Security
Headlines
HeadlinesLatestCVEs

Tag

#samba

Cloud data breaches: 4 biggest threats to cloud storage security

Here are four big threats to cloud storage security that SMBs should be ready to address to help prevent cloud data breaches. The post Cloud data breaches: 4 biggest threats to cloud storage security appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#vulnerability#microsoft#amazon#samba#vmware#aws#auth#ibm
Cracking the Email Security Code: 12 Best Practices for Small and Midsize Businesses

It only takes one successful attack to spell disaster for a company. Learn how to protect your company with this email security best practice guide.

5 Linux malware families SMBs should protect themselves against

In this post, we’ll give you an overview of five Linux malware families your SMB should be protecting itself against — and how they work. The post 5 Linux malware families SMBs should protect themselves against appeared first on Malwarebytes Labs.

Hacking Scenarios: How Hackers Choose Their Victims

Enforcing the "double-extortion" technique aka pay-now-or-get-breached emerged as a head-turner last year.  May 6th, 2022 is a recent example. The State Department said the Conti strain of ransomware was the most costly in terms of payments made by victims as of January. Conti, a ransomware-as-a-service (RaaS) program, is one of the most notorious ransomware groups and has been responsible for

The CISO Shortlist: Top Priorities at RSA 2022

The buzz on the show floor during RSA Conference is about aligning the organization's security priorities with the right technology. Will Lin, managing director and founding member at Forgepoint Capital, weighs in on the biggest security priorities for 2022 — and what kind of tech senior-level executives are looking for.

CVE-2022-32291: GitHub - Edubr2020/RP_RecordClip_DLL_Hijack

In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname (for a DLL file) in a RAM file.

Threat Roundup for May 27 to June 3

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 27 and June 3. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Real Player 20.1.0.312 / 20.0.3.317 DLL Hijacking

The Player application and the Recording Manager of Real Player versions 20.1.0.312 and 20.0.3.317 are prone to a remote DLL hijack (binary planting) issue because of an unsafe search for non-existent DLLs. To exploit the issue attackers would have to convince the target to open a media file from a WebDAV or SMB share.

Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again

Deja-Vu data from this year's DBIR report feels like we are stuck in the movie 'Groundhog Day.'

CVE-2022-32270: GitHub - Edubr2020/RP_Import_RCE

In Real Player 20.0.7.309 and 20.0.8.310, external::Import() allows download of arbitrary file types and Directory Traversal, leading to Remote Code Execution. This occurs because it is possible to plant executables in the startup folder (DLL planting could also occur).