Alerts

Stay updated with CyberLabs’ latest news alerts covering critical cybersecurity incidents, breaking threats, and important industry developments that matter to your digital safety.

Cybersecurity Architecture
A Flaw in OptinMonster plugin has affected over 1 million WordPress Sites
A Flaw in OptinMonster plugin has affected over 1 million WordPress Sites

29 Oct 2021

This security flaw in OptinMonster plugin were first discovered by Wordfence on 28thSeptember 2021. “Wordfence Threat Intelligence team initiated the responsible disclosure process for several vulnerabilities we discovered in OptinMonster, a WordPress plugin installed on over 1,000,000 sites. These flaws made it possible for an unauthenticated attacker, meaning any site visitor, to export sensitive information and add malicious JavaScript to WordPress sites, among many other actions.” Stated Chloe Chamberland from Wordfence.

Read More
Cyberattack in Iran temporarily disrupts gas stations
Cyberattack in Iran temporarily disrupts gas stations

28 Oct 2021

On 26thOct 2021, National Iranian Oil Products Distribution Company (NIOPDC) gas stations was reported stopped working due to a cyberattack that affected the entire distribution network.

Read More
150 Dark web vendors arrested for selling and buying illicit goods
150 Dark web vendors arrested for selling and buying illicit goods

27 Oct 2021

The operation (Operation Dark HunTor) conducted by law enforcement across the word were able to arrest 150 suspects involve in illegal sale of drugs and other illicit goods and services. Dark Market is considered the largest black market on darkweb. This was taken down by law enforcement from Germany, Australia, Denmark, Moldova, Ukraine, the United Kingdom (the National Crime Agency), and the USA (DEA, FBI, and IRS) with the support of the Europol in January.

Read More
Wide spreading Subscription fraud campaign targeting android users
Wide spreading Subscription fraud campaign targeting android users

26 Oct 2021

Researchers at Avast have found out 151 apps that are downloadable from Google Play Store are part of the UltimaSMS campaign. It been recorded that these have been download more than 10.5 million times.

Read More
REvil Ransomware gets hit by law enforcement
REvil Ransomware gets hit by law enforcement

25 Oct 2021

On 22ndOctober 2021Routerreported that “The ransomware group REvil was itself hacked and forced offline this week by a multi-country operation, according to three private sector cyber experts working with the United States and one former official.”

Read More
Google warns about a phishing campaign hijacking YouTube creators with cookie stealing malware
Google warns about a phishing campaign hijacking YouTube creators with cookie stealing malware

22 Oct 2021

Researchers on the Google Threat Analysis Group has been tracking the financially motivated threat actors phishing campaigning that has been targeting YouTube creators with cookie stealing malware since 2019. The threat actors have been recruiting hackers from a Russian-speaking forums offering two types of work.

Read More
Acer suffers two breaches in a week
Acer suffers two breaches in a week

21 Oct 2021

Acer the Taiwanese electronic technologyafter-sales service systems in India were compromise recentlyand few days after that its systems in Taiwan was breached. The same threat actor known as Desorden was hacked Acer twice in a week.

Read More
Trickbot Malware expand it distribution channel
Trickbot Malware expand it distribution channel

18 Oct 2021

TrickBot Gang also known as Wizard Spider and ITG23 have resurfaced with new distribution channel infecting users with Trickbot and BazarLoader. The threat actor is found to be partnered up with Hive0105, Hive0106 (aka TA551) and Hive0107.

Read More
Acer disclosed its second breach of the year
Acer disclosed its second breach of the year

15 Oct 2021

Acer the Taiwanese electronic technology giant disclosed that its after-sales service systems in India was recently breached. “We have recently detected an isolated attack on our local after-sales service system in India. Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India. The incident has been reported to local law enforcement and the Indian Computer Emergency Response Team and has no material impact to our operations and business continuity.” Steven Chung, Acer Corporate Communications

Read More
MyKings botnet is still active and operating
MyKings botnet is still active and operating

14 Oct 2021

MyKings botnet, which is also called Smominru, and DarkCloud, first appeared in 2016 and its report that its been active since then. The new research from Avast Threat Labs shows that “since 2019, the operators behind MyKings have amassed at least $24 million USD (and likely more) in the Bitcoin, Ethereum, and Dogecoin cryptowallets associated with MyKings”

Read More
Microsoft Fixes four Zero-Day vulnerabilities
Microsoft Fixes four Zero-Day vulnerabilities

13 Oct 2021

Microsoft October 2021 Patch Tuesday (12th October 2021) released patches for four zero-day vulnerabilities and for more than 74 vulnerabilities. The vulnerabilities are classified as 13 Information Disclosure Vulnerabilities, 5 Denial of Service Vulnerabilities, 21 Elevation of Privilege Vulnerabilities, 6 Security Feature Bypass Vulnerabilities, 20 Remote Code Execution Vulnerabilities and 9 Spoofing Vulnerabilities. Out of these 1 is rated as low, 3 as critical and 70 rated as important.

Read More
Apple Releases Urgent Patch for New Zero-Day Vulnerability
Apple Releases Urgent Patch for New Zero-Day Vulnerability

12 Oct 2021

On Monday 11th October 2021, Apple released security updates to fix a zero-day vulnerability which is been exploited in the wild targeting iPhone and iPad. This vulnerability is a critical memory corruption bug in the IOMobileFrameBuffer tracked as CVE-2021-30883. This allows an application to execute arbitrary code with kernel privileges on vulnerable devices.

Read More