2 Chinese Charged with Laundering $100 Million for North Korean Hackers

Two Chinese nationals have been charged by the US Department of Justice DoJ and sanctioned by the US Treasury for allegedly laundering $100 million worth of virtual currency using prepaid Apple iTunes gift cards. According to a newly unsealed court document, the illicit funds originated from a $2...

Clearview AI's Massive Client List Got Hacked

Clever malware, student surveillance, and more of the week's top security news...

Hackers leak up to 4 TB of OnlyFans content for download

By Deeba Ahmed OnlyFans is a London-based adult entertainment site immensely popular among content creators and influencers, especially females has been hacked. This is a post from HackRead.com Read the original post: Hackers leak up to 4 TB of OnlyFans content for download...

FC Barcelona Suffers Likely Credential-Stuffing Attack on Twitter

Just ahead of its Champion’s League Round of 16 appearance next week, FC Barcelona’s official Twitter account was hacked in an apparent credential-stuffing attack. The strike resulted in account takeover and bogus tweets being sent out. The hacking collective known as OurMine, which made headline...

A week in security (February 10 – 16)

Last week on Malwarebytes Labs, we explained how to battle online coronavirus scams with facts, discussed the persistent re-infection techniques of Android/Trojan.xHelper and how to remove it, provided cyber tips for safe online dating, and showed how Hollywood teaches us misleading cybersecurity...

News Wrap: Valentine's Day Scams and Emotet's Wi-Fi Hack

Threatpost editors Tara Seals and Lindsey O’Donnell-Welch break down the top stories for this week, ended Feb. 14, including: Recent phishing scams – including ones with a romance hook – continue to trick victims, showing that phishing tactics still work in stealing millions from individuals,...

znakachestva.ua Cross Site Scripting vulnerability

Security Researcher geeknik Helped patch 8505 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting znakachestva.ua website and its users. Following coordinat...

How 4 Chinese Hackers Allegedly Took Down Equifax

The Department of Justice has pinned the hack on China. Here's how it was done, according to the indictment...

A week in security (January 27 – February 2)

Last week on Malwarebytes Labs, we looked at the strengths and weaknesses of the Zero Trust model, gave you the low-down on spear phishing, and took a delve into the world of securing the managed service provider MSP. Other cybersecurity news UN compromised via Sharepoint hack: An extraordinary...

Windows 7 Gets One Last Update For the Road

A Silk Road guilty plea, a UN hack, and more of the week's top security news...

Technical Report of the Bezos Phone Hack

Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman. ...investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the...

Did Saudi Crown Prince use Israeli spyware to hack Jeff Bezos’s iPhone?

By Waqas According to the UN high commissioner for human rights, Bezos’s iPhone was hacked using NSO Group’s spyware called... This is a post from HackRead.com Read the original post: Did Saudi Crown Prince use Israeli spyware to hack Jeff Bezos’s iPhone?...

beerbev.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1073662 Security Researcher geeknik Helped patch 8722 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting beerbev.com website and it...

Everything We Know About the Jeff Bezos Phone Hack

A UN report links the attack on Jeff Bezos' iPhone X directly to Saudi Arabian Crown Prince Mohammed bin Salman...

Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp

The iPhone of Amazon founder Jeff Bezos, the world's richest man, was reportedly hacked in May 2018 after receiving a WhatsApp message from the personal account of Saudi crown prince Mohammed bin Salman, the Guardian newspaper revealed today. Citing unnamed sources familiar with digital forensic...

Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp

The iPhone of Amazon founder Jeff Bezos , the world's richest man, was reportedly hacked in May 2018 after receiving a WhatsApp message from the personal account of Saudi crown prince Mohammed bin Salman , the Guardian newspaper revealed today. Citing unnamed sources familiar with digital forensi...

If Russia Hacked Burisma, Brace for the Leaks to Follow

The Kremlin likely hacked the oil giant. Its next play: selectively release—and even forge—documents. Did the US learn enough from 2016 to ignore them?...

Remote Desktop Client remote code execution vulnerability

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka ‘Remote Desktop Client Remote Code Execution Vulnerability’. Recent assessments: busterb at January 15, 2020 2:29am UTC reported: This is a client-side exploit, which...

Google hackers successfully use remote exploit to hack iPhone

By Waqas From law enforcement to hacking firms everyone wants to hack iPhone security researchers at Google have done it again. This is a post from HackRead.com Read the original post: Google hackers successfully use remote exploit to hack iPhone...

MTN Group: Information Disclosure FrontPage Configuration Information /_vti_inf.html in https://www.mtn.co.za/

Hi there i found a information disclosure Microsoft FrontPage configuration in the subdomain https://www.mtn.co.za/ that allows me to see version number and scripting paths off sharepoint using firefox. POC: Go to the following url: https://www.mtn.co.za/vtiinf.html and you will see a blank page...