What’s Coming in 2020: An RSA Recap
VMWare Carbon Black recently published our Outlook 2020 Threat Report largely fueled by the work of our amazing Threat Analysis Unit. Greg Foss (@Heinzarelli) and Andrew Costis (@0x4143) did some in-depth research on Malware samples seen in 2019. As part of RSA, Greg and I had the chance to...
-0.2AI Score
EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne 7.0 Cross Site Scripting / SQL Injection
...
0.3AI Score
APT36 Taps Coronavirus as 'Golden Opportunity' to Spread Crimson RAT
A Pakistani-linked threat actor, APT36, has been using a decoy health advisory that taps into global panic around the coronavirus pandemic to spread the Crimson RAT. The functionalities of the Crimson RAT include stealing credentials from victims’ browsers, capturing screenshots, collecting...
AI Score
0.974EPSS
APT36 Taps Coronavirus as 'Golden Opportunity' to Spread Crimson RAT
A Pakistani-linked threat actor, APT36, has been using a decoy health advisory that taps into global panic around the coronavirus pandemic to spread the Crimson RAT. The functionalities of the Crimson RAT include stealing credentials from victims’ browsers, capturing screenshots, collecting...
AI Score
0.974EPSS
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT
Since the coronavirus became a worldwide health issue, the desire for more information and guidance from government and health authorities has reached a fever pitch. This is a golden opportunity for threat actors to capitalize on fear, spread misinformation, and generate mass hysteria—all while...
7.8CVSS
-0.4AI Score
0.974EPSS
Why Businesses Should Consider Managed Cloud-Based WAF Protection
The City of Baltimore was under cyber-attack last year, with hackers demanding $76,000 in ransom. Though the city chose not to pay the ransom, the attack still cost them nearly $18 million in damages, and then the city signed up for a $20 million cyber insurance policy. It's very evident that...
0.9AI Score
RSAC 2020: GM's Transportation Future Hinges on Cybersecurity
SAN FRANCISCO — General Motors is working on self-driving cars, cars that monitor heart rates and other vital functions, zero-emission vehicles and more – all underpinned by exceedingly complex coding and relying on ubiquitous connectivity. But there’s a problem. The cyber-talent gap is hitting...
-0.4AI Score
Sen. Schumer Pushes for TSA Employee Ban on TikTok App at Work
The Transportation Safety Authority (TSA) has become the latest federal agency to ban the use of TikTok among its employees based on national-security fears over how ByteDance, the Beijing-based company that owns the app, uses the data collected by it. Some TSA employees have used the app to...
0.2AI Score
InnoGames: Create any military unit in any age
Summary of the Issue It's possible to create a sniperbot unit in the bronze age by sending a crafted request to xs1.forgeofempires.com/game/json endpoint Steps to reproduce 1) Login to https://xs1.forgeofempires.com with Chrome browser while observing network tab. 2) Open the poc_20200227.html...
0.4AI Score
Hamas Ensnares Israeli Soldiers with Pretty 'Ladies'
Hamas has been caught taking a classic “catfish” approach, to tempt Israeli soldiers into installing spyware on their phones. Members posed as teen girls who are looking for quality chat time. This is the third time that the Palestinian group has used the tactic – but this time it upped its...
0.1AI Score
Why Our Customers Love VMware Carbon Black
As the cybersecurity world advances, organizations are starting to change their approach to security. More and more teams are moving to the cloud to maximize their endpoint protection and simplify their security stack. Using VMWare Carbon Black's Cloud platform, our customers are able to...
0.8AI Score
News overview In the past quarter, DDoS organizers continued to harness non-standard protocols for amplification attacks. In the wake of WS-Discovery, which we covered in the previous report, cybercriminals turned to Apple Remote Management Service (ARMS), part of the Apple Remote Desktop (ARD)...
7AI Score
Emotet Malware Now Hacks Nearby Wi-Fi Networks to Infect New Victims
Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks. According to researchers at Binary Defense, the newly discovered...
0.8AI Score
U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack
The U.S. Justice Department today unsealed indictments against four Chinese officers of the People's Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. DOJ officials said the...
7.1AI Score
Equifax Breach: Four Members of Chinese Military Charged with Hacking
U.S. authorities have charged four Chinese military officers in the 2017 Equifax data breach, which compromised the data of nearly 150 million. The four, Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei, are believed to be members of the 54th Research Institute of the Chinese People’s Liberation Army...
