Blogs
Stay informed with CyberLabs’ expert-written blogs featuring the latest cybersecurity insights, practical tips, and deep dives into emerging threats and technologies.
Harvest Credentials on Fraudulent Facebook Pages
20 Jul 2022
Computer Emergency Response Team of Ukraine (CERT-UA) has released an article reporting that number of fraudulent pages on the Facebook is used to harvest credentials and compromise monetary information. The fraudulent page called “Unified Compensation Center for the Return of Unpaid Funds” directs to malicious link. Victims are then urges to enter personal identity information […]
Read More
$8.1 million stole in Uniwasp phishing attack
19 Jul 2022
Uniswap a decentralized cryptocurrency exchange has loss millions of dollars in a phishing attack. On 13th July 2022, security vendor bleeping computer reported that a phishing attack on the Decentralized Cryptocurrency Exchange (DEX) platform Uniwasp, has loss 7,500 ether (ETH) ($8.1 million). 1/ Yesterday, some Uniswap LPs unfortunately fell for a phishing scam, a problem […]
Read More
Twitter and YouTube Accounts of British Military Hacked by threat actors
14 Jul 2022
On 4th July 2022, the Britain’s Ministry of Defense tweeted “The breach of the Army’s Twitter and YouTube accounts that occurred earlier today has been resolved and an investigation is underway,” The breach of the Army’s Twitter and YouTube accounts that occurred earlier today has been resolved and an investigation is underway. The Army takes […]
Read More
Threat actors are still Exploiting Log4Shell vulnerability
7 Jul 2022
Cybersecurity & Infrastructure Security Agency (CISA) and the United States Coast Guard Cyber Command (CGCYBER) released a joint Cybersecurity Advisory (CSA) on june 23rd 2022 warning cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, still continue to exploit Log4Shell vulnerability tracked as CVE-2021-44228 in VMware Horizon and Unified Access Gateway (UAG) servers. The […]
Read More
U.S. FCC commissioner has requests google and Apple to take off TikTok from app stores
1 Jul 2022
On 24th June 2022, Brendan Carr the Federal Communication Commission Commissioner has sent a letter to CEO’s of Apple and Google requesting to remove TikTok from their app stores or to provide an explanation on why they think there should not. The reason for this request as mentioned in the letter is “It is clear […]
Read More
Top 25 Most Dangerous Software Weaknesses – 2022 CWE
29 Jun 2022
On June 28th 2022, Mitre shared the 2022 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses list (CWE™ Top 25). “This list demonstrates the currently most common and impactful software weaknesses. Often easy to find and exploit, these can lead to exploitable vulnerabilities that allow adversaries to completely take over a system, steal […]
Read More
Email bug lets attackers bypass Security
16 Jun 2022
As notified by Cisco of the security flaw (tracked as CVE-2022-20798) was found in the external authentication functionality of virtual and hardware Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager appliances. Customers were requested this week to patch this critical vulnerability that allow threat actors to bypass authentication login in to […]
Read More
Symbiote Malware infects all running processes on Linux Systems
10 Jun 2022
A newly found malware known as Symbiote infects all running processes on compromised systems, steals account credentials, and gives its operators backdoor access. Symbiote acts as a system-wide parasite, after injecting itself into all running processes and leaving no identifiable signs of infection even during meticulous in-depth inspections. The malware uses the BPF (Berkeley Packet […]
Read More
RCE Vulnerability shambles Google Chrome Dev Channel
2 Jun 2022
It has been reported that a recently patched severe remote code execution vulnerability flaw in the V8 JavaScript and WebAssembly engine used in Google Chrome and Chromium-based browsers. The problem occurs to a case of use-after-free in the instruction optimization component, successful exploitation of which could “allow an attacker to execute arbitrary code in the […]
Read More
Zoom flaw enables users get hacked just by sending a Message
31 May 2022
Our everyday video conferencing service Zoom was able to resolve as many as 4 security vulnerabilities, which could be used to exploit and comprise other users over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages and execute malicious activity. Tracked from CVE-2022-22784 through CVE-2022-22787, the issues range between 5.9 and 8.1 […]
Read More
If you interact, you get caught: A Chatbot phishing campaign
25 May 2022
Phishing campaigns are usually executed on emails, whatever links included are commonly delivered through an email to the desired victim or target. Once accessed or clicked upon, these links then open up websites that often showcases a single webpage in some cases known as landing page, that outright requests personal or sensitive information such as […]
Read More
21 Year old jailed for stealing Cryptocurrency by luring victims on Snapchat
16 May 2022
Online crypto scams and fraudulent schemes are hardly anything new. However, this specific case of a London based crypto robber transcends the virtual realm and reveals a bolt from the blue. Where victims caught were coerced in to paying £34,000 in total to the perpetrator. On the 11th of May, a 21 year old was […]
Read More