Andariel evolves to target South Korea with ransomware
Executive summary In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed...
threatintel
TChopper – Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine
New technique I have discovered recently and give it a nickname (Chop chop) to perform lateral movement using windows services...
A2P2V – Automated Attack Path Planning and Validation
Automated Attack Path Planning and Validation (A2P2V) is a planning and cyber-attack tool that provides the capability for users to...
Former NSA contractor Reality Winner who leaked gov report will be released on November
Reality Winner, a former NSA contractor who leaked classified documents to the press in 2017, has been released from prison...
Instagram flaw allowed to see private, archived Posts/Stories of users without following them
Instagram has addressed a new flaw that allowed anyone to access private accounts viewing archived posts and stories without having...
Wear your MASQ! New Device Fingerprint Spoofing Tool Available in Dark Web
The MASQ tool could be used by attackers to emulate device fingerprints thus allowing them to bypass fraud protection controls The...
REvil ransomware gang hit US nuclear weapons contractor Sol Oriens
The REvil ransomware gang made the headlines again, the group hit the US nuclear weapons contractor Sol Oriens and stole...
Apple fixed 2 WebKit flaws exploited to target older iPhones
Apple released an out-of-band iOS update for older iPhones and iPads and warned that threat actors are actively exploiting two...
Microsoft experts disrupted a large-scale BEC campaign
Microsoft disrupted a large-scale business email compromise (BEC) campaign that used forwarding rules to access messages related to financial transactions....
Fotolog – 16,717,854 breached accounts
In December 2018, the photo sharing social network Fotolog suffered a data breach that exposed 16.7 million unique email addresses....
Another one bites the dust: Avaddon ransomware group shuts down operation
Are you seeing some pattern here? In what could be a called “shocking news” on Friday, BleepingComputer revealed that the...
Working from home? You’re probably being spied on
One year ago, as countless employees settled into new routines for working from home (WFH), a Reddit user shared a...
How to delete your Instagram account
Although sharing your day’s highlights in snapshots and videos on Instagram can be entertaining, some people claim to feel happier...
A week in security (June 7 – June 13)
Last week on Malwarebytes Labs: Amazon SIdewalk starts sharing your WiFi data tomorrow, thanksWhite hat, black hat, grey hat hackers:...
CyRC Identifies Three Major DoS Flaws in Popular Open Source Message Brokers
Synopsys Cybersecurity Research Centre (CyRC) has warned organizations of easily triggered denial-of-service (DoS) vulnerabilities in three widely used open-source message...
New Cyber Espionage Group Targeting Ministries of Foreign Affairs
Researchers unveiled a new cyber espionage group on Thursday, which is behind the series of targeted operations attacking diplomatic entities...
By Tempering Apps In Samsung, Hackers can Spy the Users
Hackers can now snoop on users by manipulating the pre-installed Samsung apps. Hackers can monitor users and probably control the whole...
Cisco Smart Install Protocol is Still Being Exploited in Cyber-Attacks
Five years after Cisco issued its first warning, the Smart Install protocol is still being utilized in assaults, and there...
defenselessV1 – Just Another Vulnerable Web Application
Defenseless is a vulnerable web application written in PHP/MySQL. This is the first version of this application. The purpose of...
Redpill – Assist Reverse Tcp Shells In Post-Exploration Tasks
Project DescriptionThe redpill project aims to assist reverse tcp shells in post-exploration tasks. Often in redteam engagements we need to...
G7 calls on Russia to dismantle operations of ransomware gangs within its borders
The member states of the G7 group have called on Russia and other states to dismantle operations of the ransomware...
Major blackouts across Puerto Rico. Are the DDoS and the fire linked?
A fire and cyberattack hit an electrical substation for the electricity provider Luma Energy, causing major blackouts across Puerto Rico....
BackdoorDiplomacy APT targets diplomats from Africa and the Middle East
ESET researchers discovered an advanced persistent threat (APT) group, tracked as BackdoorDiplomacy, that is targeting diplomats across Africa and the...
Experts mentioned main loophole of Russian companies in cyber attacks
According to experts of the cybersecurity company BI.ZONE (a subsidiary of Sberbank), the main reason for successful cyberattacks on Russian...