0.5AI Score
Jaeles v0.4 - The Swiss Army Knife For Automated Web Application Testing
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation Download precompiled version here. If you have a Go environment, make sure you have Go >= 1.13 with Go Modules enable and run the following command. ...
6.5CVSS
6.7AI Score
0.971EPSS
New Lemon Duck Malware Campaign Targets IoT, Large Manufacturers
Printers, smart TVs and automated guided vehicles that depend on Windows 7 have become the latest juicy targets for cybercriminals leveraging a “self-spreading” variant of the malware Lemon Duck. In a report released Wednesday by TrapX Security, researchers warn manufacturers dependent on IoT...
2.2AI Score
0.001EPSS
Critical Cisco 'CDPwn' Protocol Flaws Explained: Podcast
Researchers on Wednesday disclosed five critical vulnerabilities in Cisco Discovery Protocol (CDP), the Cisco Proprietary Layer 2 network protocol that is used to discover information about locally attached Cisco equipment. Researchers say that the vulnerabilities, which they collectively call...
0.2AI Score
0.024EPSS
army-uk.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1081169 Security Researcher haxmov Helped patch 708 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting army-uk.com website and its...
0.2AI Score
U.S. Department of Interior Grounding All Drones
The Department of Interior is grounding all non-emergency drones due to security concerns: The order comes amid a spate of warnings and bans at multiple government agencies, including the Department of Defense, about possible vulnerabilities in Chinese-made drone systems that could be allowing...
0.9AI Score
0.2AI Score
16Shop Phishing Gang Goes After PayPal Users
A prolific phishing gang known as 16Shop has added PayPal customers to its target set. According to researchers at the ZeroFOX Alpha Team, the latest version of the group’s phishing kit is designed with a number of features that are aimed to steal as much personally identifiable information (PII).....
-0.5AI Score
Brazil Charges Glenn Greenwald with Cybercrimes
Glenn Greenwald has been charged with cybercrimes in Brazil, stemming from publishing information and documents that were embarrassing to the government. The charges are that he actively helped the people who actually did the hacking: Citing intercepted messages between Mr. Greenwald and the...
0.2AI Score
WordPress WP Fanzone 3.1 SQL Injection Vulnerability
WordPress WP Fanzone theme version 3.1 suffers from a remote SQL injection...
-0.2AI Score
0.1AI Score
TikTok Riddled With Security Flaws
Researchers say they have discovered several major vulnerabilities in the short form video app TikTok. The reported vulnerabilities come as scrutiny around the Chinese-owned platform increases. Researchers say the most serious vulnerability in the platform could allow attackers to remotely take...
0.2AI Score
0.001EPSS
A million-dollar email scam, a Chinese hacking campaign, and more of the week's top security...
1AI Score
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Trend Micro’s Cyber Risk Index (CRI) and its results showing increased cyber risk. Also, read about a data breach from IoT...
0.1AI Score
TikTok Banned By U.S. Army Over China Security Concerns
With backlash swelling around TikTok’s relationship with China, the United States Army this week announced that U.S. soldiers can no longer have the social media app on government-owned phones. TikTok, a social media app used to create and share short form videos, is owned by Beijing-based parent.....
-0.1AI Score
New Women in CyberSecurity (WiCyS) veterans program aims to bridge skills gap, diversify sector
The cybersecurity industry has a problem: We have zero unemployment rate. Or so we're told. With experts predicting millions of job openings in the years to come—coupled with the industry’s projected growth of US$289.9 billion by 2026 and soaring cyberattacks against businesses—now is as good a...
-0.2AI Score
Commands and Tools for Embedded Reverse Engineering
We’ve been training a lot of people to look at embedded systems. The training is intensive, and it can be hard to remember all the commands and tools used. This is just a quick rundown of those tools with enough information to jog your memory! Basic Commands If we want to see the content of a...
7.3AI Score
CISA Pushing U.S. Agencies to Adopt Vulnerability Disclosure Policies
The U.S. government’s cybersecurity agency has issued a draft directive mandating all agencies to develop vulnerability disclosure policies, which would give ethical hackers clear guidelines for submitting bugs found in government systems. Security experts hope that the directive will light a fire....
