Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2022-44877: # Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877

RESERVED An issue in the /login/index.php component of Centos Web Panel 7 before v0.9.8.1147 allows unauthenticated attackers to execute arbitrary system commands via crafted HTTP requests.

CVE
Open in Source
#web#mac#apple#intel#php#rce#auth#chrome#webkit
How Confidential Computing Can Change Cybersecurity

Encrypting data while in use, not just in transit and at rest, closes one more avenue of cyberattack.

Turla, a Russian Espionage Group, Piggybacked on Other Hackers' USB Infections

The infamous, FSB-connected Turla group took over other hackers' servers, exploiting their USB drive malware for targeted espionage.

Threat Source newsletter (Jan. 5, 2023): Digging out of our inboxes

Happy New Year and welcoem to this week's edition of the Threat Source newsletter. We can’t tell if it’s the fog from Lurene’s deadly eggnog or dare we say pure rest and relaxation but we’re still digging out of our

Bluebottle Continues Bank Heist Assault With Signed Malware

The financially motivated threat group, also known as OPERA1ER, demonstrated an evolution in tactics in its compromise of three Francophone financial institutions in Africa, likely adding to its $11 million to-date haul.

Threat Actors Evade Detection Through Geofencing & Fingerprinting

Security teams may be missing targeted attacks and advanced exploits if attackers are using evasive techniques to avoid detection. Defenders need to up their game.

Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations

A cybercrime group dubbed Bluebottle has been linked to a set of targeted attacks against the financial sector in Francophone countries located in Africa from at least July 2022 to September 2022. "The group makes extensive use of living-off-the-land, dual use tools, and commodity malware, with no custom malware deployed in this campaign," Symantec, a division of Broadcom Software, said in a

Fake Flipper Zero websites look to cause a big splash

Categories: News Tags: flipper zero Tags: fake Tags: scam Tags: phish Tags: portal Tags: social media Tags: twitter Tags: shop Tags: sale Tags: sold out Tags: pentest Tags: pentesting Tags: hardware Tags: enthusiast Tags: technology We take a look at reports of imitation Flipper Zero websites springing up to part unwary consumers from their money. (Read more...) The post Fake Flipper Zero websites look to cause a big splash appeared first on Malwarebytes Labs.

Google patches 60 vulnerabilities in first Android update of 2023

Categories: Android Categories: News Tags: 2023-01-01 Tags: 2023-01-05 Tags: Google Tags: Android Tags: CVE-2022-42719 Tags: CVE-2022-42720 Tags: CVE-2022-42721 Tags: mac80211 Tags: CVE-2022-41674 Tags: Qualcomm Tags: CVE-2022-22088 Google has published its first security bulletin of 2023 with details of vulnerabilities affecting Android devices. It includes fixes for 60 security issues. (Read more...) The post Google patches 60 vulnerabilities in first Android update of 2023 appeared first on Malwarebytes Labs.