Tech News

Safebreach Labs reported that attackers could use the Windows Encrypting File System (EFS) for their needs. Windows EFS can help encryptors and make work of antiviruses more difficult. EFS has been part of Windows operating systems since the release of Windows 2000. Unlike full BitLocker encryption, EFS can selectively encrypt …

Earlier this week, Microsoft announced about vulnerability in Internet Explorer, which is already exploited for “limited targeted attacks”. Now arrived temporary patch for this 0-day vulnerability in Internet Explorer. The problem received the identifier CVE-2020-0674 and it is associated with a vulnerability in the Firefox browser. Apparently, the mentioned “limited …

Organizations are more likely to become victims of state-sponsored cybercriminals. Government hackers in 2019 began to attack companies around the world more often. 25% of companies associate attacks on their business with cyber warfare or actions of other states, as showed results of a survey that conducted Radware specialists. In …

Recently, in the public domain appeared exploits for the critical vulnerability CVE-2019-19781, earlier found in the Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway). Now it was reported that an unknown hacker accesses vulnerable Citrix servers and patches them. Recall that according to experts, this problem threatens …

Check Point analysts prepared a traditional monthly report on the most active threats, the Global Threat Index. Greta Thunberg and Christmas became the most popular topics in spamming and phishing campaigns. For already three months, the Emotet Trojan has occupied one of the leading positions among malware: in December, Emotet …

The day after the release of the fix for one of the most dangerous vulnerabilities in the history of Windows, security researcher Saleem Rashid demonstrated how it can be used to present a malicious site as any site on the Internet in terms of cryptography. The talk is about the …

On January 14, 2020, Microsoft stopped supporting Windows 7 for PCs of private users, and at the same time finally finished support of the mobile Windows 10 Mobile (1709), but released a farewell update for these OSs. By tradition, on the last day of support, the developers released the final …

The cybercriminal group Fancy Bear (also known as APT28) attacked Burisma. Hackers that are associated with Russian intelligence organized a phishing campaign aimed at employees of the Ukrainian oil and gas company Burisma Holdings. According to experts from the security company Area 1 Security, the criminals aimed at two subsidiaries …

Danish researchers have published a report on the Cable Haunt vulnerability that threats millions of cable modem with Broadcom chips. According to experts, the problem threatens more than 200 million cable modems only in Europe. Moreover, it is impossible to determine the exact number of vulnerable devices, because the vulnerability …

Researcher in a few minutes remotely hacked iPhone using only Apple ID and exploiting only the CVE-2019-8641 vulnerability, due to which he gained access to the user’s accounts and passwords on the device and activated the camera. Vulnerabilities in software that could compromise a system without user intervention (for example, …

Check Point experts found many issues in one of the world’s most popular applications, TikTok. Recently researchers hacked TikTok app using sms. TikTok is available in more than 150 markets, is used in 75 languages worldwide and has more than 1 billion users. In October 2019, TikTok was called one …

Homeland Security USA issued a warning about possible acts of terrorism and cyberattacks by Iran in response to the assassination of General Kassem Suleimani, the head of the Quds special forces of the Islamic Revolutionary Guards Corps, after the US air strike on the Iraqi capital of Baghdad on January …

One of the extensions for Google Chrome, Shitcoin Wallet injects a special JavaScript code into web pages. Using this code, attackers steal passwords and private keys from cryptocurrency wallets and services. The first problematic addon appeared on December 9th. The extension received the identifier ckkgmccefffnbbalkmbbgebbojjogffn. Shitcoin Wallet developers claim that …

The community of the My Digital Life online forum has found an illegal way to extend support for Windows 7: bypass Microsoft’s restrictions and allow the installation of Windows 7 Extended Security Updates on all systems, not just on those that paid for it. Very soon, on January 14, 2020, …

Any.Run, an interactive service for automated malware analysis, has compiled a list of the 10 most common threats downloaded to this platform. The Trojan Emotet topped this 2019 threat rating. The top includes malware designed to steal all types of confidential information, bank details and remote access tools to control …