An In-Depth Look at ICS Vulnerabilities Part 2
In part two of our three-part series, we continue to analyze vulnerabilities using MITRE ATT&CK. We also look into the sectors affected and their risk levels.
Month: April 2022
Blockchains Have a ‘Bridge’ Problem, and Hackers Know It
Credit to Author: Lily Hay Newman| Date: Sun, 03 Apr 2022 11:00:00 +0000
Blockchain bridges are a crucial piece of the cryptocurrency ecosystem, which makes them prime targets for attacks.
Read moreYou Need a Password Manager. Here Are the Best Ones
Credit to Author: Scott Gilbertson| Date: Sat, 02 Apr 2022 13:00:00 +0000
Keep your logins locked down with our favorite apps for PC, Mac, Android, iPhone, and web browsers.
Read moreFake Cops Scammed Apple and Meta to Get User Data
Credit to Author: Andrew Couts, Lily Hay Newman| Date: Sat, 02 Apr 2022 13:00:00 +0000
Plus: Lapsus$ teens hit with charges, Wyze’s security screwup, and Russia’s cyber rampage.
Read moreNew UAC-0056 activity: There’s a Go Elephant in the room
Credit to Author: Threat Intelligence Team| Date: Fri, 01 Apr 2022 21:44:40 +0000
In late March, the cyber espionage group UNC2589 also known as SaintBear launched a spear phishing campaign targeting several entities in Ukraine. In this blog we review this attack and the intended payloads.
The post New UAC-0056 activity: There’s a Go Elephant in the room appeared first on Malwarebytes Labs.
Read moreThis Week in Security News – April 1, 2022
Credit to Author: Jon Clay| Date: Fri, 01 Apr 2022 00:00:00 +0000
Probing the activities of cloud-based cryptocurrency-mining groups, and Lapsus$ ‘back from vacation’
Read moreGlobant suffers network breach due to LAPSUS$ compromise
Credit to Author: Jovi Umawing| Date: Fri, 01 Apr 2022 18:56:37 +0000
LAPSUS$ is a young group believed to be ran by teenagers. In their latest heist, they leaked data from Globant, a software firm.
The post Globant suffers network breach due to LAPSUS$ compromise appeared first on Malwarebytes Labs.
Read moreUpdate now! Apple patches two zero-day vulnerabilities that may have been actively exploited
Credit to Author: Pieter Arntz| Date: Fri, 01 Apr 2022 18:43:44 +0000
Apple released security updates for macOS Monterey 12.3.1, iOS 15.4.1, iPadOS 15.4.1, tvOS 15.4.1, and watchOS 8.5.1 patching 2 vulnerabilities that may have been exploited in the wild.
The post Update now! Apple patches two zero-day vulnerabilities that may have been actively exploited appeared first on Malwarebytes Labs.
Read moreHive ransomware impacts California non-profit health organisation
Credit to Author: Christopher Boyd| Date: Fri, 01 Apr 2022 18:33:43 +0000
We look at a developing story where Hive ransomware has heavily impacted a non-profit healthcare organisation.
The post Hive ransomware impacts California non-profit health organisation appeared first on Malwarebytes Labs.
Read more“VMware Spring Cloud Function” Java bug gives instant remote code execution – update now!
Credit to Author: Paul Ducklin| Date: Wed, 30 Mar 2022 20:38:07 +0000
Easy unauthenticated remote code execution – PoC code already out
Read more