Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

New QBot Banking Trojan Campaign Hijacks Business Emails to Spread Malware

A new QBot malware campaign is leveraging hijacked business correspondence to trick unsuspecting victims into installing the malware, new findings from Kaspersky reveal. The latest activity, which commenced on April 4, 2023, has primarily targeted users in Germany, Argentina, Italy, Algeria, Spain, the U.S., Russia, France, the U.K., and Morocco. QBot (aka Qakbot or Pinkslipbot) is a banking

The Hacker News
Open in Source
#web#windows#microsoft#intel#backdoor#pdf#The Hacker News
AspEmail 5.6.0.2 Weak Permissions / Local Privilege Escalation

AspEmail version 5.6.0.2 suffers from weak permission vulnerability that allows for local privilege escalation.

Bang Resto 1.0 SQL Injection

Bang Resto version 1.0 suffers from multiple SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to nu11secur1ty in December of 2022.

Bang Resto 1.0 Cross Site Scripting

Bang Resto version 1.0 suffers from a cross site scripting vulnerability.

CVE-2023-27755: go-bbs has an arbitrary file download vulnerability · Issue #10 · gobbscom/go-bbs

go-bbs v1 was discovered to contain an arbitrary file download vulnerability via the component /api/v1/download.

Living Off the Land (LOTL) attacks: Detecting ransomware gangs hiding in plain sight

Categories: Business Good tools gone bad. (Read more...) The post Living Off the Land (LOTL) attacks: Detecting ransomware gangs hiding in plain sight appeared first on Malwarebytes Labs.

Update Chrome now! Google patches actively exploited flaw

Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Chrome zero-day Tags: CVE-2023-2033 Tags: V8 flaw Tags: V8 Google has released an updated version of Chrome to address a zero-day flaw that is being exploited in the wild. (Read more...) The post Update Chrome now! Google patches actively exploited flaw appeared first on Malwarebytes Labs.

Fake Chrome updates spread malware

Categories: News Tags: chrome Tags: browser Tags: update Tags: fake Tags: malware Tags: monero Tags: miner Tags: cryptocurrency Tags: rogue Tags: hacked Tags: compromised Tags: site Tags: website We take a look at a slew of hacked websites pushing fake Chrome updates which are Monero miner malware in disguise. (Read more...) The post Fake Chrome updates spread malware appeared first on Malwarebytes Labs.

10 Best Zippyshare Alternatives – Best File Sharing Services

By Waqas Zippyshare is no longer available after the service announced its shutdown on March 30th, 2023. This is a post from HackRead.com Read the original post: 10 Best Zippyshare Alternatives – Best File Sharing Services

A week in security (April 10 - 16)

Categories: News Tags: Lock and Code S04E09 Tags: Bennett Cyphers Tags: Apple vulnerability Tags: phone charging station Tags: FBI Tags: Yum! Brands Tags: KFC Tags: Pizza Hut Tags: Patch Tuesday Tags: sextortion Tags: malvertising Tags: Weebly Tags: AI Tags: virtual kidnapping Tags: ransomware review Tags: ransomware in the UK Tags: ransomware in France The most interesting security related news from the week of April 10 - 16. (Read more...) The post A week in security (April 10 - 16) appeared first on Malwarebytes Labs.