Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

A week in security (December 5 - 11)

Categories: News Tags: Lock and Code S03E25 Tags: lock and code Tags: S03E25 Tags: Dustin Childs Tags: Eufy Tags: Snapchat Tags: Apple Tags: Apple AirTag Tags: Google Chrome Tags: V8 vulnerability Tags: Hive Tags: Facebook hoax Tags: PayPal phish Tags: Lazarus Group Tags: SIM swapper Tags: festive scam Tags: holiday scams Tags: Android vulnerability Tags: Bluetooth Tags: SaaS Tags: SaaS best practices Tags: Epic Games Tags: Threat Intelligence Reports The most interesting security related news from the week of December 5 to 11. (Read more...) The post A week in security (December 5 - 11) appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#vulnerability#ios#android#mac#windows#apple#google#intel#chrome
Log4j’s Log4Shell Vulnerability: One Year Later, It’s Still Lurking

Despite mitigation, one of the worst bugs in internet history is still prevalent—and being exploited.

Zombinder on Dark Web Lets Hackers Add Malware to Legit Apps

By Deeba Ahmed At the moment, Zombinder is focusing entirely on Android apps but the service operators are offering Windows apps binding services. This is a post from HackRead.com Read the original post: Zombinder on Dark Web Lets Hackers Add Malware to Legit Apps

Threat Round up for December 2 to December 9

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 2 and Dec. 9. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

CVE-2022-3724: Crash in USB-HID dissector on Windows (#18384) · Issues · Wireshark Foundation / wireshark · GitLab

Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows

New Truebot Malware Variant Leveraging Netwrix Auditor Bug and Raspberry Robin Worm

Cybersecurity researchers have reported an increase in TrueBot infections, primarily targeting Mexico, Brazil, Pakistan, and the U.S. Cisco Talos said the attackers behind the operation have moved from using malicious emails to alternative delivery methods such as the exploitation of a now-patched remote code execution (RCE) flaw in Netwrix auditor as well as the Raspberry Robin worm. "

CVE-2022-44838: bug_report/SQLi-1.md at main · GkaMei/bug_report

Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /services/view_service.php.