News, Tips, Security Lab
Philadelphia Inquirer is Struck by Cuba Ransomware
The Philadelphia Inquirer, Philadelphia’s largest newspaper by circulation and third-longest-running newspaper in the USA, suffered a cyberattack on May 15,…
FIN7 Hack Group Resumed Activity, Linked to Clop Ransomware
Microsoft analysts report that last month the notorious hacker group FIN7 (also known as Carbanak, Navigator and others) resumed its…
ChatGPT Causes New Wave of Fleeceware
Artificial intelligence is one of the most significant advances in technology. It is used in one way or another everywhere,…
Oneetx.exe – What is that process? Oneetx Removal
Oneetx.exe is a malicious process, related to Amadey dropper malware. It can be spectated in the Task Manager, with seemingly…
PyPI Malware Storm Forces to Suspend New Uploads
Python Package Index, a software repository for Python developers, recently faced a massive attack. An enormous flow of malicious uploads…
BlackMatter ransomware attacked American farmers from NEW Cooperative
The BlackMatter ransomware attacked the American farmers organization NEW Cooperative, which produces feed and grain, as well as works in the fields of agronomy, energy and software for farmers. The…
Epik hoster hack affected 15 million users, not just the company’s clients
Last week, Anonymous hacktivists reported about hack of the database of the domain registrar and hoster Epik, which was previously often criticized for hosting “right-wing” sites including 8chan, Gab, Parler…
Added utility for decrypting data after REvil attacks
The Romanian company Bitdefender has published a universal utility for decrypting data affected by REvil (Sodinokibi) ransomware attacks. The tool works for any data encrypted before July 13, 2021. However,…
Anonymous hacktivists attacked the Epik hoster with the right-wing radical sites
Anonymous hacktivists attacked into the database of the domain registrar and hoster Epik, which was previously often criticized for hosting right-wing sites including 8chan, Gab, Parler and The Donald. The…
SpookJS Attack Allows to Bypass Site Isolation In Google Chrome
A group of scientists from universities in Australia, Israel and the United States have presented a side-channel attack that allows recovering data from Google Chrome and Chromium-based browsers protected by…
REvil ransomware resumed attacks
Last week, the infrastructure of REvil (Sodinokibi) returned online after months of downtime, and now the ransomware has resumed attacks. The fact is that in July 2021, the hack group…
PoC exploit published for fresh vulnerability in Ghostscript
A PoC exploit for a fresh vulnerability in Ghostscript was presented this week. The issue endangers all servers using this component. The exploit was published by a Vietnamese information security…
US authorities accused Ukrainian citizen of running a brute force botnet
The US authorities accused the Ukrainian citizen of hacking: namely, they reported that 28-year-old Ukrainian citizen Gleb Ivanov-Tolpintsev had been extradited from Poland and accused of selling access to hacked…
Servers of the hack group REvil are back online
In July 2021, the infrastructure of REvil (Sodinokibi) was turned off without explanation, but now the information security specialists have noticed that the REvil servers are back online. It was…
FBI experts say that this year “sextortion” brought scammers more than $8 million
Experts from the FBI Internet Fraud Complaints Center (IC3) spoke about the activation of fraudsters in the field of the so-called “sextortion”. To denote such activity, the term sextortion is…
Atlassian Confluence vulnerability was exploited to install miners
In late August, Atlassian released a hotfix for a Confluence Remote Code Execution (RCE) vulnerability. The issue has ID CVE-2021-26084 and allows an unauthenticated attacker to remotely execute commands on…
Dangerous bug in WhatsApp could lead to disclosure of user data
Check Point specialists spoke about a dangerous bug they discovered in the WhatsApp image processing function, which could lead to the disclosure of user data. The problem helped to disable…