CVE-2020-26999
Summary: A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications...
CVE-2020-27001
Summary: A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications...
CVE-2020-27002
Summary: A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications...
CVE-2021-31616
Summary: Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted...
A week in security (May 10 – 16)
Last week on Malwarebytes Labs, we watched and reported on the Colonial Pipeline ransomware attack as developments of its story...
Beware of Lorenz Ransomware Gang Targeting Organizations with Customized Attacks
 Security researchers have unearthed a new ransomware operation known as Lorenz targeting organizations worldwide with customized attacks and demanding hundreds...
Signal Taunts WhatsApp as Confusion Looms Large Over its New Privacy Policy
 WhatsApp will take action against users who have not approved the privacy policy though it will not delete users' accounts...
Remote Access Trojans Target Aerospace and Travel Industries
 Earlier this week, Microsoft Security Intelligence tweeted that somehow a remote access Trojan (RAT) campaign was being tracked by them...
FIN7 is Spreading a Backdoor Called Lizar
 Under the pretext of being a Windows pen-testing platform for ethical hackers, the infamous FIN7 cybercrime gang, a financially motivated...
DFIR-O365RC – PowerShell Module For Office 365 And Azure AD Log Collection
PowerShell module for Office 365 and Azure AD log collectionModule description The DFIR-O365RC PowerShell module is a set of functions...
Red-Kube – Red Team K8S Adversary Emulation Based On Kubectl
Red Kube is a collection of kubectl commands written to evaluate the security posture of Kubernetes clusters from the attacker's...
Two flaws could allow bypassing AMD SEV protection system
The chipmaker AMD published guidance for two new attacks against its SEV (Secure Encrypted Virtualization) protection technology. Chipmaker AMD has...
MSBuild tool used to deliver RATs filelessly
Hackers abuses Microsoft Build Engine (MSBuild) to filelessly deliver malware on targeted Windows systems, including RAT and password-stealer. Researchers from...
Security Affairs newsletter Round 314
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Pakistan-linked Transparent Tribe APT expands its arsenal
Alleged Pakistan-Linked cyber espionage group, tracked as Transparent Tribe, targets Indian entities with a new Windows malware. Researchers from Cisco...
CVE-2021-21232
Summary: Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit...
CVE-2021-21232
Summary: Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit...
CVE-2021-21233
Summary: Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially...
CVE-2021-21233
Summary: Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially...
CVE-2021-29457
Summary: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files....
CVE-2021-1079
Summary: NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created...
Beware of eCh0raix Ransomware Attacks, QNAP Warns Customers
 QNAP warned its users of an actively exploited Roon Server zero-day vulnerability and eCh0raix ransomware attacks that are targeting its...
Washington DC Police Hit by the Worst Ransomware Ever
 In the U.S. capital, the police department experienced a major information leak after declining to satisfy the extortion demands of...
Flipkart Users to Reset Passwords to Avoid Fraud: Cyber Expert
 A data breach occurred recently at the e-commerce sites Flipkart and BigBasket. According to reports, BigBasket's latest data breach revealed...
