A Closer Look at the Snatch Data Ransom Group

Credit to Author: BrianKrebs| Date: Sat, 30 Sep 2023 19:47:57 +0000

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. Today, we’ll take a closer look at the history of Snatch, its alleged founder, and their claims that everyone has confused them with a different, older ransomware group by the same name.

Read more

Two Apple issues added by CISA to its catalog of known exploited vulnerabilities

Categories: Exploits and vulnerabilities

Categories: News

Tags: Blastpass

Tags: citizenlab

Tags: pegasus

Tags: nso

Tags: cisa

Tags: apple

Tags: cve-2023-41064

Tags: cve-2023-41061

Tags: buffer overflow

CISA has added two recently discovered Apple vulnerabilities to its catalog of known exploited vulnerabilities.

(Read more…)

The post Two Apple issues added by CISA to its catalog of known exploited vulnerabilities appeared first on Malwarebytes Labs.

Read more

Zimbra issues awaited patch for actively exploited vulnerability

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZCS

Tags: CVE-2023-38750

Tags: CISA

Tags: CVE-2023-0464

Tags: TAG

Tags: XSS

Tags: JSP

Tags: XML

Tags:

Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files.

(Read more…)

The post Zimbra issues awaited patch for actively exploited vulnerability appeared first on Malwarebytes Labs.

Read more

Reducing your attack surface is more effective than playing patch-a-mole

Categories: News

Tags: CISA

Tags: BOD 23-02

Tags: Internet exposed

Tags: management interfaces

Tags: vulnerabilities

Tags: CVE-2023-27992

Tags: CVE-2023-20887

There is a lot to be said for the strategy of shielding management interfaces from public internet access

(Read more…)

The post Reducing your attack surface is more effective than playing patch-a-mole appeared first on Malwarebytes Labs.

Read more

LockBit ransomware advisory from CISA provides interesting insights

Categories: News

Categories: Ransomware

Tags: CISA

Tags: LockBit

Tags: stats

Tags: RaaS

A joint advisory published by CISA, the FBI and many others shows some interesting stats that align with data found by Malwarebytes.

(Read more…)

The post LockBit ransomware advisory from CISA provides interesting insights appeared first on Malwarebytes Labs.

Read more

CISA Order Highlights Persistent Risk at Network Edge

Credit to Author: BrianKrebs| Date: Thu, 15 Jun 2023 15:40:09 +0000

The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Read more

A week in security (May 22-28)

Categories: News

Tags: Cisco

Tags: Zyxel

Tags: ChatGPT

Tags: Malvertising

Tags: Apple

Tags: Google

Tags: insider threat

Tags: Pentagon explosion

Tags: CISA

Tags: ransomware guide

Tags: Rheinmetall

Tags: BlackBasta

Tags: WordPress

A list of topics we covered in the week of May 22- 28 of 2023

(Read more…)

The post A week in security (May 22-28) appeared first on Malwarebytes Labs.

Read more

Update now! Ruckus vulnerability added to CISA’s list of actively exploited bugs

Categories: Exploits and vulnerabilities

Categories: News

Tags: Ruckus

Tags: CISA

Tags: AndoryuBot

Tags: CVE-2023-25717

Tags: 163.123.142.146

CISA has added a Ruckus vulnerability being abused by the AndoryuBot botnet to its catalog.

(Read more…)

The post Update now! Ruckus vulnerability added to CISA’s list of actively exploited bugs appeared first on Malwarebytes Labs.

Read more

Oracle WebLogic Server vulnerability added to CISA list as “known to be exploited”

Categories: Exploits and vulnerabilities

Categories: News

Tags: Oracle

Tags: WebLogic

Tags: CVE-2023-21839

Tags: CVE-2023-1389

Tags: CVE-2021-45046

Tags: CISA

Tags: reverse shell

An easy to exploit vulnerability in Oracle WebLogic Server has been added to the CISA list of things you really, really need to patch.

(Read more…)

The post Oracle WebLogic Server vulnerability added to CISA list as “known to be exploited” appeared first on Malwarebytes Labs.

Read more