Home / Tech News

Tech News

Mozilla completely stops development of Firefox Send and Firefox Notes

Mozilla stops Firefox Send

This summer, I talked about how ZDNet journalists drew attention of Mozilla engineers to numerous abuses of the Firefox Send service, which was actively used to spread malware. As a result, Mozilla has stopped development of Firefox Send indefinitely, but the developers have promised to rework it and improve security. …

Read More »

The researcher kept the INVDoS bug in Bitcoin Core secret for many years

INVDoS bug in Bitcoin Core

Back in 2018, cyber security specialist and engineer Braydon Fuller discovered a dangerous bug in Bitcoin Core (versions 0.16.0 and 0.16.1). The problem appeared in 2017 and was named INVDoS. Shortly after the discovery, CVE-2018-17145 was quietly eliminated, and Fuller kept his find a secret for two years, fearing activity …

Read More »

Intel engineers fixed critical bug in AMT and ISM

Intel fixed a critical bug

Intel engineers fixed this week a critical bug with updates to Active Management Technology (AMT) and Intel Standard Manageability (ISM). The AMT and ISM bug was one of the most serious issues the company has addressed this month. The vulnerability is tracked as CVE-2020-8758 and scored 9.8 out of 10 …

Read More »

Hackers use legitimate Weave Scope tool in attacks on cloud environments

Hackers use Weave Scope

Intezer experts discovered the TeamTNT cybercriminal group, whose hackers use the legitimate Weave Scope tool in their attacks to visualize and monitor cloud infrastructure. According to the researchers, this is the first time that attackers have used a legitimate tool for such attacks. As mentioned above, Weave Scope is usually …

Read More »

SWIFT says money is rarely laundered with cryptocurrencies

money laundered with cryptocurrencies

Specialists of the SWIFT organization, which operates same-named international system or the transfer of financial information, published a report on various money laundering techniques. As it turned out, money is rarely laundered using cryptocurrencies; criminals prefer shell companies, casinos, money mules and other “classic” methods. The report states that most …

Read More »

Hackers use .NET library for creating malicious Excel files

hackers use NET library

Researchers at NVISO Labs noticed that the Epic Manchego group uses unusual Excel files for attacks, created specifically to bypass defense mechanisms. The fact is that these files are not created through Microsoft Office – the hackers use the .NET library EPPlus. Typically, this library is used by application developers, …

Read More »

Magecart groupings extract stolen cards data via Telegram

Magecart extract card data

An information security specialist known under the pseudonym Affable Kraut discovered that Magecart web skimmer operators extract stolen cards data through Telegram channels. He concluded this based on information obtained by Sansec, which specializes in combating digital skimming and Magecart attacks. Let me remind you that initially the name MageCart …

Read More »

KryptoCibule malware steals cryptocurrency from Windows users

KryptoCibule malware steals cryptocurrency

ESET specialists discovered the KryptoCibule malware, which has been active since 2018 and steals cryptocurrency from Windows users in the Czech Republic and Slovakia (these countries accounted for 85% of infections). KryptoCibule has three main functions and is capable of: installing cryptocurrency miners on victims’ systems (CPU and GPU miners …

Read More »

Shlayer malware bypassed Apple security checks

Shlayer bypassed Apple checks

Security expert Peter Dantini discovered that the Shlayer malware bypassed Apple’s checks: it successfully passed the software notarization process and could run on any Mac running macOS Catalina and newer. In February of this year, Apple introduced a new security mechanism: any Mac software distributed outside the App Store must …

Read More »