February 2022 – Page 21 – PossibleThreat Articles

Samba patches critical vulnerability that allows remote code execution as root

February 2, 2022 0 Comments cve-2022-44142, cvss, Exploits and vulnerabilities, netatalk, samba, smb, vfs_fruit

Credit to Author: Pieter Arntz| Date: Tue, 01 Feb 2022 15:22:52 +0000

Developers of Samba, the free SMB networking protocol, have issued a security update that patches one very high rating vulnerability in the VFS module vfs_fruit.

Categories: Exploits and vulnerabilities

Tags: cve-2022-44142 CVSS Netatalk samba SMB vfs_fruit

MalwareBytes Security

Duo of Android dropper and payload target certain countries and app users

February 2, 2022 0 Comments "2fa authenticator", Android, android dropper, android malware, brata, brunhilda, c2, command & control, Google Play Store, ngrok, pradeo, project brunhilda, threatfabric, virtual network computing, vnc, vultur

Credit to Author: Jovi Umawing| Date: Tue, 01 Feb 2022 13:32:37 +0000

A yet unnamed Android malware is spotted in Google’s Play Store. After profiling its target, it drops Vultur, a newish RAT.

Categories: Android

Tags: "2FA Authenticator"Android dropper android malware BRATA Brunhilda C2 command & control Google Play Store ngrok Pradeo Project Brunhilda ThreatFabric virtual network computing vnc vultur

MalwareBytes Security

Android malware BRATA can wipe devices

February 2, 2022 0 Comments Android, android banking trojan, android malware, android rat, brata, brazilian remote access tool android, cleafy, gps tracking, keylogging, persistent c2 communication, phishing, smishing, vnc

Credit to Author: Malwarebytes Labs| Date: Tue, 01 Feb 2022 11:23:04 +0000

The BRATA Android RAT has some alarming new capabilities.

Categories: Android

Tags: Android banking Trojan android malware android rat BRATA Brazilian Remote Access Tool Android Cleafy GPS tracking keylogging persistent C2 communication phishing smishing vnc

(Read more…)

The post Android malware BRATA can wipe devices appeared first on Malwarebytes Labs.

MalwareBytes Security

Apply those updates now: CVE bypass offers up admin privileges for Windows 10

February 2, 2022 0 Comments CVE, cve-2022-21882, Exploit, hack, Malwarebytes news, Microsoft, Patch, phish, update, Windows 10

Credit to Author: Malwarebytes Labs| Date: Tue, 01 Feb 2022 11:07:29 +0000

A CVE bypass offers up the possibility of admin privileges on Windows 10 machines. Find out what’s happened, and how you can avoid it.

Categories: Malwarebytes news

Tags: CVE CVE-2022-21882 exploit hack microsoft patch phish update windows 10

MalwareBytes Security

How a few PhD students revealed that phishing trainings might just not work: Lock and Code S03E03

February 2, 2022 0 Comments contextual training, embedded training, lock and code, lock and code podcast, phishing, phishing defenses, phishing training, Podcast

Credit to Author: Malwarebytes Labs| Date: Mon, 31 Jan 2022 17:06:00 +0000

This week on Lock and Code, with host David Ruiz, we discuss why immediate trainings for employees who fail phishing tests might not work.

Categories: Podcast

Tags: contextual training embedded training lock and code lock and code podcast phishing phishing defenses phishing training podcast

MalwareBytes Security

Actor’s verified Twitter profile hijacked to spam NFT giveaways

February 2, 2022 0 Comments ape, cat, hijacked, Malwarebytes news, metaverse, nft, Spam, twitter

Credit to Author: Christopher Boyd| Date: Mon, 31 Jan 2022 11:37:04 +0000

We’re seeing verified Twitter profiles compromised to push NFT sales and giveaways. How did it happen, and how can you protect yourself?

Categories: Malwarebytes news

Tags: ape cat hijacked Metaverse NFT spam twitter

MalwareBytes Security

A week in security (January 24 – 30)

February 2, 2022 0 Comments A week in security, deadbolt, qnap, Ransomware

Credit to Author: Malwarebytes Labs| Date: Mon, 31 Jan 2022 10:52:27 +0000

The most important and interesting security stories from the last seven days.

Categories: A week in security

Tags: deadbolt qnap ransomware

(Read more…)

The post A week in security (January 24 – 30) appeared first on Malwarebytes Labs.

MalwareBytes Security

[updated]QNAP update stops Deadbolt ransomware, annoys some users, starts debate

February 2, 2022 0 Comments deadbolt, forced update, icsci, NAS, qnap, Ransomware

Credit to Author: Pieter Arntz| Date: Fri, 28 Jan 2022 16:32:41 +0000

After several warnings to their user and thousands of victims, QNAP pushed out a forced update to their NAS devices.

Categories: Ransomware

Tags: deadbolt forced update icsci nas qnap ransomware

Security TrendMicro

The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It

February 2, 2022 0 Comments trend micro research : articles, news, reports, trend micro research : cyber threats, trend micro research : endpoints, trend micro research : exploits & vulnerabilities, trend micro research : iot, trend micro research : network

Information on the latest Samba vulnerability and how to protect systems against the threats that can exploit it.

MalwareBytes Security

Big Mother is watching: What parents REALLY think about tracking their kids

February 2, 2022 0 Comments child safety, Malwarebytes news, monitoring, parents, Privacy

Credit to Author: Mark Stockley| Date: Fri, 28 Jan 2022 09:01:00 +0000

A new Malwarebytes survey lifts the lid on how parents are using technology to monitor their children’s activity.

Categories: Malwarebytes news Privacy

Tags: child safety monitoring parents