Using ransomware, cybercriminals attacked the University of California, San Francisco (UCSF), one of the leaders in developing a vaccine against COVID-19. The university administration confirmed to Bloomberg reporters that it was the victim of an “illegal invasion”, but did not specify which part of the IT infrastructure was damaged. UCSF experts are leaders in the… Continue reading Cybercriminals attacked UCSF, US leading COVID-19 vaccine developer
Author: Vladimir Krasnogolovy
Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.
Users seldom change passwords even after data leaks
Researchers from Carnegie Mellon University found that users seldom change passwords even after receiving data leakage messages. Scientists estimate that only a third of users actually update access to their sensitive data after being compromised. Interestingly, this report, presented as part of the IEEE 2020 Workshop on Technology and Consumer Protection, is based not on… Continue reading Users seldom change passwords even after data leaks
Vulnerability in Indian TikTok clone allows hacking user profiles
The Hacker News reports that Indian security specialist Rahul Kankral discovered a critical vulnerability in the Mitron Android application, which is a TikTok clone. The vulnerability allows you to capture other people’s accounts without any user interaction. More recently, the Mitron app hit the headlines with over 5 million installations and over 250,000 five-star ratings… Continue reading Vulnerability in Indian TikTok clone allows hacking user profiles
Octopus Scanner Malware Found On GitHub
GitHub developers have issued a warning about the appearance of the new Octopus Scanner malware, which is distributed ton the site through malicious Java projects. Octopus Scanner was discovered in projects managed with the Apache NetBeans IDE, a tool used to write and compile Java applications. After a tip received in March from information security… Continue reading Octopus Scanner Malware Found On GitHub
Valak malware steals corporate data using Microsoft Exchange servers
Cyberreason Nocturnus experts said that the Valak bootloader discovered in 2019 now exploits vulnerabilities in Microsoft Exchange servers. It has become a full-fledged info-staler and attacks companies in the USA and Germany. Researchers write that in the last six months, the malware has received more than 20 updates and now poses a complete and independent… Continue reading Valak malware steals corporate data using Microsoft Exchange servers
Experts confirm data leak of 26 million LiveJournal users
In mid-May 2020, in the Telegram channel of the head of DeviceLock company Ashot Hovhannisyan appeared information on data leak of 33.7 million LiveJournal users. Now, experts have confirmed a data leak of 26 million users. It was reported that the detected text file contains 33,726,800 lines, among which you can find user IDs, email… Continue reading Experts confirm data leak of 26 million LiveJournal users
Hackers use Discord as a tool for stealing passwords
The Bleeping Computer magazine warns that the new version of the AnarchyGrabber Trojan steals passwords and tokens, disables 2FAs and distributes the malware to the victim’s friends. Moreover, attackers modify and use the official Discord client as a tool for stealing passwords. As a rule, attackers spread AnarchyGrabber through Discord, posing as a trojan for… Continue reading Hackers use Discord as a tool for stealing passwords
Sarwent malware opens RDP ports on infected machines
SentinelOne experts noticed that the new version of the Sarwent malware opens the RDP ports on infected computers. Researchers believe that this is due to the fact that maware operators can sell access to infected hosts to other criminal groups. Sarwent is a not-so-famous backdoor trojan, active since 2018. Previous versions of malware had a… Continue reading Sarwent malware opens RDP ports on infected machines
Qatar obliged citizens to install “spyware” for containing COVID-19 pandemic
As part of the fight against the spread of coronavirus infection, the Qatar government has obliged citizens and residents to install special software on their mobile devices to contain the COVID-19 pandemic. This spyware tracks contacts with infected people. This would sound fine, but for some reason the application requires permission for a number of… Continue reading Qatar obliged citizens to install “spyware” for containing COVID-19 pandemic
GitLab checked its employees: on phishing got every fifth
Recently, the GitLab platform conducted a security audit, analyzing if working from home employees are resistant to phishing attacks. As it turned out, every fifth got on phishing in GitLab: 20% of employees agreed to enter their credentials on a fake login page. A training attack conducted by the GitLab Red Team simulated a real… Continue reading GitLab checked its employees: on phishing got every fifth