Avaddon Ransomware gang hacked France-based Acer Finance and AXA Asia
Avaddon ransomware gang has breached the France-based financial consultancy firm Acer Finance. Avaddon ransomware gang made the headlines again, the...
threatintel
A week in security (May 10 – 16)
Last week on Malwarebytes Labs, we watched and reported on the Colonial Pipeline ransomware attack as developments of its story...
Beware of Lorenz Ransomware Gang Targeting Organizations with Customized Attacks
Security researchers have unearthed a new ransomware operation known as Lorenz targeting organizations worldwide with customized attacks and demanding hundreds...
Signal Taunts WhatsApp as Confusion Looms Large Over its New Privacy Policy
WhatsApp will take action against users who have not approved the privacy policy though it will not delete users' accounts...
Remote Access Trojans Target Aerospace and Travel Industries
Earlier this week, Microsoft Security Intelligence tweeted that somehow a remote access Trojan (RAT) campaign was being tracked by them...
FIN7 is Spreading a Backdoor Called Lizar
Under the pretext of being a Windows pen-testing platform for ethical hackers, the infamous FIN7 cybercrime gang, a financially motivated...
DFIR-O365RC – PowerShell Module For Office 365 And Azure AD Log Collection
PowerShell module for Office 365 and Azure AD log collectionModule description The DFIR-O365RC PowerShell module is a set of functions...
Red-Kube – Red Team K8S Adversary Emulation Based On Kubectl
Red Kube is a collection of kubectl commands written to evaluate the security posture of Kubernetes clusters from the attacker's...
Two flaws could allow bypassing AMD SEV protection system
The chipmaker AMD published guidance for two new attacks against its SEV (Secure Encrypted Virtualization) protection technology. Chipmaker AMD has...
MSBuild tool used to deliver RATs filelessly
Hackers abuses Microsoft Build Engine (MSBuild) to filelessly deliver malware on targeted Windows systems, including RAT and password-stealer. Researchers from...
Security Affairs newsletter Round 314
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Pakistan-linked Transparent Tribe APT expands its arsenal
Alleged Pakistan-Linked cyber espionage group, tracked as Transparent Tribe, targets Indian entities with a new Windows malware. Researchers from Cisco...
Beware of eCh0raix Ransomware Attacks, QNAP Warns Customers
QNAP warned its users of an actively exploited Roon Server zero-day vulnerability and eCh0raix ransomware attacks that are targeting its...
Washington DC Police Hit by the Worst Ransomware Ever
In the U.S. capital, the police department experienced a major information leak after declining to satisfy the extortion demands of...
Flipkart Users to Reset Passwords to Avoid Fraud: Cyber Expert
A data breach occurred recently at the e-commerce sites Flipkart and BigBasket. According to reports, BigBasket's latest data breach revealed...
Toshiba Unit Hacked by DarkSide
The DarkSide criminal gang, which was also responsible for the assault on Colonial Pipeline, which triggered widespread gas shortages and...
CIMplant – C# Port Of WMImplant Which Uses Either CIM Or WMI To Query Remote Systems
C# port of WMImplant which uses either CIM or WMI to query remote systems. It can use provided credentials or...
Httpx – A Fast And Multi-Purpose HTTP Toolkit Allows To Run Multiple Probers Using Retryablehttp Library, It Is Designed To Maintain The Result Reliability With Increased Threads
httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to...
European police dismantle major online investment fraud ring that causes €30 Million in losses
A joint operation of European law enforcement agencies and coordinated by Europol dismantled a criminal ring involved in investment fraud....
Major hacking forums XSS and Exploit ban ads from ransomware gangs
XSS forum (previously known as DaMaGeLab) one of the most popular hacking forums, announced that it would ban the ads...
QNAP warns of eCh0raix ransomware and Roon Server zero-day attacks
QNAP warns of an actively exploited Roon Server zero-day flaw and eCh0raix ransomware attacks on its NAS devices. QNAP warns...
Scheme flooding fingerprint technique may deanonymize Tor users
FingerprintJS experts devised a fingerprinting technique, named scheme flooding, that could allow identifying users across different desktop browsers, including the...
Darkside gang lost control of their servers and funds
The operators of the Darkside ransomware announced that they have lost control of their infrastructure and part of the funds...
Gamers level up with rewards for better security
There was a time when stolen gaming accounts were almost treated as a fact of life. Console hacks weren’t taken...
