RSS Reader for Computer Security Articles
Categories: Exploits and vulnerabilities Categories: News Researchers have uncovered a privilege escalation vulnerability in Google Cloud Build that could enable malicious actors tamper with application images and infect users. |
The post Google fixes “Bad.Build” Cloud Build flaw, researchers say it’s not enough appeared first on Malwarebytes Labs.
Read MoreCategories: Business Tags: upload Tags: download Tags: share Tags: data Tags: intelligence Tags: google Tags: virustotal Tags: social media Tags: sharing Tags: document Tags: file Tags: files We take a look at reports of a document being accidentally shared to the VirusTotal service and potentially exposing names and email addresses in the security and intelligence community. |
The post Accidental VirusTotal upload is a valuable reminder to double check what you share appeared first on Malwarebytes Labs.
Read MoreCategories: News Tags: driver Tags: delivery Tags: amazon Tags: van Tags: camera Tags: recording Tags: footage Tags: online Tags: privacy In-van delivery driver footage is reportedly finding its way to the internet. Are privacy issues at play, or is a valuable safety tool? |
The post Amazon in-van delivery driver footage makes its way online appeared first on Malwarebytes Labs.
Read MoreCategories: Awareness Categories: News Tags: Docker Tags: Docker Hub Tags: containerization Tags: secrets Tags: exposed Researchers have found that numerous Docker images shared on Docker Hub expose sensitive data. |
The post Docker Hub images found to expose secrets and private keys appeared first on Malwarebytes Labs.
Read MoreCategories: Personal Tags: plane Tags: ticket Tags: holiday Tags: flight Tags: airplane Tags: aeroplane Tags: scam Tags: phish Tags: phishing Tags: social engineering We take a look at several scams targeting flyers off on their holidays, and how you can keep yourself safe. |
The post Plane sailing for ticket scammers: How to keep your flight plans safe appeared first on Malwarebytes Labs.
Read MoreCategories: News Tags: Microsoft. MSA Tags: OWA Tags: validation token Tags: signing key Tags: Storm-0556 Tags: GetAccessTokensForResource Due to a validation error in Microsoft code, a suspected Chinese attacker was able to access user email from approximately 25 organizations, including government agencies. |
The post Microsoft validation error allowed state actor to access user email of government agencies and others appeared first on Malwarebytes Labs.
Read MoreCategories: Threat Intelligence Tags: fakeupdates Tags: socgholish Tags: netsupport Tags: RAT A new campaign leveraging compromised WordPress sites emerges with another fake browser update. |
The post FakeSG enters the ‘FakeUpdates’ arena to deliver NetSupport RAT appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: MalasLocker Tags: vulnerability Tags: Google Tags: actively exploited Tags: fn:escapeXml Security experts are warning Zimbra users that a vulnerability for which there is no patch is being actively exploited in the wild. |
The post Act now! In-the-wild Zimbra vulnerability needs a workaround appeared first on Malwarebytes Labs.
Read More