News, Tips, Security Lab

US Authorities Warn of Disaster-Related Scams

US Authorities Warn of Disaster-Related Scams

Following natural disasters and severe weather, there is a higher chance of fraudulent activities as scammers prey on vulnerable individuals…

CAPTCHA in Discord Asks Users to Find Non-Existent Objects Created by AI

Users complain that the Discord CAPTCHA provided by hCaptcha forces them to look for non-existent objects created by AI in…

GitLab Releases Patch to Critical Vulnerability

GitLab, one of the most famous code repositories in the world, faces critical security issues in the latest update. Aside…

GoDaddy Refund Phishing Emails Spread Infostealer

Hackers started using GoDaddy Refund Emails as a disguise to trick the users into installing malware. In order to deploy…

Philadelphia Inquirer is Struck by Cuba Ransomware

The Philadelphia Inquirer, Philadelphia’s largest newspaper by circulation and third-longest-running newspaper in the USA, suffered a cyberattack on May 15,…

Firefox 100 and Chrome 100 may have user-agent issues

Firefox 100 and Chrome 100 may have user-agent issues

Mozilla developers have warned that sites may experience problems with the upcoming versions of Firefox 100 and Chrome 100 (released May 3 and March 29, 2022). The fact is that…

Linux kernel vulnerabilities

Google Offers up to $91,000 for Linux Kernel Vulnerabilities

Google has almost doubled its rewards for vulnerabilities in the Linux kernel, Kubernetes, Google Kubernetes Engine (GKE), and kCTF. The reward can now be up to $91,337. In November last…

fix 0-day vulnerabilities

Google analysts noticed that software vendors began to fix Zero-day vulnerabilities faster

Google Project Zero specialists presented a report according to which software vendors began to fix 0-day vulnerabilities faster. For example, last year organizations needed less time than in previous years…

Maze Egregor Sekhmet

Decryption keys for Maze, Egregor and Sekhmet ransomware were posted on the Bleeping Computer forum

The Bleeping Computer forum published master keys for decrypting data affected by Maze, Egregor and Sekhmet ransomware attacks. Apparently, the keys were “leaked” by one of the developers of the…

BlackCat and DarkSide

Experts linked BlackCat (ALPHV) ransomware to BlackMatter and DarkSide groups

A Recorded Future analyst interviewed a member of the hack group behind the BlackCat (ALPHV) ransomware, who confirmed that ALPHV is linked to notorious groups such as BlackMatter and DarkSide.…

0-day vulnerability in Zimbra

Chinese hackers use Zimbra 0-day vulnerability to hack European media and authorities

Security firm Volexity has warned that a previously unknown Chinese hack group is exploiting a 0-day vulnerability in Zimbra’s collaborative software. According to official statistics, more than 200,000 enterprises in…

Critical UEFI Vulnerabilities

Critical UEFI Vulnerabilities Threaten Devices from 25 Manufacturers

Binarly analysts have discovered 23 critical UEFI vulnerabilities from InsydeH2O, which is used by many major vendors, including HP, Lenovo, Fujitsu, Microsoft, Intel, Dell, Bull (Atos) and Siemens. Together, the…

0-day vulnerability in Microsoft

0-day vulnerability remained unpatched for 2 years due to Microsoft bug bounty issues

As part of January Patch Tuesday, Microsoft fixed a dangerous 0-day privilege escalation vulnerability for which a PoC exploit is available online. The vulnerability is already being exploited in attacks…

macOS camera and microphone

Apple paid $100,000 for macOS camera and microphone hack

Information security researcher Ryan Pickren told how he received a large reward from Apple for hacking the camera and microphone in macOS. He also discovered vulnerabilities in Safari and macOS…

exploits for Microsoft Outlook

Zerodium offers up to $400,000 for exploits for Microsoft Outlook

Well-known exploit and vulnerability broker Zerodium announced that it is ready to pay up to $400,000 for zero-day vulnerabilities and exploits that will allow remote code execution in the Microsoft…

TrickBot causes crashes

TrickBot causes crashes on the machines when cybersecurity experts studying it

TrickBot malware has received new features that make it more difficult to investigate and detect — for example, TrickBot has learned to crash the browser when suspicious manipulations are detected.…

Pornographic virus

Pornographic virus alert from Microsoft

Microsoft shows you the banner which states that your PC is infected with a “Pornographic virus”? It seems that someone wants to involve you in a popular online tech support…