Security
Headlines
HeadlinesLatestCVEs

Source

Malwarebytes

Lego's Bricklink steps on cross site scripting blocks

Categories: News Tags: lego Tags: bricklink Tags: cross site scripting Tags: bug Tags: flaw We take a look at how Lego's Bricklink service was potentially vulnerable to certain types of XSS attack. (Read more...) The post Lego's Bricklink steps on cross site scripting blocks appeared first on Malwarebytes Labs.

Malwarebytes
#xss#vulnerability#web#amazon#java#ssrf
BEC scammers go after more than just money

Categories: Business Categories: News Tags: FBI. FDA Tags: USDA Tags: BEC Tags: business email compromise Tags: domain mimicry Tags: spear phishing Business email compromise is not just after money alone anymore, they will take truckloads of agricultural products as well. (Read more...) The post BEC scammers go after more than just money appeared first on Malwarebytes Labs.

The pitfalls of blocking IP addresses

Categories: News Tags: IP Tags: DNS Tags: IPv6 Tags: blocking Tags: domains Tags: Austria Tags: Cloudflare Tags: Freedom House Using IP blocks to make domains unreachable is a far-reaching method that has undesirable side effects because there is no one-on-one relationship. (Read more...) The post The pitfalls of blocking IP addresses appeared first on Malwarebytes Labs.

Play ransomware group claims to have stolen hotel chain data

Categories: News Tags: H-Hotel Tags: Play ransomware Tags: ransomware Tags: extortion Tags: threat Tags: breach Tags: EDR A ransomware group claims to have stolen data from the H-Hotel chain, and is now threatening to leak it if the ransom is not paid (Read more...) The post Play ransomware group claims to have stolen hotel chain data appeared first on Malwarebytes Labs.

Millions of Gemini cryptocurrency exchange user details leaked

Categories: News Tags: Gemini Tags: crypto Tags: cryptocurrency exchange Tags: login Tags: phish Tags: phishing Tags: leak Tags: stolen Tags: data Millions of Gemini cryptocurrency exchange users have had their data leaked on an underground forum. (Read more...) The post Millions of Gemini cryptocurrency exchange user details leaked appeared first on Malwarebytes Labs.

Adult popunder campaign used in mainstream ad fraud scheme

Categories: Threat Intelligence Taking advantage of cost effective and high traffic adult portals, a threat actor is secretly defrauding advertisers by displaying Google ads under the disguise of an XXX page. (Read more...) The post Adult popunder campaign used in mainstream ad fraud scheme appeared first on Malwarebytes Labs.

Malwarebytes earns AV-TEST Top Product awards for fourth consecutive quarter

Categories: Business AV-TEST, a leading independent tester of cybersecurity solutions, has just ranked Malwarebytes as a Top Product for consumers and businesses for the fourth quarter in a row. (Read more...) The post Malwarebytes earns AV-TEST Top Product awards for fourth consecutive quarter appeared first on Malwarebytes Labs.

Restaurant platform SevenRooms confirms data breach

Categories: News Tags: SevenRooms Tags: third party Tags: vendor Tags: breach Tags: data Tags: tool Tags: forum We take a look at reports confirmed by SevenRooms that a third party vendor breach may have impacted its customers. (Read more...) The post Restaurant platform SevenRooms confirms data breach appeared first on Malwarebytes Labs.

Chasing cryptocurrency through cyberspace, with Brian Carter: Lock and Code S03E26

Categories: Podcast This week on Lock and Code, we learn about how investigators actually track illicit cryptocurrency payments through cyberspace after they've already been exchanged as part of a crime. (Read more...) The post Chasing cryptocurrency through cyberspace, with Brian Carter: Lock and Code S03E26 appeared first on Malwarebytes Labs.

4 over-hyped security vulnerabilities of 2022

Categories: Exploits and vulnerabilities Categories: News Tags: wormable Tags: zero-day Tags: spring4shell Tags: cve-2022-34718 Tags: log4j Tags: openssl Tags: cve-2022-36934 Tags: cve-2022-27492 Tags: cve-2022-22965 Tags: cve-2022-22963 What does it take to make the discussion of vulnerabilities useful? And where did this go wrong in 2022? (Read more...) The post 4 over-hyped security vulnerabilities of 2022 appeared first on Malwarebytes Labs.