State-Sponsored Threat Actors Target Security Researchers
This blog was co-authored by Caitlin Condon, VRM Security Research Manager, and Bob Rudis, Senior Director and Chief Security Data...
This blog was co-authored by Caitlin Condon, VRM Security Research Manager, and Bob Rudis, Senior Director and Chief Security Data...
A vulnerability in the video-sharing social networking service TikTok could have allowed hackers to steal users’ private personal information. Developers at ByteDance,...
Google TAG is warning that North Korea-linked hackers targeting security researchers through social media. Google Threat Analysis Group (TAG) is...
Dutch police arrested two individuals for allegedly selling COVID-19 patient data stolen from the Dutch health ministry. Dutch police have...
Packaging giant WestRock disclosed a ransomware attack that impacted its information technology (IT) and operational technology (OT) systems. American corrugated packaging company...
Zscaler’s research team recently spotted a Linux-based malware family, tracked as DreamBus botnet, targeting Linux servers. Researchers at Zscaler’s ThreatLabZ...
Summary: An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c...
Summary: openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause...
Summary: Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a...
Summary: Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access....
Summary: Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl...
Last week on Malwarebytes Labs, we looked at changes to WhatsApp’s privacy policy, we provided information about Malwarebytes being targeted...
 North Korea is excelling in a field of cybercrime with each passing day despite the tight economic sanctions levied by...
 On Thursday evening, the Russian government released a security notice to Russian firms warning of possible US-led cyber-attacks following the...
 SonicWall revealed on Friday night that, highly sophisticated threat actors assaulted its internal systems by abusing a probable zero-day flaw...
C-shellcode to hex converter. Handy tool for paste & execute shellcodes in gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger &...
One of the major struggles in bug bounty hunting is to collect and analyze data during reconnaissance, especially when there...
As vice president and head of global security at ActiveCampaign, I’m fortunate to be able to draw on a multitude...
Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving...
Tesla has accused a former employee, a software engineer, of downloading about 26,000 sensitive files and transferring them on his...
A well-known threat actor has leaked data belonging to 2.28 million users registered on the dating website MeetMindful. ZDNet first reported...
Summary: An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged...
Summary: Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with...
Summary: The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause...