Andy

Cybersecurity journalist from Montreal, Canada. Studied communication sciences at Universite de Montreal. I was not sure if a journalist job is what I want to do in my life, but in conjunction with technical sciences, it is exactly what I like to do. My job is to catch the most current trends in the cybersecurity world and help people to deal with malware they have on their PCs.

GoDaddy Data Breach

GoDaddy Data Breach

On November 22, 2021 GoDaddy, an American publicly traded Internet domain registrar and web hosting company announced a security incident that affects Managed WordPress Service. The incident happened on November 17, 2021 when the company discovered unauthorized third-party access to their Managed WordPress hosting environment. The investigation currrently runs but GoDaddy ascertained that from the beginning of September 6, 2021, …

Read More »

Attackers usually don`t brute-force long passwords

Attackers usually don`t brut-force long passwords

Microsoft’s network of honeypot servers data showed that very few attacks targeted long and complex credentials. Instead, they primarily focus on short passwords. Ross Bevington, a security researcher at Microsoft, analyzed the credentials entered from over 25 million brute-force attacks against SSH. This is around 30 days of data in Microsoft’s sensor network. Passwords of over 10 characters saw only …

Read More »

Another Windows zero day allows for admin privileges

Another Windows zero day allows for admin privileges

Researcher Abdelhamid Naceri who often reports on Windows bugs this time dropped a working proof-of-concept exploit for admin privileges zero-day on GitHub. According to Naceri it will work on all supported versions of Windows. This particular zero day can allow a potential bad actor to open a command prompt with SYSTEM privileges from an account with only low-level ‘Standard’ privileges. …

Read More »

Conti`s Ransomware Data Leakage

Conti`s Ransomware Data Leakage

A Swiss PRODAFT Threat Intelligence (PTI) Team recently published a report on their findings that relate to one of the most notorious cybercriminal gangs in the world. The team managed to get access to Conti`s infrastructure and obtained the real IP addresses of their servers. The report gives insights on how the Conti ransomware gang works, how many targets they …

Read More »

Mobile Spyware Threat

Mobile Spyware Threat

You are not being paranoid and still suspect that something is odd with your mobile phone. Unfortunately it might be the case. Either it is your toxic partner or even that quite legitimate app you recently downloaded. In any case someone with something is trespassing on your privacy. Mobile spyware became the field where the lines between the right and …

Read More »

Ransomware actors use WinRar for encryption

Ransomware actors use WinRar for encryption

This year almost at the end of October a new ransomware group appeared with quite an unordinary encryption technique. “Memento Team” instead of encrypting files itself copies them into password-protected archives by using a retitled freeware version of the legitimate file utility WinRAR. Then the gang locks the archive with passwords and deletes original files. In the ransomware note criminals …

Read More »

Your smartphone ToF can detect spy cams

Your smartphone can detect spy cams

James Bond alert! Earlier this week at the 19th ACM Conference on Embedded Networked Sensor Systems academic cybersecurity researchers from South Korea and Singapore presented their work with a title Laser-Assisted Photography Detection (LAPD). Bangjie Sun, Sriram Sami, Sean Rui Xiang Tan, from National University of Singapore and Jun Han from Yonsei University described in the paper a technique to …

Read More »

Tiktok Phishing Campaign

Tiktok Phishing Campaign

Recently, on October 2, 2021, and November 1, 2021 one media outlet reported the news. Some bad actors conducted a rather large phishing campaign. According to a report it seemed like they primarily decided to target accounts with rather large audiences coverage. Scammers pretended to be from the Tiktok team. And attackers wrote in those emails that either they needed …

Read More »

Top Most Common Passwords 2021

Top Most Common Passwords 2021

So you think it’s time to change your password when you recently noticed that it may be your neighbor who is connecting to your wifi. Then it’s quite the time to take a look at the top most common passwords of 2021 in order not to fail with your password again. The most common passwords around the world in 2021 …

Read More »

Fake FBI Spam Emails

Fake FBI Spam Emails

Several news outlets report that at least 100,000 people received spam emails allegedly from the FBI. The emails carried signatures of the U.S. Department of Homeland Security’s Cyber Threat Detection and Analysis Group. Intrestingly, because the FBI put the mentioned organization on stop more than two years ago. Those emails contained strange, technically confused messages about some upcoming attacks. For …

Read More »

Free Unofficial Patch for Zero-Day Bug in Windows

Free Unofficial Patch for Zero-Day Bug in Windows

During the late August Patch Tuesday Microsoft uncompletely patched a zero-day bug that goes by the identification CVE-2021-34484. The company only fixed the impact of the proof-of-concept (PoC). Earlier security researcher Abdelhamid Naceri made a report on the issue. This uncompletely patched bug affects all Windows versions, including Windows 10, Windows 11, and Windows Server 2022. In the Windows User …

Read More »

Denis Dubnikov`s extradition to US

Denis Dubnikov`s extradition to US

The US Justice Department seeks an extradition of the Russian businessman Denis Dubnikov. Earlier the Netherlands government detained him at the airport in Amsterdam at the request of the FBI. The Justice Department accuses Russian of ransomware money laundering, an activity Dubnikov denies to be guilty of. According to Dubnikov`s lawyer Arkady Bukh his client will try to stop the …

Read More »

Palo Alto`s massive zero-day hole

Palo Alto`s massive zero-day hole

Palo Alto`s massive zero-day hole CVE 2021-3064 scored a CVSS rating of 9.8 out of 10 for vulnerability severity. The PAN’s GlobalProtect firewall allows for unauthenticated RCE on multiple versions of PAN-OS 8.1 prior to 8.1.17, on both physical and virtual firewalls. It potentially leaves 10,000 vulnerable firewalls with their goods exposed to the internet. Randori researches concerning the vulnerability …

