New vulnerabilities help to bypass protection from Specter on Linux systems
On Monday, March 29th, security researchers uncovered two vulnerabilities in Linux distributions that help to bypass protection from speculative attacks like Specter and extract sensitive information from kernel memory. Vulnerabilities…
Experts have discovered bugs in the 5G protocol that allow tracking location and arranging of DoS attacks
AdaptiveMobile specialists have published a report on new bugs in the 5G protocol, thanks to which it is possible to disable network segments (DoS) and steal user data, including location…
Slack Connect DM new feature drew a barrage of criticism
This week Slack Messenger developers announced a new Connect DM feature that allows sending messages directly to any Slack user in any organization. The developers positioned it as a new…
Attackers using DCCP protocol for DDoS attacks
Akamai has noticed that attackers are using the little-known DCCP network protocol (Datagram Congestion Control Protocol) for DDoS attacks. This internet standard was approved in 2007 and helps monitoring network…
Check Point: Desperate Job Seekers Are Ready To Work For Cybercriminals
CheckPoint experts found that the number of job search ads on the darknet and on hacker forums is growing - job seekers that were desperate to find a job are…
REvil ransomware operators attacked Acer and demand $50,000,000
The REvil ransomware attacked the Taiwanese company Acer (the sixth-largest computer manufacturer in the world, accounting for about 6% of all sales). Cybercriminals are demanding from the manufacturer $50,000,000, which…
Russian who tried to hack Tesla was pleaded guilty
The Russian, who offered a Tesla specialist $1,000,000 for installing malware into the company's network in Reno, Nevada, was pleaded guilty. In August 2020, we talked about the arrest of…
DTLS can amplify DDoS by 37 times
Netscout warns that using of the DTLS vector allows hackers to amplify DDoS attacks by 37 times. The researchers found that criminals are using a relatively new vector for amplifying…
REvil spokesman boasts that hackers have access to ballistic missile launch systems
A Revil representative under the pseudonym Unknown, claims that the hackers, partners in the use of malware, have access to ballistic missile launch systems. Cybercriminal group REvil operates on the…
Microsoft Introduces One-Click ProxyLogon Fix Tool
Microsoft developers have released a tool called EOMT (Exchange On-premises Mitigation Tool) designed to install updates on Microsoft Exchange servers and one-click ProxyLogon vulnerabilities fix. The utility is already available…
Google experts published PoC exploit for Specter that is targeting browsers
Google engineers published a PoC exploit to demonstrate the effectiveness of using the Specter vulnerability in browsers to access information in memory. This PoC exploit is reported to work with…
GitHub removed ProxyLogon exploit and has been criticized
The administration of the GitHub service has removed a real working exploit for the ProxyLogon vulnerabilities in Microsoft Exchange, though information security specialists have sharply criticized GitHub. Yesterday we wrote…