Microsoft accused Russia and North Korea of attacks on pharmaceutical companies
Microsoft representatives accused Russia and North Korea of attacks on pharmaceutical companies. They reported that, according to their data, in recent months, three APT groups have attacked at least seven…
CostaRicto mercenary hackers target financial institutions around the world
BlackBerry experts told about the discovery of a group of mercenary hackers called CostaRicto. This is the fifth group of mercenary hackers identified by experts this year. So, back in…
Microsoft urges users to opt out of multi-factor authentication via phone
Microsoft experts have once again raised the issue of the insecurity of multi-factor authentication through the phone, that is, through one-time codes in SMS messages or voice calls. Instead, the…
Platypus attack allows stealing data from Intel processors
A group of scientists from the Technical University of Graz (Austria), the University of Birmingham, and the Helmholtz Center for Information Security in Germany (CISPA) have revealed details of a…
New Pay2Key ransomware encrypts corporate networks in just an hour
A number of companies and large corporations in Israel have been targeted by cyberattacks using a new ransomware called Pay2Key. The first attacks were recorded by specialists from Check Point…
The company had to change the dangerous name for sites as it could provoke an XSS attack
The name of the some company turned out to be dangerous for sites that cannot properly process HTML and could provoke an XSS attack. In the past, some organizations have…
Ragnar Locker ransomware attacked Italian beverage manufacturer Gruppo Campari
ZDNet reports that on November 1, 2020, Ragnar Locker ransomware operators attacked the Italian beverage manufacturer Gruppo Campari, which owns such brands as Campari, Cinzano, SKYY vodka, Epsolon, Wild Turkey,…
Ransomwares doesn’t always delete stolen data after paying the ransom
Researchers from Coveware have provided statistics that ransomwares does not always delete the data it have stolen and made recommendations to potential victims. In 2019, Maze ransomware operators began using…
The battle at the cyber polygon The Standoff will be held online
This year, in connection with the COVID-19 pandemic, the battle at the cyber polygon The Standoff will take place on November 12-17, 2020 online and on three continents at once.…
Google Chrome fixed second 0-day vulnerability in two weeks
Google developers have released Chrome version 86.0.4240.183 for Windows, Mac and Linux, which fixed 10 different problems. The update also includes a patch for a 0-day vulnerability in Google Chrome,…
CERT launched Twitter bot that comes up with names for vulnerabilities
Specialists from the CERT Coordination Center (CERT/CC) have launched a special Twitter bot, Vulnonym, which will “invent” random and maximally neutral names for vulnerabilities that have received CVE identifiers. This…
Google Project Zero discovered a 0-day vulnerability in the Windows kernel
Google Project Zero has discovered a 0-day vulnerability in the Windows kernel (CVE-2020-17087). It has been reported that this bug could be exploited by an attacker with local access to…