Clever malvertising attack uses Punycode to look like KeePass’s official website
Threat actors are known for impersonating popular brands in order to trick users. In a recent malvertising campaign, we observed a malicious…
Read moreThreat actors are known for impersonating popular brands in order to trick users. In a recent malvertising campaign, we observed a malicious…
Read moreCategories: Threat Intelligence Tags: malvertising Tags: keepass Tags: punycode Tags: malware Tags: ads Tags: google Threat actors are doubling down on brand impersonation by using lookalike domain names. |
The post Clever malvertising attack uses Punycode to look like KeePass’s official website appeared first on Malwarebytes Labs.
Read moreCredit to Author: Paul Ducklin| Date: Thu, 01 Jun 2023 16:45:58 +0000
Lots to learn, clearly explained in plain English… listen now! (Full transcript inside.)
Read moreCredit to Author: Paul Ducklin| Date: Wed, 31 May 2023 17:39:00 +0000
Here, in an admittedly discursive nutshell, is the fascinating story of CVE-2023-32784. (Short version: Don’t panic.)
Read moreCategories: Exploits and vulnerabilities Categories: News Categories: Personal Tags: KeePass Tags: memory dump Tags: CVE-2023-32784 There is a Proof-of-Concept available for an unpatched vulnerability in KeePass that allows attackers to dump the master password. |
The post KeePass vulnerability allows attackers to access the master password appeared first on Malwarebytes Labs.
Read moreCredit to Author: Paul Ducklin| Date: Thu, 09 Feb 2023 17:41:52 +0000
Latest epsiode. Listen now!
Read moreCredit to Author: Paul Ducklin| Date: Wed, 01 Feb 2023 18:58:48 +0000
Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?
Read more