FBI, CISA, NSA published a joint advisory on BlackMatter ransomware operations
FBI, CISA, NSA have published a joint advisory about the operation of the BlackMatter ransomware gang and provides defense recommendations....
threatintel
Trustwave released a free decryptor for the BlackByte ransomware
Trustwave’s SpiderLabs researchers have released a free decryptor for the BlackByte ransomware that can allow victims to recover their files....
Lyceum group reborn
This year, we had the honor to be selected for the thirty-first edition of the Virus Bulletin conference. During the...
US-CERT Bulletin (SB21-291):Vulnerability Summary for the Week of October 11, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Inceptor – Template-Driven AV/EDR Evasion Framework
Modern Penetration testing and Red Teaming often requires to bypass common AV/EDR appliances in order to execute code on a...
TeamTNT Deploys Malicious Docker Image On Docker Hub
The Uptycs Threat Research Team spotted a campaign in which the TeamTNT threat actors deployed a malicious container image on...
Prometheus endpoint unprotected installs could expose sensitive data
Experts discovered several unprotected installs of open source event monitoring solution Prometheus that may expose sensitive data. JFrog researchers have...
“Killware”: Is it just as bad as it sounds?
On October 12, after interviewing US Secretary of Homeland Security Alejandro Mayorkas, USA TODAY’s editorial board warned its readers about...
Multiple vulnerabilities in popular WordPress plugin WP Fastest Cache
Multiple vulnerabilities have been found in the popular WordPress plugin WP Fastest Cache during an internal audit by the Jetpack...
A week in security (Oct 11 – Oct 17)
Last week on Malwarebytes Labs Google warns some users that FancyBear’s been prowling aroundInside Apple: How macOS attacks are evolvingThe...
Sinclair TV stations downtime allegedly caused by a ransomware attack
A ransomware attack is likely the cause of the recent downtime for TV stations owned by the Sinclair Broadcast Group...
ImpulsiveDLLHijack – C# Based Tool Which Automates The Process Of Discovering And Exploiting DLL Hijacks In Target Binaries
C# based tool which automates the process of discovering and 4. Examples:Target Executable: OneDrive.exeStage: DiscoveryStage: ExploitationSuccessful DLL Hijacks: Unsuccessful DLL Hijacks: DLL...
REvil ransomware operation shuts down once again
It seems that the REvil ransomware operation has shut down once again after a threat actor has hijacked their Tor...
Experts spotted an Ad-Blocking Chrome extension injecting malicious ads
Researchers warn of an Ad-Blocking Chrome extension that was abused by threat actors to Injecting Ads in Google search pages....
Fapro – Free, Cross-platform, Single-file mass network protocol server simulator
FaPro is a Fake Protocol Server tool, Can easily start or stop multiple network services.The goal is to support as...
Experts hacked a fully patched iOS 15 running on iPhone 13 at China’s Tianfu Cup hacking contest
White hat hackers earned $1.88 million at the Tianfu Cup hacking contest by finding vulnerabilities in popular software. The Tianfu...
Twitch security breach had minimal impact, the company states
Twitch provided an update for the recent security breach, the company confirmed that it only had a limited impact on...
DorkScout – Golang Tool To Automate Google Dork Scan Against The Entiere Internet Or Specific Targets
dokrscout is a tool to automate the finding of Install wordliststo start scanning you'll need some dork lists and to...
Ecuador’s Banco Pichincha has yet to recover after recent cyberattack
The customers of Banco Pichincha, the largest bank in Ecuador, are still experiencing service disruptions after a massive cyberattack hit...
Trickbot spreads malware through new distribution channels
TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The operators behind the infamous TrickBot...
Domain-Protect – Protect Against Subdomain Takeover
Protect Against Subdomain Takeoverscans Amazon Route53 across an AWS Organization for domain records vulnerable to takeovervulnerable domains in Google Cloud...
Russia-Linked TA505 targets financial institutions in a new malspam campaign
Russia-linked TA505 group leverages a lightweight Office file to spread malware in a campaign, tracked as MirrorBlast, aimed at financial...
Packet-Sniffer – A pure-Python Network Packet Sniffing Tool
A simple pure-Python network packet sniffer. Packets are disassembled as they arrive at a given network interface controller and their...
US Treasury FinCEN linked $5.2 billion in BTC transactions to ransomware payments
The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) linked roughly $5.2 billion worth of Bitcoin transactions to ransomware. The...
