Reindeer Leak Personal Data of 3,00,000 Users In A Breach
WizCase's cybersecurity group discovered a prominent breach impacting Reindeer, an American marketing company that previously worked with Tiffany & Co.,...
threatintel
NSA Issues Warning Concerning Public Wi-Fi Networks
National Security Agency cautioned public servants against hackers that can benefit from public Wi-Fi in coffee shops, airports, and hotel...
Karton – Distributed Malware Processing Framework Based On Python, Redis And MinIO
Distributed malware processing framework based on Python, Redis and MinIO. The ideaKarton is a robust framework for creating flexible and...
UnhookMe – An Universal Windows API Resolver And Unhooker Addressing Problem Of Invoking Unmonitored System Calls From Within Of Your Red Teams Malware
In the era of intrusive AVs and EDRs that introduce hot-patches to the running processes for their enhanced optics requirements,...
New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors
A new variant of the eCh0raix ransomware is able to target Network-Attached Storage (NAS) devices from both QNAP and Synology vendors....
Microsoft Azure Sentinel uses Fusion ML to detect ransomware attacks
Microsoft Azure Sentinel cloud-native SIEM (Security Information and Event Management) platform used the Fusion machine learning model to detect ransomware...
FlyTrap, a new Android Trojan compromised thousands of Facebook accounts
Experts spotted a new Android trojan, dubbed FlyTrap, that compromised Facebook accounts of over 10,000 users in at least 144...
StealthWorker botnet targets Synology NAS devices to drop ransomware
Taiwanese vendor Synology has warned customers that the StealthWorker botnet is targeting their NAS devices to deliver ransomware. Taiwan-based vendor...
Home routers are being hijacked using vulnerability disclosed just 2 days ago
The early bird catches the worm. Unless the worm was early enough to hide. On August 3, 2021 a vulnerability...
A week in security (August 2 – August 8)
Last week on Malwarebytes Labs: RDP brute force attacks explainedThe 3 biggest threats reaching for your antivirus software’s off switchZoom and gloom?...
12-Year-Old Authentication Bypass Vulnerability Could Allow Network Compromise
At least 20 router models have been found to have a 12-year-old authentication bypass vulnerability that might allow attackers to...
DHS Called On Hackers to Join Government During Black Hat Speech
Department of Homeland Security Secretary Alejandro Mayorkas at a conference of Black Hat motivated participants to come forward and share...
Experts Discover Promotheus TDS, An Underground MaaS
Cybersecurity experts from Group-IB in its technical research on Promotheus TDS, an underground MaaS (Malware as a service), found that...
The ‘Interaction-Less’ Flaws in Messaging Apps Allowed Hackers to Eavesdrop
Last week, at the Black Hat security conference in Las Vegas, Google’s Project Zero researcher, Natalie Silvanovich presented her findings...
BHUSA: Windows Hello Passwordless Bypass Disclosed
Passwords are usually a vulnerable spot in security, which is why alternatives like Microsoft Hello, which gives a passwordless approach...
ADCSPwn – A Tool To Escalate Privileges In An Active Directory Network By Coercing Authenticate From Machine Accounts And Relaying To The Certificate Service
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts (Petitpotam) and relaying to...
Sigurlfind3R – A Reconnaissance Tool, It Fetches URLs From AlienVault’s OTX, Common Crawl, URLScan, Github And The Wayback Machine
sigurlfind3r is a passive reconnaissance tool, it fetches known URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback...
City of Joplin paid a 320K ransom after a ransomware Attack
A ransomware attack hit City of Joplin forcing the IT staff to shutdown the City computer. Finally the insurer for...
Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks
The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber...
Threat actors are probing Microsoft Exchange servers for ProxyShell flaws
Threat actors are actively scanning for the Microsoft Exchange ProxyShell RCE flaws after technical details were released at the Black Hat...
1M compromised cards available for free in the underground market
Group-IB detected an unconventional post on several carding forums containing links to a file containing 1 million compromised cards. On...
Taiwanese Computer Hardware Company Gigabyte Suffers Ransomware Attack
Gigabyte, a motherboard developing company from Taiwan and also a hardware giant was attacked by the RansomExx ransomware hacking group,...
Golang Cryptomining Worm Offers 15% Speed Boost
Cybersecurity intelligence at the security firm Intezer has discovered a new Golang-based worm that is attacking Windows and Linux servers...
Personal Information of 2,000 FOID Cardholders Compromised in ISP Website Breach
The Illinois State Police are notifying Firearm Owners Identification cardholders regarding a possible data breach after attackers attempted to breach...
