Avast analysts suddenly got the source codes for the GhostDNS exploit. The experts got access to the source thanks to an error from an unknown hacker. GhostDNS is a set of exploits for routers that uses CSRF queries to change DNS settings and then redirect users to phishing pages (where from victims are stolen credentials… Continue reading Avast experts accidentally got source code for GhostDNS exploit
Author: Vladimir Krasnogolovy
Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.
ZDI experts described five 0-day vulnerabilities in Windows
Researchers from the Trend Micro Zero Day Initiative (ZDI) team published information on five uncorrected 0-day vulnerabilities in Windows, four of which have high risk rate. Three zero-day vulnerabilities, which received identifiers CVE-2020-0916, CVE-2020-0986 and CVE-2020-0915, scored 7 points out of 10 possible on the CVSS vulnerability rating scale. “Essentially, these three problems can allow… Continue reading ZDI experts described five 0-day vulnerabilities in Windows
Experts developed a free bot detection tool on Twitter
NortonLifeLock, which appeared after Symantec sold its information security division and brand Symantec Broadcom for $10.7 billion, developed a bot detection tool on Twitter. Experts have unveiled a beta version of BotSight’s free browser extension that identifies bots on Twitter and is designed to combat fake news and misinformation. The new tool is already available… Continue reading Experts developed a free bot detection tool on Twitter
Hackers cracked European supercomputers and forced them to mine cryptocurrency
In Europe were attacked super powerful computers at universities and research centers: hackers cracked European supercomputers and forced them secretly mine cryptocurrency. Reports of such incidents came from the UK, Germany and Switzerland, and, according to unconfirmed reports, a high-performance computer center in Spain suffered from a similar attack. The first attack message came last… Continue reading Hackers cracked European supercomputers and forced them to mine cryptocurrency
Mandrake malware was hiding on Google Play for more than four years
Bitdefender experts found Mandrake spyware in the official Android app store, hiding on Google Play for four years (since 2016). The malware established full control over infected devices, collected credentials, GPS from infected devices, made screen recordings, and so on. At the same time, the malware carefully avoided infections in countries such as Ukraine, Belarus,… Continue reading Mandrake malware was hiding on Google Play for more than four years
Ramsay malware attacks PCs, which isolated from the outside world
ESET analysts discovered the infrastructure of a previously unknown Ramsay malware with some very interesting features. Ramsay attacks and collects data from PCs, which are isolated from the outside world. Having penetrated into such a system, the malware collects Word files and other confidential documents, hides them in a special concealed container and waits for… Continue reading Ramsay malware attacks PCs, which isolated from the outside world
US authorities have published the top 10 software vulnerabilities, most often exploited over the past 5 years
Cybersecurity and Infrastructure Protection Agency (CISA), part of the US Department of Homeland Security, and the Federal Bureau of Investigation (FBI) published the TOP 10 software vulnerabilities, most commonly exploited in 2016-2019. The list includes vulnerabilities used by both government-funded hackers and civil cybercriminals. “The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of… Continue reading US authorities have published the top 10 software vulnerabilities, most often exploited over the past 5 years
To the network leaked data of 33.7 million LiveJournal users
In the Telegram channel of the head of DeviceLock company Ashot Hovhannisyan, arrived information about data leak of 33.7 million users of LiveJournal (also known as LJ). The researchers reported that the detected text file contains 33,726,800 lines, among which you can find user IDs, email addresses, links to user profiles, as well as passwords… Continue reading To the network leaked data of 33.7 million LiveJournal users
Hackers attacked Swiss company Stadler that produces trains
Hackers attacked the company Stadler. A well-known Swiss train manufacturer reported about a cyberattack, during which attackers could steal data of the company and its employees. Stadler manufactures a wide range of railway vehicles from high-speed trains to tramways and trams, and it is the world’s leading service provider in the rack-and-pinion rail vehicle industry.… Continue reading Hackers attacked Swiss company Stadler that produces trains
For eight years, the Cereals botnet existed for only one purpose: it downloaded anime
The Cereals IoT botnet appeared in 2012, and reached its peak in 2015, when there were about 10,000 infected devices. All these eight years, the Cereals botnet only downloaded anime for its creator. All this time, Cereals exploited only one vulnerability and attacked D-Link’s NAS and NVR, combining them into a botnet. For many years,… Continue reading For eight years, the Cereals botnet existed for only one purpose: it downloaded anime