The operators of the ransomware BlackCat (aka ALPHV) have published screenshots of Western Digital’s internal emails and video conferences. The hackers appear to have maintained access to the company’s systems even after Western Digital discovered and responded to the attack. Let me also remind you that we wrote that BlackCat Says It Attacked Creos Luxembourg,… Continue reading BlackCat Group Leaks Western Digital Data to the Network
Author: Vladimir Krasnogolovy
Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.
Microsoft Edge Exposes Bing API Addresses of Attended Sites
Users have noticed that a bug seems to have crept into Microsoft Edge – the fact is that, starting with build 112.0.1722.34, the browser passes all the URLs that users visit to the Bing API. In theory, this allows Microsoft to monitor all online activity of Edge users if the company decides so. Let me… Continue reading Microsoft Edge Exposes Bing API Addresses of Attended Sites
Clop and LockBit Ransomware Exploit Fresh Vulnerabilities in PaperCut
Microsoft has linked recent attacks on PaperCut servers to ransomware operations by Clop and LockBit, which used vulnerabilities to steal corporate data. In March 2023, print management solutions provider PaperCut fixed vulnerabilities CVE-2023-27350 (9.8 out of 10 on the CVSS scale, equalling the recently-discovered MSMQ vulnerability) and CVE-2023-27351 (8.2 out of 10). on the CVSS… Continue reading Clop and LockBit Ransomware Exploit Fresh Vulnerabilities in PaperCut
Supply Chain Attack Leads to 3CX Hack and Other Supply Chain Attacks
An investigation into a supply chain attack that hit 3CX last month found that the incident was caused by another supply chain compromise. First, the attackers targeted Trading Technologies, which automates stock trading, and distributed trojanized versions of its software. Let me remind you that the FBI warned about the increase of supply chains attacks,… Continue reading Supply Chain Attack Leads to 3CX Hack and Other Supply Chain Attacks
Medusa Groups Claims That It “Merged” the Source Code of Bing and Cortana into the Network
Medusa extortionist group claims to have published internal materials stolen from Microsoft, including the source codes of Bing, Bing Maps and Cortana. Microsoft representatives have not yet commented on the hackers’ statements, but IT specialists say that the leak contains digital signatures of the company’s products, many of which are relevant. According to the researcher,… Continue reading Medusa Groups Claims That It “Merged” the Source Code of Bing and Cortana into the Network
Chinese Hackers Use Google Command & Control Capabilities in Attacks
Google experts have warned that the Chinese “government” hack group APT41 is abusing the red team’s GC2 (Google Command and Control) tool. According to experts, GC2 was used in attacks on Taiwanese media and an unnamed Italian recruiting company. Let me remind you that we also wrote that Chinese Hackers Injected a Backdoor into the… Continue reading Chinese Hackers Use Google Command & Control Capabilities in Attacks
Legion Hacker Tool Used to Steal Data from Poorly Protected Websites
Experts have discovered a Python-based Legion hacking tool that is sold via Telegram and is used as a way to hack into various online services for further exploitation. Let me remind you that we also wrote that Microsoft Told How To Detect The Installation Of The BlackLotus UEFI Bootkit, and also that Experts discovered ESPecter… Continue reading Legion Hacker Tool Used to Steal Data from Poorly Protected Websites
Microsoft Told How to Detect the Installation of the BlackLotus UEFI Bootkit
Microsoft has shared a guide to help organizations detect the installation of the BlackLotus UEFI bootkit that exploits the CVE-2022-21894 vulnerability. The company also explained how best to restore an infected system. Let me remind you that we also wrote that Experts discovered ESPecter UEFI bootkit used for espionage. Let me remind you that BlackLotus… Continue reading Microsoft Told How to Detect the Installation of the BlackLotus UEFI Bootkit
Vulnerability Found in Twitter Code That Provokes a “Shadowban” of the Victim
Recently, Twitter fulfilled a promise made by Elon Musk and published on GitHub the source code of its recommender algorithm, where a vulnerability was discovered that could send a user to a shadowban. Numerous researchers immediately took up the study of the source code, and now one of the problems they discovered was assigned the… Continue reading Vulnerability Found in Twitter Code That Provokes a “Shadowban” of the Victim
Strange Enthusiasts Asked ChaosGPT to Destroy Humanity and Establish World Domination
Enthusiasts launched the ChaosGPT project, based on the open-source Auto-GPT, and AI was given access to Google and asked to “destroy humanity”, “establish world domination” and “achieve immortality”. ChaosGPT talks about its plans and actions on Twitter. Let me remind you that we also talked about the fact that Blogger Forced ChatGPT to Generate Keys… Continue reading Strange Enthusiasts Asked ChaosGPT to Destroy Humanity and Establish World Domination