Cisco VPNs without MFA are under attack by ransomware operator
Several researchers are seeing ransomware attacks targetting Cisco VPNs without MFA The Cisco Product Security Incident Response Team (PSIRT) has posted a blog about Akira…
Category: MalwareBytes
“An influx of Elons,” a hospital visit, and magic men: Becky Holmes shares more romance scams: Lock and Code S04E18
Becky Holmes is a big deal online. Hugh Jackman has invited her to dinner. Prince William has told her she has “such a beautiful name.”…
FBI confirms Barracuda patch is not effective for exploited ESG appliances
The FBI repeats the warning by Barracuda that all ESG appliances should immediately be replaced because the patch was ineffective. In an FBI Flash about a…
2.6 million DuoLingo users have scraped data released
Using an openly available API, cybercrimnals were able to scrape the data of 2.6 million DuoLingo users. An unknown party has released the scraped data…
Google strengthens its Workplace suite protection
We take a look at how Google is strengthening protections across its Workplace products, and Gmail in particular. Google has announced the strengthening of safeguard…
Smart lightbulb and app vulnerability puts your Wi-Fi password at risk
We take a look at reports that a smart lightbulb and app vulnerability could potentially put your Wi-Fi password at risk. New research highlights another…
Update now! Google Chrome’s first weekly update has arrived
The first of Chrome’s now weekly security updates fixes five vulnerabilities. Google has published details about the first weekly update for the Chrome browser. Recently…
Teenage members of Lapsus$ ransomware gang convicted
A wave of video game developer compromises has come to a court-based conclusion for those responsible, with several convictions the end result. Arion Kurtaj, and…
Malwarebytes acquires Cyrus Security
Cybersecurity isn’t limited to defending against malware anymore; it’s about ensuring your entire digital identity remains unscathed and your private details remain private. Today, I…
DarkGate reloaded via malvertising and SEO poisoning campaigns
The new version of the DarkGate malware is currently actively being distributed via malspam, malicious ads and SEO poisoning. In July 2023, we observed a malvertising…
Ivanti Sentry critical vulnerability—don’t play dice, patch
There is some uncertainty about whether a vulnerability in Ivanti Sentry is being exploited in the wild, but why take the risk when you can…
Update now! WinRAR files can be abused to run malware
A new version of WinRAR is available that patches two vulnerabilities attackers could use for remote code execution. A new version of the file archiving…