Alerts

Stay updated with CyberLabs’ latest news alerts covering critical cybersecurity incidents, breaking threats, and important industry developments that matter to your digital safety.

Cybersecurity Architecture
Fake Ransomware attacks on WordPress sites
Fake Ransomware attacks on WordPress sites

17 Nov 2021

Around 300 hacked WordPress sites showed a fake encryption notice demanding a 0.1 bitcoin ransom. This was shown with a count down and a message mentioning “FOR RESTORE SEND 0.1 BITCOIN”. As 0.1 bitcoin is not a negligible amount for a web admin compared to ransom we have seen before. However, a victim hired the cyber security firm Sucuri who discovered these fake Ransomware attacks.

Read More
Millions of IoT and routers with more than 30 exploits are targeted by BotenaGo Malware
Millions of IoT and routers with more than 30 exploits are targeted by BotenaGo Malware

16 Nov 2021

Malware written in the go language has been discovered that puts millions of NAS, routers, and Internet of things (IoT) devices at risk. According to researchers done by AT&T Cybersecurity, the malware takes advantage of 33 different exploits to attack routers and IoT devices. The cybercriminal group behind this still not identified.

Read More
Hacked FBI Email Server has sent out fake cyberattack warnings
Hacked FBI Email Server has sent out fake cyberattack warnings

15 Nov 2021

Federal Bureau of Investigation (FBI) email server was used to send around ten thousand of fake emails on a cyberattack warning. According to Spamhaus an nonprofit spam tacking the fake email warns about a threat actor named Vinny Troia has stolen data from the recipient’s device. They further confirm that the emails are indeed coming from the infrastructure owned by the FBI/DHS.

Read More
91% Baiting email attacks are done using Gmail accounts
91% Baiting email attacks are done using Gmail accounts

12 Nov 2021

A Bait attack is kind of a phishing attack where the attackers try to gather information about the target and use this information in future attackers. This is more like testing or researching on targets who are willing to respond and targeting them more effectively.

Read More
Netflix, Instagram, and Twitter users are being targeted by a new Android Malware
Netflix, Instagram, and Twitter users are being targeted by a new Android Malware

11 Nov 2021

MasterFred a new android malware is using fake login overlays to steal credit card information from Instagram, twitter, Netflix users and Banking customers. Sample of this virus was first submitted to VirusTotal in 2021.Alberto Segura saidthat “It seems there is an undetected Android #Banker affecting Turkey and Poland.” Sharing a sample of the virus a week ago.

Read More
Microsoft fixes 6 zero-days on November 2021 Patch Tuesday
Microsoft fixes 6 zero-days on November 2021 Patch Tuesday

10 Nov 2021

9thOctober 2021 is the patch Tuesday, and it was fix 6 zero-day vulnerabilities where 2 of them are actively exploited and 55 flaws. 6 of the flaws a critical while 49 are important.

Read More
Reward of $10 million for information on DarkSide Ransomware group
Reward of $10 million for information on DarkSide Ransomware group

8 Nov 2021

The US State Department said in a Press Release on 4thNov 2021 that they are offering a reward of up to $10 million for information leading to the identification or location of anyone with a key leadership position in DarkSide, a cybercrime organization the FBI has said is based in Russia.

Read More
Cisco release updates fixing the default SSH key and hard-coded credentials issues
Cisco release updates fixing the default SSH key and hard-coded credentials issues

5 Nov 2021

On 4thNov 2021, two critical vulnerabilities that allowed unauthenticated attackers to log in to affected devices using default SSH keys or using hard-coded credentials was fixed by cisco.

Read More
Facebook shut down its Face Recognition system and delete 1 billion faceprints
Facebook shut down its Face Recognition system and delete 1 billion faceprints

4 Nov 2021

On 2ndNov 2021 Facebook Company now rebranded as Meta published and announcement saying that they will be not using Face Recognition system on their platform and faceprints for around billion people will be deleted.

Read More
Unauthenticated Remote code Execution in GitLabs is exploited in wild
Unauthenticated Remote code Execution in GitLabs is exploited in wild

3 Nov 2021

CVE-2021-22205 is a critical remote code execution vulnerability in the service’s web interface. This was first addressed in April by GitLabs on thepublished Critical Security Release.“An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that is passed to a file parser which resulted in a remote command execution. This is a critical severity issue. It is now mitigated in the latest release and is assigned CVE-2021-22205.” Dominic Couture from GitLabs stated is the security release.

Read More
Kaspersky Emails are seen in recent office 365 phishing campaign
Kaspersky Emails are seen in recent office 365 phishing campaign

2 Nov 2021

On 1stNovember 2021 Kaspersky release and advisory mentioning that their experts were able to found out some e-mails were sent using Amazon’s Simple Email Service (SES) and legitimate SES token for the phishing activity.

Read More
Chaos ransomware lures Minecraft gamers via fake alt lists
Chaos ransomware lures Minecraft gamers via fake alt lists

1 Nov 2021

Minecraft is a popular game which has been popular for continuously 12 years now, where around 140 million actively players in August 2021. Cybercrime groups are now attempting to exploit this by targeting gamers Windows Devices though promoting fake Minecraft alt list on gaming forums.

Read More