TikTok vulnerability could have allowed hijackers to take over accounts

Categories: News

Tags: Exploit

Tags: vulnerability

Tags: Tik-Tok

Tags: Microsoft

Tags: JavaScript

We take a look at a TikTok exploit discovered by Microsoft and passed on to the social media giant to have fixed.

(Read more…)

The post TikTok vulnerability could have allowed hijackers to take over accounts appeared first on Malwarebytes Labs.

Read more

ChromeOS vulnerability found by Microsoft

Categories: News

Tags: Microsoft

Tags: ChromeOS

Tags: Chrome

Tags: Google

Tags: audio

Tags: bluetooth

Tags: exploit

Tags: vulnerability

Microsoft has released a report detailing a ChromeOS vulnerability reported to Chrome and fixed within a week.

(Read more…)

The post ChromeOS vulnerability found by Microsoft appeared first on Malwarebytes Labs.

Read more

Warning for WordPress admins: uninstall the Modern WPBakery plugin immediately!

Credit to Author: Christopher Boyd| Date: Tue, 19 Jul 2022 12:07:10 +0000

We take a look at a WordPress plugin, abandoned and open to JavaScript related exploitation. Uninstall it now!

The post Warning for WordPress admins: uninstall the Modern WPBakery plugin immediately! appeared first on Malwarebytes Labs.

Read more

CISA Log4Shell warning: Patch VMware Horizon installations immediately

Credit to Author: Christopher Boyd| Date: Mon, 27 Jun 2022 09:54:58 +0000

CISA warns of log4shell being actively exploited to compromise VMware Horizon systems. We take a look at their warning.

The post CISA Log4Shell warning: Patch VMware Horizon installations immediately appeared first on Malwarebytes Labs.

Read more

Meet the Administrators of the RSOCKS Proxy Botnet

Credit to Author: BrianKrebs| Date: Wed, 22 Jun 2022 13:06:34 +0000

Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the “RSOCKS” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. While the coordinated action did not name the Russian hackers allegedly behind RSOCKS, KrebsOnSecurity has identified its owner as a Russian man living abroad who also runs the world’s top Russian spamming forum.

Read more

The Active Adversary Playbook 2022

Credit to Author: Tilly Travers| Date: Tue, 07 Jun 2022 11:02:43 +0000

Cyberattacker behaviors, tactics and tools seen on the frontline of incident response during 2021

Read more

Firefox, Thunderbird, receive patches for critical security issues

Credit to Author: Christopher Boyd| Date: Fri, 27 May 2022 11:06:49 +0000

Critical updates have been released for both Firefox and Thunderbird. Apply now if you haven’t already—we explain how.

The post Firefox, Thunderbird, receive patches for critical security issues appeared first on Malwarebytes Labs.

Read more

Why you should act like your CEO’s password is “qwerty”

Credit to Author: Christopher Boyd| Date: Fri, 20 May 2022 17:02:11 +0000

We take a look at reports that CEOs and other executives are using weak passwords in their daily dealings. How do we fix this?

The post Why you should act like your CEO’s password is “qwerty” appeared first on Malwarebytes Labs.

Read more