Insyde InsydeH2O 5.1 Insyde InsydeH2O 5.2 Insyde InsydeH2O 5.3 Insyde InsydeH2O 5.4 Insyde InsydeH2O...
Insyde InsydeH2O privilege escalation | US-CERT VU#796611
NAME Insyde InsydeH2O privilege escalation Platforms Affected:Insyde InsydeH2O 5.1 Insyde InsydeH2O 5.2 Insyde InsydeH2O 5.3Risk Level:8.2Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Insyde InsydeH2O...
Capsule8 Console SQL injection | CVE-2022-0366
NAME Capsule8 Console SQL injection Platforms Affected:Capsule8 Console 4.6.0 Capsule8 Console 4.9.1Risk Level:8.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Capsule8 Console is vulnerable to...
Insyde InsydeH2O privilege escalation | US-CERT VU#796611
NAME Insyde InsydeH2O privilege escalation Platforms Affected:Insyde InsydeH2O 5.1 Insyde InsydeH2O 5.2 Insyde InsydeH2O 5.3 Insyde InsydeH2O 5.4 Insyde InsydeH2O...
TensorFlow denial of service | CVE-2022-21728
NAME TensorFlow denial of service Platforms Affected:TensorFlow TensorFlow 1.3.0 TensorFlow TensorFlow 1.3.1 TensorFlow TensorFlow 1.4.0 TensorFlow TensorFlow 1.4.1 TensorFlow TensorFlow...
Insyde InsydeH2O privilege escalation | US-CERT VU#796611
NAME Insyde InsydeH2O privilege escalation Platforms Affected:Insyde InsydeH2O 5.1 Insyde InsydeH2O 5.2 Insyde InsydeH2O 5.3 Insyde InsydeH2O 5.4 Insyde InsydeH2O...
PostgreSQL JDBC Driver (PgJDBC) code execution | CVE-2022-21724
NAME PostgreSQL JDBC Driver (PgJDBC) code execution Platforms Affected:PgJDBC PgJDBC 42.2.24 PgJDBC PgJDBC 42.3.1Risk Level:8.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION PostgreSQL JDBC Driver...
Servisnet Tessa information disclosure | CVE-2022-22833
NAME Servisnet Tessa information disclosure Platforms Affected:Servisnet TessaRisk Level:9.8Exploitability:FunctionalConsequences:Obtain Information DESCRIPTION Servisnet Tessa could allow a remote attacker to obtain...
Airspan Networks Mimosa product line server-side request forgery | CVE-2022-21215
NAME Airspan Networks Mimosa product line server-side request forgery Platforms Affected:Airspan Networks MMP 1.0.2 Airspan Networks PTP 2.8.6.0 Airspan Networks...
