Joomla! CW Article Attachments 1.0.6 – ‘id’ SQL Injection
LG SuperSign EZ CMS 2.5 – Remote Code Execution
MyBB Visual Editor 1.8.18 – Cross-Site Scripting
A Latvian hacker behind the development and operation of counter antivirus service “Scan4You” has finally been sentenced to 14 years in prison.
37-year-old Ruslans Bondars, described as a Latvian “non-citizen” or “citizen of the former USSR who had be…
|Over the last few days, we’ve noticed a large increase in malicious spam spreading Emotet, as well as a higher number of detections from our customers. Looks like we’re in the middle of an active Emotet campaign.
A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows operating system (including server editions) after the company failed to patch a responsibly disclosed bug within the 120-da…
|The Simple Authentication and Security Layer (SASL) is an essential element of online authentication. But are you aware of all the known vulnerabilities? And, more importantly, have you patched them?
The post Simple Authentication and Security Layer (SASL) vulnerabilities appeared first on Malwarebytes Labs.
A high-severity vulnerability has been discovered in 4G-based wireless 4GEE Mini modem sold by mobile operator EE that could allow an attacker to run a malicious program on a targeted computer with the highest level of privileges in the system.
Collectric CMU 1.0 – ‘lang’ SQL injection
|Thousands of WordPress sites have been injected with the same malicious redirection. We review the infection details and the malicious traffic leading to browser lockers.
The post Mass WordPress compromises redirect to tech support scams appeared first on Malwarebytes Labs.
The concept of "packing" or "crypting" a
malicious program is widely popular among threat actors looking to
bypass or defeat analysis by static and dynamic analysis tools.
Evasion of classification and detection …