Credit to Author: Christopher Boyd| Date: Thu, 17 Mar 2022 13:25:43 +0000
We offer up some thoughts on where new and continuing attacks in the world of cloud may occur, alongside linking some current examples.
The post Clouding the issue: what cloud threats lie in wait in 2022? appeared first on Malwarebytes Labs.
Read moreCredit to Author: Christopher Boyd| Date: Wed, 09 Mar 2022 10:19:48 +0000
An automation issue with Azure services could lead to compromised managed identity tokens.
The post Azure AutoWarp brings automation headaches appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Mon, 16 Mar 2020 15:00:00 +0000
 | |
| We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data. Categories: Tags: APTAPT36coronaviruscoronavirus malwarecovid-19credential stealercrimson ratexploitexploitsinfo-stealermacromalicious macromalwarenation-state attackratremote administration toolSocial Engineeringspear phishingspear phishing attacktransparent tribe |
The post APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT appeared first on Malwarebytes Labs.
Read more
Credit to Author: SophosLabs Offensive Security| Date: Tue, 14 Jan 2020 18:15:18 +0000
This month’s big security news from Microsoft is the end of support for Windows 7, and a patch of a cryptographic library<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/wiyw9sHJyLE” height=”1″ width=”1″ alt=””/>
Read moreCredit to Author: Malwarebytes Labs| Date: Thu, 19 Dec 2019 18:03:33 +0000
 | |
| As the 2010s come to a close, we take a snarky walk down memory lane, listing the craziest, most impactful, or simply just awful cybersecurity fails of the decade. Categories: Tags: ashley madisonashley madison hackBadRabbitcambridge analyticacryptolockercryptolocker ransomwareData privacyEdward Snowdenemotetexploitsfacebookhacktivismmat honanNotPetyaNSAnsa spyingnsa surveillanceNSA toolsplaystation breachplaystation hackransomwareryukRyuk ransomwaresecurity failsshadow brokerssocial mediasonysony pictures hacksurveillancetarget breachtarget hacktrickbottriple threatWannaCry |
The post A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s appeared first on Malwarebytes Labs.
Read more
Credit to Author: Kaspersky Team| Date: Mon, 04 Nov 2019 16:23:32 +0000
A Chrome vulnerability already exploited by attackers gets patched. We recommend updating your browser right now.
Read moreCredit to Author: Pieter Arntz| Date: Fri, 18 Oct 2019 16:36:36 +0000
 | |
| After a vulnerability in a popular business VPN solutions was discussed at length and an easy to use exploit is availbale, organizations still fail to apply the patch. What’s up? Categories: Tags: cybercriminalsexploitexploit kitsexploitspatchpatchingpulsevpnvulnerabilitiesvulnerability |
The post Pulse VPN patched their vulnerability, but businesses are trailing behind appeared first on Malwarebytes Labs.
Read more
Credit to Author: SophosLabs Offensive Security| Date: Wed, 09 Oct 2019 20:00:31 +0000
A relatively low number of vulnerabilities were addressed in this month’s Windows update rollups<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/kC7qjGbuUh8″ height=”1″ width=”1″ alt=””/>
Read more