Security
Headlines
HeadlinesLatestCVEs

Source

Malwarebytes

Arris router vulnerability could lead to complete takeover

Categories: Exploits and vulnerabilities Categories: News Tags: Yerodin Richards Tags: Arris Tags: routre Tags: CVE-2022-45701 Tags: default credentials A security researcher found an authenticated remote code execution vulnerability in very wide-spread Arris router models. (Read more...) The post Arris router vulnerability could lead to complete takeover appeared first on Malwarebytes Labs.

Malwarebytes
#vulnerability#web#rce#botnet#auth
Fake Hogwarts Legacy cracks lead to adware, scams

Categories: News Categories: Scams Tags: Hogwarts Legacy Tags: video game survey scam Tags: survey scam Tags: Trojan dropper Tags: adware With Hogwarts Legacy becoming the popular game it was expected to be, online criminals have resorted to old tricks to get users clicking. (Read more...) The post Fake Hogwarts Legacy cracks lead to adware, scams appeared first on Malwarebytes Labs.

WordPress sites backdoored with ad fraud plugin

Categories: Threat Intelligence Tags: ad fraud Tags: popunder Tags: ads Tags: fraud Tags: wordpress Tags: plugins Popunders are the ideal vehicle to serve ad fraud. In this case, we investigate a scheme where a webpage you can't see is loading a bunch of ads while code mimics user activity by scrolling and visiting links. (Read more...) The post WordPress sites backdoored with ad fraud plugin appeared first on Malwarebytes Labs.

Four EU telco giants will start asking users if they want personalized targeted ads

Categories: News Categories: Privacy Tags: Vodafone Tags: Orange Tags: Deutsche Telekom Tags: Telefónica Tags: TrustPid Tags: Wolfie Christl Tags: Aram Zucker-Scharff The EU Commission has greenlit the merge of four EU telco giants to offer millions of subscribers a different kind of targeted ads. (Read more...) The post Four EU telco giants will start asking users if they want personalized targeted ads appeared first on Malwarebytes Labs.

Update now! February's Patch Tuesday tackles three zero-days

Categories: Exploits and vulnerabilities Categories: News Tags: patch Tuesday Tags: Microsoft Tags: Apple Tags: Adobe Tags: SAP Tags: Citrix Tags: Cisco Tags: Atlassian Tags: Google Tags: Mozilla Tags: Forta Tags: OpenSSH Tags: CVE-2023-21823 Tags: CVE-2023-21715 Tags: OneNote Tags: CVE-2023-23376 Tags: CVE-2023-21706 Tags: CVE-2023-21707 Tags: CVE-2023-21529 Tags: CVE-2023-21716 Tags: CVE-2023-23378 Tags: CVE-2023-22501 Tags: CVE-2023-24486 Tags: CVE-2023-24484 Tags: CVE-2023-24484 Tags: CVE-2023-24483 Tags: CVE-2023-25136 Tags: GoAnywhere Microsoft has released updates to patch three zero-days and lots of other vulnerabilities and so have several other vendors (Read more...) The post Update now! February's Patch Tuesday tackles three zero-days appeared first on Malwarebytes Labs.

Update now! Apple patches vulnerabilities in MacOS and iOS

Categories: Apple Categories: Exploits and vulnerabilities Tags: Apple Tags: macOS Ventura Tags: 13.2.1 Tags: iOS Tags: iPadOS Tags: 16.3.1 Tags: CVE-2023-23514 Tags: CVE-2023-23522 Tags: CVE-2023-23529 Tags: use after free Tags: type confusion Apple has released patches for macOS Ventura, iPadOs, and iOS. Among the patched vulnerabilities is a WebKit vulnerability which may have been exploited in the wild. (Read more...) The post Update now! Apple patches vulnerabilities in MacOS and iOS appeared first on Malwarebytes Labs.

TrickBot gang members sanctioned after pandemic ransomware attacks

Categories: News Tags: Conti Tags: ransomware Tags: TrickBot Tags: sanction The US, in partnership with the UK, named individuals tied to TrickBot and shamed them with a sanction. (Read more...) The post TrickBot gang members sanctioned after pandemic ransomware attacks appeared first on Malwarebytes Labs.

New ESXiArgs encryption routine outmaneuvers recovery methods

Categories: News Categories: Ransomware Tags: ESXi Tags: ESXiArgs Tags: encryption routine The ransomware group behind the massive attack on ESXi Virtual Machines has come up with a new variant that can no longer be decrypted with the existing recovery script (Read more...) The post New ESXiArgs encryption routine outmaneuvers recovery methods appeared first on Malwarebytes Labs.

One in nine online stores are leaking your data, says study

Categories: News Categories: Privacy Tags: Sansec Tags: leaky data Tags: online store leaks Tags: web skimming A recent study reveals that while users are comfortable shopping online, a number of online stores are accidentally leaking shoppers' highly sensitive data. (Read more...) The post One in nine online stores are leaking your data, says study appeared first on Malwarebytes Labs.

Android 14 developer preview highlights multiple security improvements

Categories: News Tags: android 14 Tags: developer preview Tags: apps Tags: malware Tags: download We take a look at what the Android 14 developer preview means for Android security moving forward. (Read more...) The post Android 14 developer preview highlights multiple security improvements appeared first on Malwarebytes Labs.