An investigation into a supply chain attack that hit 3CX last month found that the incident was caused by another supply chain compromise. First, the attackers targeted Trading Technologies, which automates stock trading, and distributed trojanized versions of its software. Let me remind you that the FBI warned about the increase of supply chains attacks,… Continue reading Supply Chain Attack Leads to 3CX Hack and Other Supply Chain Attacks
Author: Vladimir Krasnogolovy
Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.
Medusa Groups Claims That It “Merged” the Source Code of Bing and Cortana into the Network
Medusa extortionist group claims to have published internal materials stolen from Microsoft, including the source codes of Bing, Bing Maps and Cortana. Microsoft representatives have not yet commented on the hackers’ statements, but IT specialists say that the leak contains digital signatures of the company’s products, many of which are relevant. According to the researcher,… Continue reading Medusa Groups Claims That It “Merged” the Source Code of Bing and Cortana into the Network
Chinese Hackers Use Google Command and Control Capabilities in Attacks
Google experts have warned that the Chinese “government” hack group APT41 is abusing the red team’s GC2 (Google Command and Control) tool. According to experts, GC2 was used in attacks on Taiwanese media and an unnamed Italian recruiting company. Let me remind you that we also wrote that Chinese Hackers Injected a Backdoor into the… Continue reading Chinese Hackers Use Google Command and Control Capabilities in Attacks
Legion Hacker Tool Used to Steal Data from Poorly Protected Websites
Experts have discovered a Python-based Legion hacking tool that is sold via Telegram and is used as a way to hack into various online services for further exploitation. Let me remind you that we also wrote that Microsoft Told How To Detect The Installation Of The BlackLotus UEFI Bootkit, and also that Experts discovered ESPecter… Continue reading Legion Hacker Tool Used to Steal Data from Poorly Protected Websites
Microsoft Told How to Detect the Installation of the BlackLotus UEFI Bootkit
Microsoft has shared a guide to help organizations detect the installation of the BlackLotus UEFI bootkit that exploits the CVE-2022-21894 vulnerability. The company also explained how best to restore an infected system. Let me remind you that we also wrote that Experts discovered ESPecter UEFI bootkit used for espionage. Let me remind you that BlackLotus… Continue reading Microsoft Told How to Detect the Installation of the BlackLotus UEFI Bootkit
Vulnerability Found in Twitter Code That Provokes a “Shadowban” of the Victim
Recently, Twitter fulfilled a promise made by Elon Musk and published on GitHub the source code of its recommender algorithm, where a vulnerability was discovered that could send a user to a shadowban. Numerous researchers immediately took up the study of the source code, and now one of the problems they discovered was assigned the… Continue reading Vulnerability Found in Twitter Code That Provokes a “Shadowban” of the Victim
Strange Enthusiasts Asked ChaosGPT to Destroy Humanity and Establish World Domination
Enthusiasts launched the ChaosGPT project, based on the open-source Auto-GPT, and AI was given access to Google and asked to “destroy humanity”, “establish world domination” and “achieve immortality”. ChaosGPT talks about its plans and actions on Twitter. Let me remind you that we also talked about the fact that Blogger Forced ChatGPT to Generate Keys… Continue reading Strange Enthusiasts Asked ChaosGPT to Destroy Humanity and Establish World Domination
Hackers Infect eFile Tax Filing Service with Malware
The eFile service, used by many Americans to file their tax returns and authorized by the US Internal Revenue Service (IRS), has been distributing malware for several weeks. Let me remind you that we also reported that Russian-Speaking Hack Group Winter Vivern Attacks Governments in Europe and Asia, and also that Google Report Companies Creating… Continue reading Hackers Infect eFile Tax Filing Service with Malware
Rilide Malware Steals Data from Chromium Browsers
Trustwave SpiderLabs specialists spoke about the new Rilide malware, which steals confidential data and cryptocurrency, targeting Chromium browsers. Basically, Rilide masks as a legitimate Google Drive extension. Let me remind you that we also wrote that has Specialists Discovered a New Version of Malware from Russian Hackers LOLI Stealer. Moreover, the malware can display fake… Continue reading Rilide Malware Steals Data from Chromium Browsers
Rorschach’s New Ransomware Is Named the Fastest to Date
Check Point analysts have discovered a new ransomware, Rorschach ransomware that has already been used to attack an unnamed American company. This malware is notable for its extremely high speed of file encryption and the fact that it is deployed using a signed component of commercial security software. Check Point calls this threat “one of… Continue reading Rorschach’s New Ransomware Is Named the Fastest to Date