Some weeks in security (December 16 – January 5)
During the holiday period on Malwarebytes Labs we covered: A day in the life of a privacy pro, with Ron […]
Some weeks in security (December 16 – January 5) Read More »
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution
A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution Read More »
PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps
Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging,
PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps Read More »
U.S. Treasury Sanctions Beijing Cybersecurity Firm for State-Backed Hacking Campaigns
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known
U.S. Treasury Sanctions Beijing Cybersecurity Firm for State-Backed Hacking Campaigns Read More »
“Can you try a game I made?” Fake game sites lead to information stealers
The background and the IOCs for this blog were gathered by an Expert helper on our forums and Malwarebytes researchers.
“Can you try a game I made?” Fake game sites lead to information stealers Read More »
Multi-Path TCP: revolutionizing connectivity, one path at a time
The Internet is designed to provide multiple paths between two endpoints. Attempts to exploit multi-path opportunities are almost as old
Multi-Path TCP: revolutionizing connectivity, one path at a time Read More »
Router reality check: 86% of default passwords have never been changed
Misconfigurations remain a popular compromise point — and routers are leading the way. According to recent survey data, 86% of respondents
Router reality check: 86% of default passwords have never been changed Read More »
New AI Jailbreak Method ‘Bad Likert Judge’ Boosts Attack Success Rates by Over 60%
Cybersecurity researchers have shed light on a new jailbreak technique that could be used to get past a large language
New AI Jailbreak Method ‘Bad Likert Judge’ Boosts Attack Success Rates by Over 60% Read More »
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers Read More »