Credit to Author: Malwarebytes Labs| Date: Mon, 23 May 2022 10:02:50 +0000
The most important and interesting computer security stories from the last seven days.
The post A week in security (May 16 – 22) appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jovi Umawing| Date: Tue, 17 May 2022 20:00:36 +0000
If you’re an Apple user, make sure you patch for CVE-2022-22675, a zero-day flaw actively exported in the wild.
The post Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV appeared first on Malwarebytes Labs.
Read moreCredit to Author: Pieter Arntz| Date: Wed, 11 May 2022 14:36:23 +0000
May’s Patch Tuesday includes one actively exploited zero-day vulnerability and some other interesting ones.
The post Update now! Microsoft releases patches, including one for actively exploited zero-day appeared first on Malwarebytes Labs.
Read moreCredit to Author: Pieter Arntz| Date: Mon, 07 Mar 2022 20:06:37 +0000
Vendors want to fix their bugs as soon as possible. We look at how the big vendors are doing, and what the end user can do.
The post The struggle to reduce bug-fixing time is real appeared first on Malwarebytes Labs.
Read moreCredit to Author: Pieter Arntz| Date: Fri, 04 Feb 2022 16:07:15 +0000
 | |
| Researchers have uncovered a targeted phishing campaign exploiting a XSS zero-day vulnerability in the Zimbra email platform. Categories: Exploits and vulnerabilities Tags: EmailThiefTEMP_Hereticxsszero-day |
The post Threat actor steals email with Zimbra zero-day appeared first on Malwarebytes Labs.
Read more
Credit to Author: BrianKrebs| Date: Wed, 26 Feb 2020 14:43:31 +0000
On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products.
Read more
Credit to Author: BrianKrebs| Date: Mon, 24 Feb 2020 17:13:11 +0000
Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerability were being sold for $20,000 in the cybercrime underground. Based in Taiwan, Zyxel Communications Corp. (a.k.a “ZyXEL”) is a maker of networking devices, including Wi-Fi routers, NAS products and hardware firewalls. The company has roughly 1,500 employees and boasts some 100 million devices deployed worldwide. While in many respects the class of vulnerability addressed in this story is depressingly common among Internet of Things (IoT) devices, the flaw is notable because it has attracted the interest of groups specializing in deploying ransomware at scale.
Read moreCredit to Author: Thomas Reed| Date: Fri, 30 Aug 2019 17:40:24 +0000
 | |
| Google announced late last night that hacked websites have been used to drop iPhone malware on unsuspecting users over a two-year period. Thomas Reed investigates. Categories: Tags: AppleiOSios infectionios malwareiPhoneiphone malwaremacmalware infectiontridentzero dayzero-day vulnerability |
The post Unprecedented new iPhone malware discovered appeared first on Malwarebytes Labs.
Read more