News, Tips, Security Lab

LastPass Breach Is Bigger Than It Was Expected

LastPass Breach Investigation Goes On, Things are Even Worse

LastPass, owned by GoTo (formerly LogMeIn) and with over 30 million users, revealed new details about the cyber incidents that…

YouTube Video Causes Pixel Smartphones to Reboot

Users have found that Pixel smartphones powered by Google Tensor processors are rebooting when user is trying to watch a…

The Researcher Hacked His Own Bank Account by Imitating a Voice with AI

The journalist Vice Motherboard Joseph Cox hacked the bank account by imitating a voice with the help of AI, which…

Qakbot Malware Applies New Distribution Methods

Today there is an arms race between cybercriminals and antimalware manufacturers. While some release a fix for an existing threat,…

Nearly 50% of Cybersecurity Leaders Will Change Jobs by 2025

According to a new report from Gartner, by 2025, nearly 50% of cybersecurity leaders will change jobs, and 25% will…

bugs in the 5G protocol

Experts have discovered bugs in the 5G protocol that allow tracking location and arranging of DoS attacks

AdaptiveMobile specialists have published a report on new bugs in the 5G protocol, thanks to which it is possible to disable network segments (DoS) and steal user data, including location…

Slack Connect DM feature

Slack Connect DM new feature drew a barrage of criticism

This week Slack Messenger developers announced a new Connect DM feature that allows sending messages directly to any Slack user in any organization. The developers positioned it as a new…

Attackers using DCCP protocol

Attackers using DCCP protocol for DDoS attacks

Akamai has noticed that attackers are using the little-known DCCP network protocol (Datagram Congestion Control Protocol) for DDoS attacks. This internet standard was approved in 2007 and helps monitoring network…

job seekers work for cybercriminals

Check Point: Desperate Job Seekers Are Ready To Work For Cybercriminals

CheckPoint experts found that the number of job search ads on the darknet and on hacker forums is growing – job seekers that were desperate to find a job are…

ransomware REvil attacked Acer

REvil ransomware operators attacked Acer and demand $50,000,000

The REvil ransomware attacked the Taiwanese company Acer (the sixth-largest computer manufacturer in the world, accounting for about 6% of all sales). Cybercriminals are demanding from the manufacturer $50,000,000, which…

The Russian pleaded guilty

Russian who tried to hack Tesla was pleaded guilty

The Russian, who offered a Tesla specialist $1,000,000 for installing malware into the company’s network in Reno, Nevada, was pleaded guilty. In August 2020, we talked about the arrest of…

Using DTLS amplify DDoS

DTLS can amplify DDoS by 37 times

Netscout warns that using of the DTLS vector allows hackers to amplify DDoS attacks by 37 times. The researchers found that criminals are using a relatively new vector for amplifying…

hackers have access to missile

REvil spokesman boasts that hackers have access to ballistic missile launch systems

A Revil representative under the pseudonym Unknown, claims that the hackers, partners in the use of malware, have access to ballistic missile launch systems. Cybercriminal group REvil operates on the…

One-Click ProxyLogon Fix

Microsoft Introduces One-Click ProxyLogon Fix Tool

Microsoft developers have released a tool called EOMT (Exchange On-premises Mitigation Tool) designed to install updates on Microsoft Exchange servers and one-click ProxyLogon vulnerabilities fix. The utility is already available…

Google PoC exploit for Specter

Google experts published PoC exploit for Specter that is targeting browsers

Google engineers published a PoC exploit to demonstrate the effectiveness of using the Specter vulnerability in browsers to access information in memory. This PoC exploit is reported to work with…

GitHub removed the ProxyLogon exploit

GitHub removed ProxyLogon exploit and has been criticized

The administration of the GitHub service has removed a real working exploit for the ProxyLogon vulnerabilities in Microsoft Exchange, though information security specialists have sharply criticized GitHub. Yesterday we wrote…

PoC exploit for ProxyLogon vulnerabilities

Researcher Published PoC Exploit for ProxyLogon Vulnerabilities in Microsoft Exchange

An independent information security researcher from Vietnam has presented a PoC exploit for ProxyLogon vulnerabilities in Microsoft Exchange, whose viability has already been confirmed by such well-known experts. Last week,…