Credit to Author: Andrew Brandt| Date: Tue, 14 Sep 2021 17:09:15 +0000
Install this month’s update to get some relief from the CVE-2021-40444 Office vulnerability<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/hQvnwac59x4″ height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Anthony Merry| Date: Thu, 06 May 2021 09:09:24 +0000
Use this query to identify which endpoints are impacted by the Dell kernel driver vulnerability CVE-2021-21551, and which are not.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/SxHmhU9-42Q” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Gabor Szappanos| Date: Wed, 27 May 2020 15:02:36 +0000
A survey of attacker files reveals orchestration techniques & preferred exploits<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/VIxDxjIG-F0″ height=”1″ width=”1″ alt=””/>
Read moreCredit to Author: Philip Christian| Date: Tue, 14 Apr 2020 15:00:00 +0000
 | |
| In a zeitgeisty moment, Zoom has become the web conference tool of choice for everyone. Unfortunately, cybercriminals are taking note and Zoombooming the public. We show readers how to protect against this intrusion of privacy. Categories: Tags: coronaviruscovid-19exploitexploitshow-to zoomteleconferencingvirtual meetingswebinarszoomzoom squattingzoombomberszoombombingzooming |
The post Keep Zoombombing cybercriminals from dropping a load on your meetings appeared first on Malwarebytes Labs.
Read more
Credit to Author: alexandrebecholey| Date: Thu, 12 Mar 2020 15:34:59 +0000
Microsoft issues its latest set of cumulative updates for Windows and other Microsoft products this week, but the March, 2020 Patch Tuesday is notable not only because of the sheer volume of fixes, but because it will prevent one very serious bug in its Server Message Block (SMB) technology (download the patch right now) that […]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/d5Hn2Ie7ee4″ height=”1″ width=”1″ alt=””/>
Read moreCredit to Author: Threat Intelligence Team| Date: Mon, 16 Mar 2020 15:00:00 +0000
 | |
| We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data. Categories: Tags: APTAPT36coronaviruscoronavirus malwarecovid-19credential stealercrimson ratexploitexploitsinfo-stealermacromalicious macromalwarenation-state attackratremote administration toolSocial Engineeringspear phishingspear phishing attacktransparent tribe |
The post APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Mon, 09 Mar 2020 20:07:46 +0000
 | |
| A roundup of the previous week’s security headlines, including the introduction of a new series on child identity theft, an examination of law enforcement’s cybersecurity woes, a progress check on our stalkerware initiative, and more coronavirus scammers on the prowl. Categories: Tags: a week in securityawiscathay pacificcoronavirusexploitgdprmalwaremicrosoftMobilephishinground upsecurityTESCOweek in securityzynga |
The post A week in security (March 2 – 8) appeared first on Malwarebytes Labs.
Read moreCredit to Author: Sameer Patil| Date: Fri, 08 Nov 2019 09:54:04 +0000
CVE-2019-0708, popularly known as BlueKeep, is a RDP pre-authentication vulnerability which allows attacker to compromise a vulnerable system without user’s interaction. This exploit is also wormable, meaning that it can spread to other vulnerable systems in a similar way as the WannaCry malware spread across the globe in 2017. Interestingly,…
Read more