Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

Cyberthreats facing UK finance sector "a national security threat"

Categories: Business Categories: News Tags: Financials Tags: fraud Tags: cybersecurity Tags: cooperation Tags: NatWest Tags: romance scam Tags: BEC scam Tags: NCP fraud Reports published about the UK financial industry show a growing number of cyberthreats and enormous losses to fraud. (Read more...) The post Cyberthreats facing UK finance sector "a national security threat" appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#web#android#mac#windows#apple#intel#auth
CVE-2021-36443: CSRF vulnerability in imcat v5.4 · Issue #9 · peacexie/imcat

Cross Site Request Forgery vulnerability in imcat 5.4 allows remote attackers to escalate privilege via lack of token verification.

CVE-2021-37374: Teradek Cross-Site Scripting Vulnerability Advisory

** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek Clip all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address this issue.

macOS Dirty Cow Arbitrary File Write Local Privilege Escalation

Dirty Cow arbitrary file write local privilege escalation exploit for macOS.

North Korean Hackers Exploit Unpatched Zimbra Devices in 'No Pineapple' Campaign

A new intelligence gathering campaign linked to the prolific North Korean state-sponsored Lazarus Group leveraged known security flaws in unpatched Zimbra devices to compromise victim systems. That's according to Finnish cybersecurity company WithSecure (formerly F-Secure), which codenamed the incident No Pineapple. Targets of the malicious operation included a healthcare research organization

Cybersecurity and privacy tips you can teach your 5+-year-old

Categories: Personal Tags: cybersecurity 101 Tags: online privacy 101 Are you smarter than a five-year-old? When it comes to online security and privacy, you should be. (Read more...) The post Cybersecurity and privacy tips you can teach your 5+-year-old appeared first on Malwarebytes Labs.

Lazarus Group Rises Again, to Gather Intelligence on Energy, Healthcare Firms

An OpSec slip from the North Korean threat group helps researchers attribute what was first suspected as a ransomware attack to nation-state espionage.

Application Security Must Be Nonnegotiable

Companies need to keep security priorities top of mind during economic downturns so all-important revenue generation doesn't come with a heaping side order of security problems.

GitHub revokes several certificates after unauthorized access

Categories: News Tags: GitHub Tags: Atom Tags: Desktop for Mac Tags: Apple Developer ID Tags: certificates Tags: Digicert Tags: sunset After an unauthorized access incident, GitHub will revoke three certificates which will affect users of Atom and GitHub Desktop for Mac. (Read more...) The post GitHub revokes several certificates after unauthorized access appeared first on Malwarebytes Labs.