Hackers Increasingly Using ‘Browser-in-the-Browser’ Technique in Ukraine Related Attacks
A Belarusian threat actor known as Ghostwriter (aka UNC1151) has been spotted leveraging the recently disclosed browser-in-the-browser (BitB) technique as part of their credential phishing campaigns exploiting the ongoing Russo-Ukrainian conflict.
The…
Malwarebytes Updates Thread
Malwarebytes is a high performance anti-malware application that thoroughly removes even the most advanced malware and spyware. Malwarebytes version…
Click to expand…
Read more
DPRK hackers go after crypto assets using trojanized DeFi Wallet app
Hackers associated with the North Korean government have been distributing a trojanized version of the DeFi Wallet for storing cryptocurrency assets to gain access to the systems of…
Click to expand…
Read more
CVE-2022-22963 – PoC Spring Java Framework 0-day Remote Code Execution Vulnerability
To run the vulnerable SpringBoot application run this docker container exposing it to port 8080. Example: docker run -it -d -p 8080:8080 bobcheat/springboot-public Exploit Curl command: curl -i -s -k -X $’POST’ -H $’Host: 192.168.1.2:8080′ -H $’…
Ukraine shuts down disinformation bot farm
It’s reported that Ukrainian security services have shut down a bot farm that was spreading disinformation.
The post Ukraine shuts down disinformation bot farm appeared first on Malwarebytes Labs.
12th Gen Intel Core i9-12900KS Launches as World’s Fastest Desktop Processor
What’s New: Intel today announced full details and availability for the new 12th Gen Intel® Core™ i9-12900KS, the world’s fastest desktop processor1. It delivers up to 5.5…
Click to expand…
Read more
Google’s next US antitrust issue: Google Maps
Google’s latest antitrust headache is coming from the US government, which is starting to take issue with how Google bundles Google Maps and restricts developers from using competing services…
Click to expand…
Read more
Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security
A zero-day remote code execution (RCE) vulnerability has come to light in the Spring framework shortly after a Chinese security researcher briefly leaked a proof-of-concept (PoC) exploit on GitHub before deleting their account.
According to cybersecur…
QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices
Taiwanese company QNAP this week revealed that a selected number of its network-attached storage (NAS) appliances are affected by a recently-disclosed bug in the open-source OpenSSL cryptographic library.
“An infinite loop vulnerability in OpenSSL has…