Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

DarkGate reloaded via malvertising and SEO poisoning campaigns

Categories: Threat Intelligence Tags: darkgate Tags: autoit Tags: malvertising Tags: seo poisoning The new version of the DarkGate malware is currently actively being distributed via malspam, malicious ads and SEO poisoning. (Read more...) The post DarkGate reloaded via malvertising and SEO poisoning campaigns appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#xss#web#windows#google#git#intel#backdoor#auth
North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns

The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as TraderTraitor, which is also known by the name Jade Sleet. An investigation undertaken by the FBI found

CVE-2023-4404: Donation Forms by Charitable <= 1.7.0.12 - Unauthenticated Privilege Escalation — Wordfence Intelligence

The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the 'update_core_user' function. This makes it possible for unauthenticated attackers to specify their user role by supplying the 'role' parameter during a registration.

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.

WordPress Charitable Donations Plugin And Fundraising Platform 1.7.0.12 Privilege Escalation

WordPress Charitable Donations Plugin and Fundraising Platform versions 1.7.0.12 and below suffer from a privilege escalation vulnerability.

Color Prediction Game 1.0 SQL Injection

Color Prediction Game version 1.0 suffers from a remote SQL injection vulnerability.

OVOO Movie Portal CMS 3.3.3 SQL Injection

OVOO Movie Portal CMS version 3.3.3 suffers from a remote SQL injection vulnerability.

Taskhub CRM Tool 2.8.6 SQL Injection

Taskhub CRM Tool version 2.8.6 suffers from a remote SQL injection vulnerability.

Alert Prioritization and Guided Remediation: The future of EDR

Categories: Business Defeat alert fatigue using specialized threat intelligence. (Read more...) The post Alert Prioritization and Guided Remediation: The future of EDR appeared first on Malwarebytes Labs.