LockFile Ransomware uses a new intermittent encryption technique
Recently emerged LockFile ransomware family LockFile leverages a novel technique called intermittent encryption to speed up encryption. LockFile ransomware gang...
OSINT
Threat actors can remotely disable Fortress S03 Wi-Fi Home Security System
Rapid7 researchers discovered two flaws that can be exploited by attackers to remotely disable one of the home security systems...
ProxyToken: Another nail-biter from Microsoft Exchange
Had I known this season of Microsoft Exchange was going to be so long I’d have binge watched. Does anyone...
HPE: Sudo Flaw Grants Attackers Root Privileges to Aruba Platform
A vulnerability in Sudo, open-source software used within HP's Aruba AirWave management platform, can enable any unprivileged and unauthorized local...
Data From Fujitsu is Being Sold on the Dark Web
An organisation called Marketo is selling data from Fujitsu on the dark web, although the firm claims the information "appears...
Cybersecurity experts called the signs of smartphone hack
Fast discharge of the smartphone, the appearance of strange notifications or spam when the screen is locked, blocking antivirus programs...
T-Mobile CEO Apologizes for Hack of More Than 54 Million Users Data
Mike Sievert, CEO of T-Mobile, is in a spot of bother after a major data breach of the carrier’s servers....
Lockbit Ransomware Suspected Behind the Attacks on Envision Credit Union
Cyberattacks employing a type of ransomware that appeared nearly two years ago have increased in number lately. The ransomware known...
Fpicker – A Frida-based Fuzzing Suite Supporting Various Modes (Including AFL++ In-Process Fuzzing)
fpicker is a Frida-based fuzzing suite that offers a variety of fuzzing modes for in-process fuzzing, such as an AFL++...
Keyhacks – A Repository Which Shows Quick Ways In Which API Keys Leaked By A Bug Bounty Program Can Be Checked To See If They’Re Valid
KeyHacks shows ways in which particular API keys found on a Bug Bounty Program can be used, to check if...
HPE wars customers of Sudo flaw in Aruba AirWave Management Platform
Hewlett Packard Enterprise (HPE) warns of a vulnerability in Sudo open-source program used in its Aruba AirWave management platform. Hewlett Packard...
Threat actors stole $19 million worth of crypto assets from Cream Finance
Crooks have stolen more than $19 million in cryptocurrency assets from Cream Finance, a decentralized finance (DeFi) platform. Threat actors...
Microsoft Exchange ProxyToken flaw can allow attackers to read your emails
ProxyToken is a serious vulnerability in Microsoft Exchange Server that could allow unauthentication attackers to access emails from a target...
A week in security (August 23 – August 29)
Last week on Malwarebytes Labs: Patch now! Microsoft Exchange is being attacked via ProxyShellRealtek-based routers, smart devices are being gobbled...
Phorpiex Malware has Shut Down their Botnet and Put its Source Code for Sale
The Phorpiex malware's creators have shut down their botnet and are selling the source code on a dark web cybercrime...
Ragnarok Ransomware Gang Releases Free Master Decryptor After Shutdown
Ragnarok ransomware group has decided to abandon its operations and has reportedly published the master key that can decrypt files...
Cofense Report Analysis on Phishing Campaign Utilizing Vzwpix
Researchers at the Cofense Phishing Defense Center (PDC) have been able to dig further into the addressing characteristics of one...
Vulnerabilities Detected in Open Source elFinder File Manager
In elFinder, an open-source web file organizer, security researchers from SonarSource identified five flaws that form a severe vulnerability chain.The...
Researchers Discovered a Vulnerability in Microsoft Azure’s Cosmos DB
According to a copy of the email and a cyber security researcher, Microsoft warned thousands of its cloud computing customers,...
Reg1c1de – Registry Permission Scanner For Finding Potential Privesc Avenues Within Registry
Reg1c1de is a tool that scans specified registry hives and reports on any keys where the user has write permissions...
Speakeasy – Windows Kernel And User Mode Emulation
Speakeasy is a portable, modular, binary emulator designed to emulate Windows kernel and user mode malware. Check out the overview...
US DoJ announces the creation of Cyber Fellowship Program
The US DoJ announced a new Cyber Fellowship program for training prosecutors and attorneys on cybersecurity. The US DoJ announced...
ISRAELI FIRM ‘BRIGHT DATA’ (LUMINATI NETWORKS) ENABLED THE ATTACKS AGAINST KARAPATAN
Who is behind the massive and prolonged Distributed Denial of Service (DDoS) attack that hit the Philippine human rights alliance Karapatan?...
CISA urges enterprises to fix Microsoft Azure Cosmos DB flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging enterprises to address the recently disclosed vulnerability in...
