Apple paid $75,000 to the IS researcher Ryan Pickren in the frameworks of the bug bounty program for vulnerabilities in Safari, due to which it was possible to access someone else’s cameras on Mac, iPhone and iPad, simply by directing a person to a special site. In total, Picren discovered seven vulnerabilities in the Apple… Continue reading Vulnerabilities allowed access to cameras on Mac, iPhone and iPad
Author: Vladimir Krasnogolovy
Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.
The number of “coronavirus” cyberattacks increased to 5,000 per day
Check Point experts estimated that the number of “coronavirus” cyberattacks increased to 5,000 per day, and number of attacks on sites posing as Netflix services doubled. Researchers say the total number of cyberattacks has declined since the onset of the coronavirus pandemic and subsequent economic downturn. However, the number of attacks related to COIVD-19 has… Continue reading The number of “coronavirus” cyberattacks increased to 5,000 per day
Specialists published PoC exploits for SMBGhost vulnerability
The March “Tuesday of updates” did not include a patch for the vulnerability CVE-2020-0796, information about which was mistakenly published by experts from Cisco Talos and Fortinet in the public domain. Recently, security professionals published PoC exploits for this vulnerability called SMBGhost. Problem CVE-2020-0796, also called SMBGhost, affects SMBv3, though Windows 10 1903, Windows 10… Continue reading Specialists published PoC exploits for SMBGhost vulnerability
IS researcher found that the Tesla Model 3 interface is vulnerable to DoS attacks
Researcher Jacob Archuleta, known on the network under the pseudonym Nullze, found that the Tesla Model 3 interface is vulnerable to DoS attacks (Denial of Service). The bug received the identifier CVE-2020-10558, and with its help, an attacker could cause the car’s main touchscreen to stop responding to user requests. After some trial of an… Continue reading IS researcher found that the Tesla Model 3 interface is vulnerable to DoS attacks
Due to pandemic, RDP and VPN usage grew by 41% and 33%
Amid of the COVID-19 pandemic, the use of remote access technologies such as RDP and VPN has grown significantly, as many companies have transferred their employees to remote work, and this usually involves a remote connection to internal networks. According to statistics from the Shodan search engine, by last Sunday, March 29, 2020, the… Continue reading Due to pandemic, RDP and VPN usage grew by 41% and 33%
Dharma ransomware source code put for sale
ZDNet reports that the source code for one of the most profitable ransomware of our time, the Dharma ransomware, was put for sale on two hacker forums last weekend. Sources are sold for $2,000. Let me remind you that this year the FBI called Dharma the second most profitable ransomware in recent years during its… Continue reading Dharma ransomware source code put for sale
Attackers exposed the American company to a rare attack via BadUSB
Trustwave experts published a report, in which they said that the American company was exposed to a rare attack through BadUSB. An unnamed American hotel company was mailed a fake BestBuy gift card along with a malicious USB stick. The accompanying letter said that the drive must be connected to a computer in order to… Continue reading Attackers exposed the American company to a rare attack via BadUSB
Experts have discovered vulnerabilities in popular password managers
Experts from York University explained how they managed to detect vulnerabilities in popular password managers. Bugs allowed malware stealing user credentials. It turned out that back in 2017, researchers analyzed five popular password managers: LastPass, Dashlane, Keeper, 1Password and RoboForm. The analysis helped identify four previously unknown vulnerabilities, including one that led to the disclosure… Continue reading Experts have discovered vulnerabilities in popular password managers
Hackers spoof DNS settings to distribute fake coronavirus applications
Journalists from Bleeping Computer investigated that hackers are replacing DNS settings for distributing fake applications. The reason for the investigation were complaints of users, which reported on the forums that they were obsessively offered to download a strange application, allegedly informing about COVID-19 and created by WHO. As it turned out, the routers of these… Continue reading Hackers spoof DNS settings to distribute fake coronavirus applications
Published exploit for Kr00k Wi-Fi vulnerability
In February 2020, information security specialists spoke at the RSA 2020 conference about the new Kr00k vulnerability (CVE-2019-15126), which can be used to intercept and decrypt Wi-Fi traffic (WPA2). Now it became known that has been published an exploit for Kr00k Wi-Fi vulnerability. According to analysts, any device that uses the solutions of Cypress Semiconductor… Continue reading Published exploit for Kr00k Wi-Fi vulnerability