Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Apple Security Advisory 2023-09-21-1

Apple Security Advisory 2023-09-21-1 - Safari 16.6.1 addresses a code execution vulnerability.

Packet Storm
Open in Source
#vulnerability#web#ios#mac#apple#google#ssh#webkit#ssl
Your Boss’s Spyware Could Train AI to Replace You

Corporations are using software to monitor employees on a large scale. Some experts fear the data these tools collect could be used to automate people out of their jobs.

A Tricky New Way to Sneak Past Repressive Internet Censorship

With the number of internet blackouts on the rise, cybersecurity firm eQualitie figured out how to hide censored online news in satellite TV signals.

What does a car need to know about your sex life? Lock and Code S04E20

Categories: Podcast This week on the Lock and Code podcast, we speak with Mozilla's Privacy Not Included team about the invasive data collection practices of modern cars. (Read more...) The post What does a car need to know about your sex life? Lock and Code S04E20 appeared first on Malwarebytes Labs.

New Report Uncovers Three Distinct Clusters of China-Nexus Attacks on Southeast Asian Government

An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time. "While this activity occurred around the same time and in some instances even simultaneously on the same victims' machines, each cluster is characterized by distinct tools, modus operandi and infrastructure," Palo Alto

CVE-2015-6964: GitHub - Multibit-Legacy/multibit: Deprecated Bitcoin Wallet

MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable Bitcoin addresses into the list that MultiBit uses to send fees to the developers. (Attackers cannot realistically steal these fees for themselves.) This occurs because there is no message authentication code (MAC).

A week in security (September 18 - September 24)

Categories: News Tags: Themebleed Tags: zero-days Tags: Apple Tags: T-Mobile Tags: MGM Tags: metaverse A list of topics we covered in the week of September 18 to September 24 of 2023 (Read more...) The post A week in security (September 18 - September 24) appeared first on Malwarebytes Labs.

Popular Thesaurus Website Used in Sneaky Cryptojacking Scheme

By Waqas KEY FINDINGS Cybersecurity researchers at Group-IB unearthed a covert cryptojacking campaign concealed within a popular online thesaurus boasting… This is a post from HackRead.com Read the original post: Popular Thesaurus Website Used in Sneaky Cryptojacking Scheme

Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics

Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly," ESET said in a new report shared with The Hacker News. "This combination

Apple and Chrome Zero-Days Exploited to Hack Egyptian ex-MP with Predator Spyware

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the