Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

Update now! Patch against vulnerabilities in Meeting Owl Pro and Whiteboard Owl devices

After dragging their feet for months Owl Labs has released a patch for vulnerabilities that were publicly disclosed a week ago. The company denies the seriousness of the vulnerabilities. The post Update now! Patch against vulnerabilities in Meeting Owl Pro and Whiteboard Owl devices appeared first on Malwarebytes Labs.

Malwarebytes
#vulnerability#git#backdoor#hard_coded_credentials#auth#wifi
Symbiote: A Stealthy Linux Malware Targeting Latin American Financial Sector

Cybersecurity researchers have taken the wraps off what they call a "nearly-impossible-to-detect" Linux malware that could be weaponized to backdoor infected systems. Dubbed Symbiote by threat intelligence firms BlackBerry and Intezer, the stealthy malware is so named for its ability to conceal itself within running processes and network traffic and drain a victim's resources like a parasite.

Even the Most Advanced Threats Rely on Unpatched Systems

Common cybercriminals are a menace, there's no doubt about it – from bedroom hackers through to ransomware groups, cybercriminals are causing a lot of damage. But both the tools used and the threat posed by common cybercriminals pale in comparison to the tools used by more professional groups such as the famous hacking groups and state-sponsored groups. In fact, these tools can prove almost

A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia

A previously undocumented Chinese-speaking advanced persistent threat (APT) actor dubbed Aoqin Dragon has been linked to a string of espionage-oriented attacks aimed at government, education, and telecom entities chiefly in Southeast Asia and Australia dating as far back as 2013. "Aoqin Dragon seeks initial access primarily through document exploits and the use of fake removable devices,"

CVE-2022-30882: code execution backdoor · Issue #1 · egeback/pyanxdns

pyanxdns package in PyPI version 0.2 is vulnerable to code execution backdoor. The impact is: execute arbitrary code (remote). When installing the pyanxdns package of version 0.2, the request package will be installed.

CVE-2022-31313: code execution backdoor · Issue #1 · rakeshrkz7/as_api_res

api-res-py package in PyPI 0.1 is vulnerable to a code execution backdoor in the request package.

CVE-2022-30877: code execution backdoor · Issue #85 · OrkoHunter/keep

The keep for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.2.

WordPress Download Manager 3.2.42 Cross Site Scripting

WordPress Download Manager versions 3.2.42 and below suffer from a cross site scripting vulnerability.

5 Linux malware families SMBs should protect themselves against

In this post, we’ll give you an overview of five Linux malware families your SMB should be protecting itself against — and how they work. The post 5 Linux malware families SMBs should protect themselves against appeared first on Malwarebytes Labs.

Taming the Digital Asset Tsunami

Rob Gurzeev, CEO and Co-Founder of CyCognito, explores external attack surface soft spots tied to an ever-expanding number of digital assets companies too often struggle to keep track of and manage effectively.