#Exploits and vulnerabilities

Researchers have found that the Magnitude exploit kit is testing a Chrome vulnerability in combination with a Windows vulnerability. Categories: Exploits and vulnerabilities Tags: chrome chromium exploit kit magniber Magnitude puzzlemaker *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/magnitude-ek-has-been-spotted-targeting-the-chrome-browser/ ) )* The post Chrome targeted by Magnitude exploit kit appeared first on Malwarebytes Labs.

For the second time this year the REvil ransomware group has disappeared off the grid. Will they come back again? All bets are open. Categories: Ransomware Tags: BlackMatter darkside kasey ransomware revil Tor service *( Read more... ( https://blog.malwarebytes.com/ransomware/2021/10/revil-ransomware-gang-disappears-after-tor-services-hijacked/ ) )* The post [updated]REvil ransomware disappears after Tor services hijacked appeared first on Malwarebytes Labs.

October 2021's Patch Tuesday includes some patches to block potentially dangerous vulnerabilities. We made a selection of the most "promising" ones. Categories: Exploits and vulnerabilities Tags: microsoft patch tuesday patches vulnerabilities *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/patch-now-microsoft-fixes-71-windows-vulnerabilities-in-october-patch-tuesday/ ) )* The post Patch now! Microsoft fixes 71 Windows vulnerabilities in October Patch Tuesday appeared first on Malwarebytes Labs.

Apple patches the 17th zero-day in less than half a year. Get your update now! Categories: Exploits and vulnerabilities Tags: CVE-2021-30883 FORCEDENTRY IOMobileFrameBuffer iOS iPadOS kernel privileges Pegasus *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/update-now-apple-patches-another-privilege-escalation-bug-in-ios-and-ipados/ ) )* The post Update now! Apple patches another privilege escalation bug in iOS and iPadOS appeared first on Malwarebytes Labs.

Two vulnerabilities have been patched for Apache HTTP server. One of these vulnerabilities was exploited in the wild. Categories: Exploits and vulnerabilities Tags: 2.4.49 apache HTTP Server cve-2021-41524 CVE-2021-41773 shodan *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/apache-http/ ) )* The post [update]Patch now! Apache fixes zero-day vulnerability in HTTP Server appeared first on Malwarebytes Labs.

Two vulnerabilities have been patched for Apache HTTP server. One of these vulnerabilities was exploited in the wild. Categories: Exploits and vulnerabilities Tags: 2.4.49 apache HTTP Server cve-2021-41524 CVE-2021-41773 shodan *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/apache-http/ ) )* The post Patch now! Apache fixes zero-day vulnerability in HTTP Server appeared first on Malwarebytes Labs.

Two vulnerabilities have been patched for Apache HTTP server. One of these vulnerabilities was exploited in the wild. Categories: Exploits and vulnerabilities Tags: 2.4.49 apache HTTP Server cve-2021-41524 CVE-2021-41773 shodan *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/apache-http/ ) )* The post [Updated, again] Apache fixes zero-day vulnerability in HTTP Server appeared first on Malwarebytes Labs.

Researchers have found a way to extract money from Apple Pay via without any user interaction. Categories: Exploits and vulnerabilities Tags: Apple Pay EMV Europay Express mode iPhone magic bytes mastercard Samsung visa *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/apple-pay-vulnerable-to-wireless-pickpockets/ ) )* The post Apple Pay vulnerable to wireless pickpockets appeared first on Malwarebytes Labs.

SonicWall is asking SMA 100 series customers to patch their appliances against a vulnerability that could give attackers administrator access. Categories: Exploits and vulnerabilities Tags: cve-2021-20034 sma-100 snwlid-2021-0021 sonicwall *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/sonicwall-warns-users-to-patch-critical-vulnerability-as-soon-as-possible/ ) )* The post SonicWall warns users to patch critical vulnerability “as soon as possible” appeared first on Malwarebytes Labs.

Researchers were able to harvest hundreds of thousands of credentials thanks to a quirk of the Autodiscover process. Categories: Exploits and vulnerabilities Tags: autodiscover domains exchange microsoft microsoft exchange tlds *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/09/microsoft-exchange-autodiscover-flaw-reveals-users-passwords/ ) )* The post Microsoft Exchange Autodiscover flaw reveals users’ passwords appeared first on Malwarebytes Labs.