Category: Uncategorized

Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers

Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code execution, the Zero Day Initiative (ZDI) said in a report published last week. The vulnerabilities were demonstrated by three different teams from Qrious Secure, STAR Labs, and DEVCORE at the Pwn2Own hacking contest held in Toronto late […]

Introduction to the purpose of AWS Transit Gateway

Introduction Today you look at the Global/Multi-site Enterprise Security Architecture of an organization and see a myriad of concerns. Increased levels of complexity, difficulties managing multiple third parties, difficulties implementing consistent levels of security, and so on. This makes it imperative for organizations to identify opportunities to simplify, streamline, and generally improve their infrastructure wherever […]

Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users

A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as part of a sophisticated malware campaign. The malware is distributed via social media and messaging platforms under the guise of legitimate applications like Opera Mini, OpenAI ChatGOT, and Premium versions of YouTube, Netflix, and Instagram. “Once installed on a […]

A week in security (May 22-28)

Last week on Malwarebytes Labs: Update now: 9 vulnerabilities impact Cisco Small Business Series ChatGPT: Cybersecurity friend or foe? Webinar recap: EDR vs MDR for business success Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11 Malvertising via brand impersonation is back again Update now! Apple issues […]

New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass user authentication and seize control of the devices. The approach, dubbed BrutePrint, bypasses limits put in place to counter failed biometric authentication attempts by weaponizing two zero-day vulnerabilities in the smartphone fingerprint authentication (SFA

Data Breach at MCNA Dental Insurer Impacts 9 Million Users

By Habiba Rashid The hackers managed to steal highly sensitive data in the data breach, including Social Security numbers, names, addresses, phone numbers, email addresses, and more. This is a post from HackRead.com Read the original post: Data Breach at MCNA Dental Insurer Impacts 9 Million Users

Jimbos Protocol Hack: $7.5 Million Lost in Latest DeFi Attack

By Habiba Rashid The attack on Jimbos Protocol exploited a critical vulnerability related to the lack of slippage control on liquidity conversions. This is a post from HackRead.com Read the original post: Jimbos Protocol Hack: $7.5 Million Lost in Latest DeFi Attack

AceCryptor: Cybercriminals’ Powerful Weapon, Detected in 240K+ Attacks

A crypter (alternatively spelled cryptor) malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per month. Some of the prominent malware families contained within AceCryptor are SmokeLoader, […]