Chrome 0-day Vulnerability Used to Attack Candiru Malware

Avast has discovered that DevilsTongue spyware, created by Israeli company Candiru, exploited a 0-day vulnerability in Google Chrome to spy on journalists and others in the Middle East. The vulnerability in question is the CVE-2022-2294 bug, which was fixed by Google and Apple engineers earlier this month. Let me remind you that we also wrote… Continue reading Chrome 0-day Vulnerability Used to Attack Candiru Malware

Avast expert taught Smarter Coffee machine to ransom money

Back in 2015, experts from Pen Test Partners talked about a way to hack Wi-Fi networks through the iKettle, created by Smarter, and then discovered that Smarter Coffee maker machine, created by the same manufacturer, also poses a threat to the safety of users. It even can be taught to ransom money. Two years after… Continue reading Avast expert taught Smarter Coffee machine to ransom money

Avast experts accidentally got source code for GhostDNS exploit

Avast analysts suddenly got the source codes for the GhostDNS exploit. The experts got access to the source thanks to an error from an unknown hacker. GhostDNS is a set of exploits for routers that uses CSRF queries to change DNS settings and then redirect users to phishing pages (where from victims are stolen credentials… Continue reading Avast experts accidentally got source code for GhostDNS exploit