Cybersecurity researchers have taken the wraps of an organized financial-theft operation undertaken by a discreet actor to target transaction processing systems and siphon funds from entities primarily located in Latin America for at least four years….
|Uber didn’t think that this is much of a problem, even though several researchers already raised the grave possibility of phishing.
Categories: Social engineering
The post Careful! Uber flaw allows anyone to send an email from uber.com appeared first on Malwarebytes Labs.
|Arbix Finance disappeared in a puff of smoke. Site down, Twitter account deleted, no word from the team behind it explaining what happened.
The post $10m of funds goes missing in what appears to be a cryptocurrency rug-pull appeared first on Malwarebytes Labs.
An ongoing ZLoader malware campaign has been uncovered exploiting remote monitoring tools and a nine-year-old flaw concerning Microsoft’s digital signature verification to siphon user credentials and sensitive information.
Israeli cybersecurity compan…
Threat actors leveraged a cloud video hosting service to carry out a supply chain attack on more than 100 real estate websites operated by Sotheby’s Realty that involved injecting malicious skimmers to steal sensitive personal information.
Microsoft is warning of continuing attempts by nation-state adversaries and commodity attackers to take advantage of security vulnerabilities uncovered in the Log4j open-source logging framework to deploy malware on vulnerable systems.
Type: ReportsThreat Intelligence Executive Report 2021 Vol. 6Review the events and trends from the information security world from September through October 2021The Secureworks® Counter Threat Unit™ (CTU) researchers frequently serve as expert resource…
WordPress Plugin AAWP 3.16 – ‘tab’ Reflected Cross Site Scripting (XSS) (Authenticated)
Vodafone H-500-s 3.5.10 – WiFi Password Disclosure
openSIS Student Information System 8.0 – ‘multiple’ SQL Injection