-0.5AI Score
7.8CVSS
0.4AI Score
0.001EPSS
7.8CVSS
7.7AI Score
EPSS
7.8CVSS
0.5AI Score
0.001EPSS
0.5AI Score
0.001EPSS
Hackers Discovered Only After Maxing Out Victim's Cloud Storage
A border privacy win, a suspect Army app, and more of the week's top security...
2AI Score
Jaeles - The Swiss Army Knife For Automated Web Application Testing
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation go get -u github.com/jaeles-project/jaeles Please visit the Official Documention for more details. Checkout Signature Repo for base signature. Usage More...
6.5CVSS
6.8AI Score
0.971EPSS
Website, Know Thyself: What Code Are You Serving?
When we think of “securing our website” from attackers, we often think of securing against hooded figures somewhere in Eastern Europe working out of a smoky office above an illegal gambling den. Not only is that probably geographically insensitive, it’s also not necessarily the best way threat to.....
-0.2AI Score
0.001EPSS
APT33 Mounts Focused, Highly Targeted Botnet Attacks Against U.S. Victims
The Iran-linked, espionage-focused advanced threat group known as APT33 has been spotted using more than a dozen obfuscated botnets to carry out narrowly targeted attacks against government and academic targets in the Middle East, the U.S. and Asia. Each botnet, linked to its own...
1.3AI Score
Art Imitates Life: Lessons from the Final Season of Mr. Robot
Fair warning: if you aren’t caught up, there are spoilers for the first episode of the final season of Mr. Robot below. It’s an alien sensation to be watching the fourth and final season of Mr. Robot as a civilian: having worked as a technical consultant for the first three seasons of the show,...
AI Score
A week in security (October 28 – November 3)
Last week on Malwarebytes Labs, we celebrated the birth of the Internet 50 years ago, highlighted reports about the US Federal Trade Commission (FTC) filing a case against stalkerware developer Retina-X, issued a PSI on disaster donation scams, looked at the top cybersecurity challenged SMBs face,....
-0.4AI Score
Global Crime Ring Bilks U.S. Military Members, Vets Out of Millions
Operators of a widespread identity-theft and fraud scheme have bilked thousands of U.S. servicemembers and veterans out of millions of dollars in stolen funds and Veterans Affairs (VA) benefits payments. Fredrick Brown pled guilty this week, revealing that in his role as a civilian medical records....
-0.3AI Score
Help prevent disaster donation scams from causing more misery
It’s a sad day when we have to warn people about medical charity scams, or tax fakeouts, or even have a week dedicated to foiling charity fraud—but here we are. With so many natural disasters occurring, from wildfires in California to tornadoes in Dallas, disaster donation scams remain a top...
0.9AI Score
Pockint - A Portable OSINT Swiss Army Knife For DFIR/OSINT Professionals
POCKINT (a.k.a. Pocket Intelligence) is the OSINT swiss army knife for DFIR/OSINT professionals. Designed to be a lightweight and portable GUI program (to be carried within USBs or investigation VMs), it provides users with essential OSINT capabilities in a compact form factor: POCKINT's input box....
7AI Score
Cryptovenom - The Cryptography Swiss Army Knife
CryptoVenom: The Cryptography Swiss Army knife What is CryptoVenom? CryptoVenom is an OpenSource tool which contains a lot of cryptosystems and cryptoanalysis methods all in one, including classical algorithms, hash algorithms, encoding algorithms, logic gates, mathematical functions, modern...
7.3AI Score
HomePwn - Swiss Army Knife for Pentesting of IoT Devices
HomePwn is a framework that provides features to audit and pentesting devices that company employees can use in their day-to-day work and inside the same working environment. It is designed to find devices in the home or office, take advantage of certain vulnerabilities to read or send data to...
7.1AI Score
Threat Source newsletter (Oct. 24, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Never assume that a malware family is really dead. We’ve done it time and time again with things like Emotet, and Gustuff is proving...
9.2AI Score
0.038EPSS
U.S. Government, Military Personnel Data Leaked By Autoclerk
A leaky database owned by reservations management system Autoclerk has exposed the personal data and travel information for thousands of users – including U.S. government and military personnel. Autoclerk, which was acquired by the Best Western Hotel and Resorts Group in August, provides...
-0.2AI Score
0.6AI Score