Researcher compromised 35 companies through new “dependency confusion” attack
Information security expert Alex Birsan spoke about a new attack called “dependency confusion”. The problem is a variation of the supply chain attack. Besides the name “dependency confusion”, the attacks…
Ukrainian cyber police arrested the author of uPanel phishing kit
Ukrainian cyber police have arrested a 39-year-old man who is probably the author of uPanel, one of the most popular phishing kits on the black market. The arrest of the…
Hacker changed the chemical composition of drinking water in a small Florida town
Law enforcement and local authorities in Oldsmar, Florida, reported that on February 5, 2021, an unknown hacker gained access to the city's wastewater treatment plant and changed the chemical composition…
Researcher discovered that Chrome Sync function can be used to steal data
Croatian researcher Bojan Zdrnja discovered a malicious Chrome extension abusing Chrome Sync. If you do not use Chrome, let me remind you that this function is applied to synchronize data…
In 2020, Google paid cybersecurity experts $6.7 million
During the year, Google paid out 6.7 million to cybersecurity experts and published statistics on bug bounty programs for 2020. It turned out that during this time, researchers from 62…
Google says that a quarter of all 0-day vulnerabilities are new variations of old problems
Google analysts studied the 0-day vulnerabilities they discovered in 2020, and concluded that almost a quarter of the problems are new variations of already known bugs that had previously received…
WEF warned of impending cyber pandemic
The WEF experts warned about the impending cyber pandemic and called for new approaches to risk management associated with the development of next generation technologies. By 2025, next-generation technologies such…
Hackers infected the Android emulator NoxPlayer with malware
UPDATE: BigNox contacted us and said that they "contacted cybersecurity firm ESET to determine the root cause of the issue," and at this point "fixed all issues" ESET has released…
FonixCrypter ransomware stopped working and published a key to decrypt data
The authors of the FonixCrypter ransomware announced that they had removed the source code of their malware and after this FonixCrypter stopped working. Along with this statement, they published a…
LogoKit phishing kit allows creating phishing pages in real time
RiskIQ researchers said that the new LogoKit phishing kit was detected on more than 700 unique domains in the last month alone and on 300 in the last week. Worse,…
DreamBus botnet attacks corporate applications on Linux servers
Zscaler analysts reported about the new DreamBus botnet that attacks corporate applications on Linux servers. It is a variation of the SystemdMiner malware that appeared back in 2019. DreamBus has…
Authorities of South Africa create their own browser to continue to use Flash
ZDNet reports that the South Africa Revenue service has created its own browser to continue using the Adobe Flash Player on the existing site, taking some web forms from Flash…