Zyxel Fixes 0day in Network Storage Devices

Credit to Author: BrianKrebs| Date: Mon, 24 Feb 2020 17:13:11 +0000

Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a “ZyXEL”) is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.

Read more

Unprecedented new iPhone malware discovered

Credit to Author: Thomas Reed| Date: Fri, 30 Aug 2019 17:40:24 +0000

Google announced late last night that hacked websites have been used to drop iPhone malware on unsuspecting users over a two-year period. Thomas Reed investigates.

Categories:

Tags:

(Read more…)

The post Unprecedented new iPhone malware discovered appeared first on Malwarebytes Labs.

Read more

How to get Ahead of Vulnerabilities and Protect your Enterprise Business

Credit to Author: Trend Micro| Date: Tue, 12 Mar 2019 14:00:37 +0000

Security vulnerabilities are popping up all the time, and can put any business that uses technological assets at risk. In a nutshell, vulnerabilities represent the ideal opportunity for malicious actors to break into systems and wreak all types of havoc. From data theft to information compromise and beyond, vulnerabilities are a particularly pertinent issue for…

The post How to get Ahead of Vulnerabilities and Protect your Enterprise Business appeared first on .

Read more

A week in security (March 4 – 11)

Credit to Author: Malwarebytes Labs| Date: Mon, 11 Mar 2019 15:47:27 +0000

A roundup of cybersecurity news from March 4–11, including a Chrome zero-day, Labs’ data privacy report, news from RSA, and more.

Categories:

Tags:

(Read more…)

The post A week in security (March 4 – 11) appeared first on Malwarebytes Labs.

Read more

Google Chrome zero-day: Now is the time to update and restart your browser

Credit to Author: Malwarebytes Labs| Date: Fri, 08 Mar 2019 19:13:15 +0000

A particularly dangerous Google Chrome zero-day is already being used in real-world attacks. Despite Google’s auto update feature, users will need to close and restart their browser in order to be protected.

Categories:

Tags:

(Read more…)

The post Google Chrome zero-day: Now is the time to update and restart your browser appeared first on Malwarebytes Labs.

Read more

A week in security (February 4 – 8)

Credit to Author: Malwarebytes Labs| Date: Mon, 11 Feb 2019 17:05:33 +0000

A roundup of security news from February 4 – 8, including Facebook’s secure messaging integration, Google’s changes to URLs, a scam involving the Kindle store and John Wick, and more.

Categories:

Tags:

(Read more…)

The post A week in security (February 4 – 8) appeared first on Malwarebytes Labs.

Read more

A week in security (December 3 – 9)

Credit to Author: Malwarebytes Labs| Date: Mon, 10 Dec 2018 17:32:10 +0000

A roundup of last week’s security news from December 3–9, including a new Mac malware, new Flash zero-day vulnerability, new Malwarebytes report focusing on current undetectable malware, and breaches happening left and right.

Categories:

Tags:

(Read more…)

The post A week in security (December 3 – 9) appeared first on Malwarebytes Labs.

Read more

CVE-2018-15982- Adobe Flash Player use after free (Zero Day) vulnerability alert!

Credit to Author: Prashant Tilekar| Date: Thu, 06 Dec 2018 10:52:25 +0000

The recent zero-day vulnerability CVE-2018-15982 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-42 on December 5, 2018 to address this issue. According to Adobe, the in-wild exploit is being used in targeted attacks. Vulnerable Versions Adobe…

Read more