More than half a million routers and storage devices in dozens of countries have been infected with a piece of highly sophisticated IoT botnet malware, likely designed by Russia-baked state-sponsored group.
Cisco’s Talos cyber intelligence unit have d…
 |
|
| When it comes to poorly-written code, we’re quick to point a finger at programmers, forgetting that they are beholden to the constraints of companies looking to push out tech product quickly. Thankfully, management can address bad coding habits with these seven ways to support, train, and motivate their staff.
Categories: Tags: bad codebad coding habitsdevelopersprogrammingsecure codevulnerabilities |
The post Why bad coding habits die hard—and 7 ways to kill them appeared first on Malwarebytes Labs.
Even after being aware of various active cyber attacks against the GPON Wi-Fi routers, if you haven’t yet taken them off the Internet, then be careful—because a new botnet has joined the GPON party, which is exploiting an undisclosed zero-day vulnerabi…
Chinese security researchers have discovered more than a dozen vulnerabilities in the onboard compute units of BMW cars, some of which can be exploited remotely to compromise a vehicle.
The security flaws have been discovered during a year-long securi…
 |
|
| About three weeks ago, we published our second CrackMe, which has triggered a lot of interest, and many high-quality write-up submissions. In this post, we summarize the contest and comment on the submissions. Whose write-up won? Read on to find out.
Categories: Tags: crackmeCrackMe contestCrackMe winnersMalwarebytes CrackMe |
The post Malwarebytes CrackMe 2: contest summary appeared first on Malwarebytes Labs.
 |
|
| New Mac cryptominer malware is using the XMRig library to mine Monero on infected Macs.
Categories: Tags: ApplecryptominercryptominingmacMac cryptominerXMRig |
The post New Mac cryptominer uses XMRig appeared first on Malwarebytes Labs.
Security researchers from Microsoft and Google have discovered a fourth variant of the data-leaking Meltdown-Spectre security flaws impacting modern CPUs in millions of computers, including those marketed by Apple.
Variant 4 comes weeks after German c…
Easy File Uploader 1.7 – SQL Injection / Cross-Site Scripting
Microsoft Windows – ‘POP/MOV SS’ Privilege Escalation
NewsBee CMS 1.4 – ‘download.php’ SQL Injection
NewsBee CMS 1.4 – ‘home-text-edit.php’ SQL Injection
Feedy RSS News Ticker 2.0 – ‘cat’ SQL Injection
Auto Car 1.2 – ‘car_title’ SQL Injection / Cross-Site Scripting
NewsBee CMS 1.4 – ‘home-text-edit.php’ SQL Injection
Siemens SIMATIC S7-1500 CPU – Remote Denial of Service
