Microsoft says SolarWinds hackers hunted for access to cloud resources
Microsoft continues to investigate the supply chain attack that SolarWinds and its customers have suffered this year. Microsoft analysts reported that SolarWinds hackers were hunting for access to cloud resources.…
New web skimmer found in Shopify, BigCommerce, Woocommerce and Zencart stores
Sansec experts have discovered a new multi-platform MageCart skimmer capable of stealing payment information from compromised stores. The web skimmer works in Shopify, BigCommerce, Zencart and Woocommerce stores (even if…
Researcher Earned More than $ 2000000 on HackerOne
HackerOne representatives said that Romanian cybersecurity specialist Cosmin Iordach (@inhibitor181) became the first researcher in the history of the project, who earned more than $ 2000000 from bug bounty. He…
SolarWinds hack allowed Russian attackers to infiltrated dozens of US Treasury Department mailboxes
US Senator Ron Wyden, a member of the US Senate Finance Committee, said that hackers, standing behind the SolarWinds hack, compromised dozens of US Treasury Department mailboxes. The statement came…
Apple, Google, Microsoft and Mozilla block MitM certificate of the Kazakhstan government
In early December, Kazakhstan authorities for the third time attempted to intercept all traffic of the users, including secure HTTPS connections. However, Apple, Google, Microsoft, and Mozilla responded by blocking…
Microsoft: Supernova and CosmicGale malware detected on systems running SolarWinds
Continue studies oт large-scale attack on the supply chain, for which attackers compromised SolarWinds and its Orion platform. It seems that experts have now discovered another hack group that used…
AIR-FI attack turns RAM into a makeshift Wi-Fi signal source
Experts from Israel's Ben-Gurion University have demonstrated the AIR-FI attack, which turns RAM into Wi-Fi. In fact, this is a new method of extracting data from machines that are physically…
Malicious packages found in RubyGems repository again
Sonatype experts have discovered the pretty_color and ruby-bitcoin malicious packages in the official RubyGems repository. The malware has already been removed from the platform. The malware hidden in the mentioned…
SolarWinds was hacked because its credentials were publicly available on GitHub
Earlier this week was reported a massive attack on the supply chain that affected SolarWinds and its customers. SolarWinds may have been hacked because its credentials were publicly available on…
Heavy ad blocker started working in the Google Chrome
Earlier this year, Google Chrome developers announced about adding of a so-called heavy ad blocker. This is a mechanism that will detect and unload advertisements that consume too many system…
PgMiner botnet attacks poorly protected PostgreSQL DBs
Palo Alto Networks has discovered the PgMiner botnet, which attacks and breaks into poorly protected PostgreSQL DBs in order to install miners. A new Linux-based cryptocurrency mining botnet exploits PostgreSQL's…
Flash content will be blocked from January 12, 2021
Adobe released the latest Flash update this week and is even more persists in recommendations that users uninstall the app before end of support at the end of this year.…
