Bug bounty platform HackerOne has disclosed that it was the victim of a rogue insider. The post HackerOne insider fired for trying to claim other people’s bounties appeared first on Malwarebytes Labs.

...more

MEGA claims it can’t decrypt your files. But someone’s managed to…

Published: 2022-06-22 15:52:41

Popularity: 73

Author: Pieter Arntz

Keywords:

🤖: "Megadelete"

Swiss researchers debunked MEGA's claims that anyone that would be able to take over MEGA's infrastructure would still not have access to your information and files. The post MEGA claims it can’t decrypt your files. But someone’s managed to… appeared first on Malwarebytes Labs.

...more

Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware

Published: 2022-05-24 09:55:59

Popularity: 147

Author: Pieter Arntz

Keywords:

TAG

🤖: ""Surveillance mode engaged""

A spyware vendor called Cytrox was found to be using several zero-day vulnerabilities in Google's Chrome browser and the Android kernel component. The post Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware appeared first on Malwarebytes Labs.

...more

Update now! Critical patches for Chrome and Edge

Published: 2022-04-30 13:44:04

Popularity: 615

Author: Pieter Arntz

Keywords:

Exploits and vulnerabilities

cjhromium

edge chrome

use after free

Google has released an update for the Chrome browser that includes 30 security fixes. Edge and other Chromium-based browsers also need updating. The post Update now! Critical patches for Chrome and Edge appeared first on Malwarebytes Labs.

...more

Microsoft, CISA and NSA offer security tools and advice, but will you take it?

Published: 2021-09-29 13:23:50

Popularity: None

Author: Pieter Arntz

Keywords:

Opinion

cisa

emergency mitigation service

EOL

exchange

insider risk mitigation self-assessment tool

insider threat

microsoft

NSA

nss

supply chain attack

vpn

Microsoft, CISA, and the NSA are individually offering tools and advice that aim to improve security for organizations. But will the targeted audience have the time and resources to accept that help? Categories: Opinion Tags: cisaEMemergency mitigation serviceEOLexchangeinsider risk mitigation self-assessment toolinsider threatmicrosoftNSAnsssupply chain attackvpn (Read more...) The post Microsoft, CISA and NSA offer security tools and advice, but will you take it? appeared first on Malwarebytes Labs.

...more

SonicWall warns users to patch critical vulnerability “as soon as possible”

Published: 2021-09-24 11:09:10

Popularity: 2

Author: Pieter Arntz

Keywords:

Exploits and vulnerabilities

SonicWall is asking SMA 100 series customers to patch their appliances against a vulnerability that could give attackers administrator access. Categories: Exploits and vulnerabilities Tags: cve-2021-20034sma-100snwlid-2021-0021sonicwall (Read more...) The post SonicWall warns users to patch critical vulnerability “as soon as possible” appeared first on Malwarebytes Labs.

...more

BrakTooth Bluetooth vulnerabilities, crash all the devices!

Published: 2021-09-02 16:24:34

Popularity: 10

Author: Pieter Arntz

Keywords:

Exploits and vulnerabilities

BLE

lmp

SOC

sweynttoth

Researchers have disclosed a set of 16 Bluetooth vulnerabilities that potentially affect billions of devices. Categories: Exploits and vulnerabilities Tags: BLEbluetoothbraktoothcve-2021-28139espressiflink managerlmpSOCsweynttoth (Read more...) The post BrakTooth Bluetooth vulnerabilities, crash all the devices! appeared first on Malwarebytes Labs.

...more

PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday

Published: 2021-08-11 12:16:17

Popularity: 3

Author: Pieter Arntz

Keywords:

Exploits and vulnerabilities

August 2021 Patch Tuesday has fewer bugs that we've gotten used to, but it includes some potential biggies. Categories: Exploits and vulnerabilities (Read more...) The post PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday appeared first on Malwarebytes Labs.

...more

Beware password-spraying fancy bears

Published: 2021-07-02 15:17:09

Popularity: 11

Author: Pieter Arntz

Keywords:

Reports

A collection of three- and four- letter agencies have issued a report about a sustained GRU operation against "enterprise and cloud environments". Categories: Reports (Read more...) The post Beware password-spraying fancy bears appeared first on Malwarebytes Labs.

...more

Falsifying and weaponizing certified PDFs

Published: 2021-05-27 16:55:30

Popularity: 9

Author: Pieter Arntz

Keywords:

Exploits and vulnerabilities

eaa

PDF

SSA

Certified PDFs are supposed to control modifications so that recipients know they haven't been tampered with. It doesn't always work. Categories: Exploits and vulnerabilities Tags: bochumcertified pdfdigital signatureseaaJavaScriptPDFSSA (Read more...) The post Falsifying and weaponizing certified PDFs appeared first on Malwarebytes Labs.

...more

Hat trick for Google as it patches two more zero-days in Chrome

Published: 2020-11-12 21:16:34

Popularity: 33

Author: Pieter Arntz

Keywords:

Exploits and vulnerabilities

Google has patched two more zero-day vulnerabilities that were actively being exploited in the wild. Update now! Categories: Exploits and vulnerabilities Tags: chromecve-2020-16013cve-2020-16017Googlepatchessite-isolation (Read more...) The post Hat trick for Google as it patches two more zero-days in Chrome appeared first on Malwarebytes Labs.

...more

TikTok is being discouraged and the app may be banned

Published: 2020-07-28 16:55:59

Popularity: 214

Author: Pieter Arntz

Keywords:

ban

usa

Companies and organizations are dicouraging their employees to use TikTok, especially on work related devices. Will TikTok face a ban? Categories: Privacy Tags: amazonAustraliabanbytedancechinaindiaprivacyredditsocial mediatiktokusa (Read more...) The post TikTok is being discouraged and the app may be banned appeared first on Malwarebytes Labs.

...more