CISA experts warned about the growth of LokiBot infostealer activity
Specialists from the Agency for Cybersecurity and Infrastructure Protection, organized by the US Department of Homeland Security (DHS CISA), warned about growth of activity of LokiBot infostealer aka Loki and…
Microsoft left open one of the internal servers of the search engine Bing
Ata Hakcil, cyber security specialist at WizCase, discovered that Microsoft employees mistakenly left one of the Bing backend servers open - it was available to anyone. The researcher writes that…
Spammers hide behind hexadecimal IP addresses
Trustwave experts have discovered that pharmaceutical spam attackers have started to insert unusual URLs into their messages. Spammers hide behind hexadecimal IP addresses. They use hexadecimal IPs to bypass email…
Mozilla completely stops development of Firefox Send and Firefox Notes
This summer, I talked about how ZDNet journalists drew attention of Mozilla engineers to numerous abuses of the Firefox Send service, which was actively used to spread malware. As a…
Chinese hackers attack US organizations and exploit bugs in F5, Citrix and Microsoft Exchange
The Department of Homeland Security (DHS CISA) Cybersecurity and Infrastructure Protection Agency (DHS CISA) has published security guidelines for the private sector and government agencies. CISA said that Chinese hackers…
Qbot Trojan Entered The Top Of The Most Widespread Malware
Check Point has released its monthly Global Threat Index for August 2020. According to the researchers, the updated Qbot Trojan (aka QuakBot, Qakbot, and Pinkslipbot) first entered the TOP of…
The researcher kept the INVDoS bug in Bitcoin Core secret for many years
Back in 2018, cyber security specialist and engineer Braydon Fuller discovered a dangerous bug in Bitcoin Core (versions 0.16.0 and 0.16.1). The problem appeared in 2017 and was named INVDoS.…
Intel engineers fixed critical bug in AMT and ISM
Intel engineers fixed this week a critical bug with updates to Active Management Technology (AMT) and Intel Standard Manageability (ISM). The AMT and ISM bug was one of the most…
Hackers use legitimate Weave Scope tool in attacks on cloud environments
Intezer experts discovered the TeamTNT cybercriminal group, whose hackers use the legitimate Weave Scope tool in their attacks to visualize and monitor cloud infrastructure. According to the researchers, this is…
Researcher Earned $10,000 by Finding XSS Vulnerability in Google Maps
Israeli cybersecurity specialist Zohar Shachar talked about his discovery of XSS vulnerability in Google Maps in 2019, and then found out that Google was unable to fix it from the…
SWIFT says money is rarely laundered with cryptocurrencies
Specialists of the SWIFT organization, which operates same-named international system or the transfer of financial information, published a report on various money laundering techniques. As it turned out, money is…
Hackers use .NET library for creating malicious Excel files
Researchers at NVISO Labs noticed that the Epic Manchego group uses unusual Excel files for attacks, created specifically to bypass defense mechanisms. The fact is that these files are not…