Credit Resources Vault: Why this credit email set off our scam alarms

If there is anything that annoys me more than a scammer, it's companies that behave like one, while staying just on the right side of the law. They manage to linger and disappoint customers for years. It's also why sometimes people think that Malwarebytes Scam Guard can be overly cautious when...

ALFA: A Safe-By-Design Approach to Mitigate Quishing Attacks Launched Via Fancy QR Codes

Phishing with Quick Response QR codes is termed as Quishing. The attackers exploit this method to manipulate individuals into revealing their confidential data. Recently, we see the colorful and fancy representations of QR codes, the 2D matrix of QR codes which does not reflect a typical mixture ...

EUVD-2019-1092

Malware in sbrugna...

Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code

Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain assets from victims' crypto wallets. The package, named "CryptoAITools," is said to have been distributed...

Beware of scammers impersonating Malwarebytes

Scammers love to bank on the good name of legitimate companies to gain the trust of their intended targets. Recently, it came to our attention that a cybercriminal is using fake websites for security products to spread malware. One of those websites was impersonating the Malwarebytes brand. Image...

Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap?

Notorious data leak site BreachForums appears to be back online after it was seized by law enforcement a few weeks ago. At least one of BreachForums domains and its dark web site are live again. However, questions have been raised over whether it is a genuine attempt to revive the forums once aga...

Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware

Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware. The latest assault on the open-source software supply chain involves concealing malicious code within...

Omniauth::MicrosoftGraph Account takeover (nOAuth)

Summary The implementation did not validate the legitimacy of the email attribute of the user nor did it give/document an option to do so, making it susceptible to nOAuth misconfiguration in cases when the email is used as a trusted user identifier...

HUAWEI HarmonyOS Denial of Service Vulnerability (CNVD-2022-53574)

HUAWEI HarmonyOS is an operating system from the Chinese company Huawei HUAWEI. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in the HUAWEI HarmonyOS AI business component, which stems from the fact that hiaiserver does not do...

HUAWEI HarmonyOS Denial of Service Vulnerability (CNVD-2022-53575)

HUAWEI HarmonyOS is an operating system from the Chinese company Huawei HUAWEI. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in the HUAWEI HarmonyOS AI business component, which stems from the fact that hiaiserver does not do...

HUAWEI HarmonyOS Denial of Service Vulnerability (CNVD-2022-53576)

HUAWEI HarmonyOS is an operating system from the Chinese company Huawei HUAWEI. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in the HUAWEI HarmonyOS AI business component, which stems from hiaiserver not doing strict legitimacy...

HUAWEI HarmonyOS Denial of Service Vulnerability (CNVD-2022-41787)

HUAWEI HarmonyOS is an operating system from the Chinese company Huawei HUAWEI. It provides a full-scenario distributed operating system based on a microkernel. A denial of service vulnerability exists in the HUAWEI HarmonyOS AI business component, which stems from hiaiserver not doing strict...

lego-geschenkezeit.de Cross Site Scripting vulnerability OBB-2556569

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Dell EMC iDRAC9 and EMC iDRAC8 Spoofing Vulnerability

Dell EMC iDRAC9 is the United States Dell DELL company's set of hardware and software system management solutions. The solution provides remote management, crash system recovery and power control for Dell PowerEdge systems.Dell EMC iDRAC8 versions prior to 2.80.80.80 and Dell EMC iDRAC9 versions...

MCUboot: DMARC and DNS Records not found on mcuboot.com

Found no DMARC and DNS record on mcuboot.com . I am also able to send an email to me on your behalf . The mail sent didnot even landed in spam folder which could make the users believe on the attacker as a legitimate person or authority. Any attacker could do so by using any fake mailer .For exmp...

TYPO3 server-side request forgery vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Typo3 Association. A server-side request forgery vulnerability exists in TYPO3 versions prior to 7.2.1, which stems from a failure to check the legitimacy of a request. An attacker can exploit this...

Homebrew: Brew bootstrap process is insecure

The process described in this page is not secure - no checksum / PGP signature is published and there is no way to check the download is legit: https://brew.sh/ "/bin/bash -c "$curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh"" This can lead to supply chain attacks su...

Check your VPN DNS test tool legitimacy: Is it “good” or deceptive

By Zehra Ali Does your VPN leaks DNS data? Does the DNS testing tool you're using shows real results or shows sponsored results for affiliate marketing? Virtual private network VPN users are increasing at a great pace due to growing privacy concerns and numerous VPN options, including both, the...

Luas data ransom: the hacker who cried wolf?

In a terrible start to the year for Irish tram firm Luas, their site was compromised a week ago and adorned with a stark ransom warning: Click to enlarge You are hacked. Some time ago I wrote that you have serious security holes. You didn’t reply. The next time someone talks to you, press the rep...

PoC Exploit Compromises Microsoft Live Accounts via Subdomain Hijacking

A proof-of-concept PoC attack details how an attacker can gain access a victim’s Microsoft Live webmail session, without having the person’s credentials. It relies upon the hijack of a Microsoft-owned Live.com website subdomain. The PoC, developed by CyberInt, demonstrates what it characterizes a...