A group of scientists from the Technical University of Graz (Austria), the University of Birmingham, and the Helmholtz Center for Information Security in Germany (CISPA) have revealed details of a new Platypus attack that allows stealing data from Intel processors. The name is an acronym derived from Power Leakage Attacks: Targeting Your Protected User Secrets.… Continue reading Platypus attack allows stealing data from Intel processors
Author: Vladimir Krasnogolovy
Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.
New Pay2Key ransomware encrypts corporate networks in just an hour
A number of companies and large corporations in Israel have been targeted by cyberattacks using a new ransomware called Pay2Key. The first attacks were recorded by specialists from Check Point at the end of October this year, and now their number has increased. According to experts, criminals usually carry out attacks after midnight, when companies… Continue reading New Pay2Key ransomware encrypts corporate networks in just an hour
The company had to change the dangerous name for sites as it could provoke an XSS attack
The name of the some company turned out to be dangerous for sites that cannot properly process HTML and could provoke an XSS attack. In the past, some organizations have used lines of code for fun, but at least one of them had to change it. According to The Guardian, UK Companies House forced one… Continue reading The company had to change the dangerous name for sites as it could provoke an XSS attack
Ragnar Locker ransomware attacked Italian beverage manufacturer Gruppo Campari
ZDNet reports that on November 1, 2020, Ragnar Locker ransomware operators attacked the Italian beverage manufacturer Gruppo Campari, which owns such brands as Campari, Cinzano, SKYY vodka, Epsolon, Wild Turkey, Grand Marnier and Appleton. Hackers write that they stole about 2 TB of information from the company. They have already posted screenshots of the stolen… Continue reading Ragnar Locker ransomware attacked Italian beverage manufacturer Gruppo Campari
Ransomwares doesn’t always delete stolen data after paying the ransom
Researchers from Coveware have provided statistics that ransomwares does not always delete the data it have stolen and made recommendations to potential victims. In 2019, Maze ransomware operators began using a new double-ransom tactic, in which attackers steal unencrypted files and then threaten to publish them if the ransom is not paid. Many groups have… Continue reading Ransomwares doesn’t always delete stolen data after paying the ransom
The battle at the cyber polygon The Standoff will be held online
This year, in connection with the COVID-19 pandemic, the battle at the cyber polygon The Standoff will take place on November 12-17, 2020 online and on three continents at once. The organizers invite to work with them to create a new approach to technology security analysis and develop tools to simulate threats to critical infrastructure… Continue reading The battle at the cyber polygon The Standoff will be held online
Google Chrome fixed second 0-day vulnerability in two weeks
Google developers have released Chrome version 86.0.4240.183 for Windows, Mac and Linux, which fixed 10 different problems. The update also includes a patch for a 0-day vulnerability in Google Chrome, which hackers are already actively using. The bug was identified as CVE-2020-16009 and was discovered by the Threat Analysis Group (TAG), Google’s internal security team… Continue reading Google Chrome fixed second 0-day vulnerability in two weeks
CERT launched Twitter bot that comes up with names for vulnerabilities
Specialists from the CERT Coordination Center (CERT/CC) have launched a special Twitter bot, Vulnonym, which will “invent” random and maximally neutral names for vulnerabilities that have received CVE identifiers. This idea was born out of endless discussions about “should vulnerabilities have names?” For many decades, MITER has been assigning CVE identifiers to vulnerabilities in the… Continue reading CERT launched Twitter bot that comes up with names for vulnerabilities
Google Project Zero discovered a 0-day vulnerability in the Windows kernel
Google Project Zero has discovered a 0-day vulnerability in the Windows kernel (CVE-2020-17087). It has been reported that this bug could be exploited by an attacker with local access to escalate privileges and escape the sandbox. What is worse, it is already being used in targeted attacks. The vulnerability is related to the operation of… Continue reading Google Project Zero discovered a 0-day vulnerability in the Windows kernel
Microsoft experts talked about Iranian hackers attacks on security conference participants
Microsoft experts talked that Iranian government hackers have successfully hacked the email accounts of a number of dignitaries and potential attendees to the Munich Security Conference and Think 20 (T20) summit. In total, more than 100 people suffered in the attacks. The Munich Security Conference is famous for bringing together hundreds of dignitaries and influential… Continue reading Microsoft experts talked about Iranian hackers attacks on security conference participants