Avaddon ransomware campaign prompts warnings from FBI, ACSC
Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an...
Security
GitHub Announced Security Key Support for SSH Git Operations
When using Git over SSH, GitHub, the ubiquitous host for software creation and version control (and unfortunate victim of a...
Short story about Clubhouse user scraping and social graphs
TL;DRDuring this RedTeam testing, Hexway team used Clubhouse as a social engineering tool to find out more about their client’s...
VAST – Visibility Across Space And Time
The network telemetry engine for data-driven security investigations. Getting Started — Installation — Documentation — Development — Changelog — License...
Baserunner – A Tool For Exploring Firebase Datastores
A tool for exploring and exploiting Firebase datastores.Set upgit clone https://github.com/iosiro/baserunner.git cd baserunner npm install npm run build npm start...
City of Chicago Emails Compromised During Data Transfer To Law Firm
The city of Chicago on Friday said that employee emails were stolen in a Jones Day data breach during a...
Chinese hackers attacked a Russian developer of military submarines
Chinese hackers reportedly attacked the Rubin Central Design Bureau for Marine Engineering (СKB Rubin), which designs submarines for the Russian...
$2 Million Cryptocurrency Controversy Linked with WallStreetBets Investors
As per a Bloomberg News story, at least $2 million of a cryptocurrency conspiracy was recently tossed from investors of...
Researchers Flag Serious Authentication Bypass Vulnerability After Pega Infinity Hotfix Released
After security researchers discovered a flaw in the Pega Infinity enterprise software platform, users are being advised to upgrade their...
Apple Covered a Mass Hack on 128 Million iPhone Users in 2015
Apple and Epic are now embroiled in a legal dispute, and as a result, some shocking material has surfaced on...
Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015
Court documents revealed that the infamous XcodeGhost malware, which has been active since 2015, infected 128 million iOS users. Documents provided in...
Google open sources cosign tool for verifying containers
Google has released a new open-source tool called cosign that could allow administrators to sign and verify the container images....
FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks
The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. The...
FBI confirmed that Darkside ransomware gang hit Colonial Pipeline
The U.S. FBI confirmed that the attack against the Colonial Pipeline over the weekend was launched by the Darkside ransomware...
Alleviating ransomware’s legal headaches with Jake Bernstein: Lock and Code S02E08
This week on Lock and Code, we speak to cybersecurity and privacy attorney Jake Bernstein about ransomware attacks that don’t...
Ransomware attack shuts down Colonial Pipeline fuel supply
UPDATE 10:47 AM Pacific Time, May 10: At 8:55 AM Pacific Time, the FBI confirmed that Colonial Pipeline was attacked...
A week in security (May 3 – 9)
Last week on Malwarebytes Labs, we discussed how Spectre attacks have come back from the dead; why Facebook banned Instragram...
Sloppiness of Student Allows Ryuk Ransomware to Target Bio Research Institute
Cybersecurity vendor Sophos has revealed how using a 'crack' version of a data visualization tool was the cause of a...
Russian Actors Change Techniques After UK and US Agencies Expose Them
After the western agencies outed their techniques, Russian actors from the APT29 group responded to the expose by using a...
CaptureRx Ransomware Hit Multiple Healthcare Provider Clients
CaptureRx, a world-leading San Antonio-based Healthcare technology organization has recently witnessed a ransomware attack wherein hackers accessed the protected health...
Vulnerabilities Exposed Pelton User Data
Special security research published this week, states that unauthorized users might have been able to access confidential user information through...
Colonial Hackers Stole Data on Thursday Ahead of Shutdown
The hackers who caused Colonial Pipeline to shut down the biggest US petrol pipeline last Friday began their blitz against...
DDoS attacks in Q1 2021
News overview Q1 2021 saw the appearance of two new botnets. News broke in January of the FreakOut malware, which...
DNSObserver – A Handy DNS Service Written In Go To Aid In The Detection Of Several Types Of Blind Vulnerabilities
A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors...