Read More »

Moses Staff leaked Israel area 3D photos

Moses Staff leaked Israel area 3D photos

Now well-known Moses Staff group posted not long ago the information on their Twitter account that the group gained access to the 3D photos of all Israely area. Moses Staff carried out not only this particular attack.They already been targeting multiple organizations in the same country. The group appeared in September 2021 and since then has been carrying out their …

Read More »

The Ransomware Statistics

The ransomware statistics

Over the past years the ransomware attacks have significantly increased according to statistics. With them targeting all kinds of organizations the large enterprises suffer the most. It’s an average of 10,000 attacks over the past two years. Cyber security specialists point out to the remarkable shift due to the pandemic in mode of work, mainly it is remote nowadays. And …

Read More »

REvil hackers` storm of arrests

REvil hackers` storm of arrests

It seems like global society has decided to go after ransomware criminals with full force. This year brought the most headlines on the subject. Law enforcement agencies around the world conducted several arrests connected to this particular criminal ecosystem. And this time one of the REvil hackers Yaroslav Vasinskyi, 22, awaits his extradition to the US in Poland. Ukrainian REvil …

Read More »

Hive group attacked Media Markt demanding $50 million

Hive group attacked Media Markt demanding $50 million

Last Sunday a German multinational chain of stores selling consumer electronics with over 1000 stores in Europe endured a cyberattack. Media Markt has over 1,000 stores in 13 countries. It employs roughly 53,000 employees and has a total revenue of €20.8 billion. Company’s branches in Germany, Belgium and Netherlands fell victims to the Hive ransomware onslaught. Hive ransomware attacked Media …

Read More »

Operation Cyclone sweeps Cl0p ransomware hackers

Operation Cyclone sweeps Cl0p ransomware hackers

Interpol, the International Criminal Police Organization, recently shared the details of the codenamed Cyclone operation. It resulted in six persons` arrest in June this year and two Red Notices issued by international law enforcement. The whole operation and investigation lasted all 30 months under the lead of Ukraine, Korea and the US. Suspects allegedly worked on behalf of the Cl0p …

Read More »

Bounty rewards to hunt DarkSide ransomware hackers

Million rewards for information on DarkSide ransomware

The US Department of Justice announced a money reward of up to $10,000,000 for information on DarkSide leadership individuals. It includes the information on their location or identification. Also the Department promises up to $5,000,000 for information that will bring DarkSide affiliates to arrest and/or conviction. “More than 75 transnational criminals and major narcotics traffickers have been brought to justice …

Read More »

BlackMatter Great Shut Down

BlackMatter Great Shut Down

BlackMatter ransomware group announced its shut down due to “pressure from the authorities”. VX-Underground, which collects the latest malware samples posted the BlackMatter announcement about its shut down on Twitter. Many believe DarkSide to be the predecessor of BlackMatter. And it’s quite the possibility in the future for hackers to just reappear under a different name. BlackMatter ransomware group has …

Read More »

REvil hacker Yevgeniy Polyanin on the FBI wanted list

REvil hacker Yevgeniy Polyanin on the FBI wanted list

On Monday, November 8, 2021 United States Department of Justice announced charges against two foreign nationals Russian Yevgeniy Polyanin and Ukrainian Yaroslav Vasinskyi. They reportedly deployed Sodinokibi/REvil ransomware to attack government entities and businesses in the United States. REvil hacker appeared on the FBI wanted list According to the indictment Yevgeniy Polyanin, 28, a Russian national conducted Sodinokibi/REvil ransomware attacks …

Read More »

Gigantic PinkBot discovered in the wild

Gigantic "Pink" Botnet discovered in the wild

On November 21, 2021 researchers from 360NetLab obtained a sample of yet the biggest observed botnet. It got the name Pink because of its functions starting with the word pink. During peak time PinkBot had control over 1.6 million devices with most of them (96%) located in China. Having very robust architecture it targets mainly mips based fiber routers. Botnet …

Read More »

12 high-profile ransomware hackers targeted

12 high-profile hackers targeted by Europol

On October 26th the action day against ransomware took place. Joint forces conducted operations in Ukraine and Switzerland. Specialists consider suspects high-value targets because of their involvement in other high-profile cases in various jurisdictions. As a result of the operation joint forces seized over USD 52 000 in cash, also 5 luxury cars. In addition, forensic specialists currently assess the …

Read More »

Coalition Against Stalkerware in fighting stalkerware

Coalition Against Stalkerware take steps in fighting stalkerware

Recently the Coalition Against Stalkerware held a platform where coordinators conducted two online training sessions dedicated to digital stalking and domestic violence. More than 210 participants joined the sessions. At them experts provided participants with the technological knowledge concerning stalkeware and it’s installation methods. Law enforcement officers learned also about various methods to detect stalkerware safely for victims. The Coalition …

Read More »

Vladimir Dunaev faces charges for cybercrimes

Russian national faces charges for cybercrimes

According to Reuters on October 28th Russian national Vladimir Dunaev faced charges for several cybercrimes. The U.S. Department of Justice reports that the U.S government extradited the defendant from South Korea to Ohio. U.S. federal court on Thursday charged him with his alleged role in a cybercriminal organization. Vladimir Dunaev faces charges in US court As the indictment goes, from …

Read More »

Armageddon hackers identified behind over 5,000 cyberattacks on Ukraine gov’t agencies

Armageddon hackers identified behind over 5,000 cyberattacks on Ukraine gov’t agencies

Cyber security experts with the SBU Security Service of Ukraine jointly uncovered identities of the hackers.They come from the well-known ARMAGEDON group. The group conducted more than 5,000 cyberattacks on Ukrainian government bodies and critical infrastructure facilities. Specialists documented unparalleled large scale crimes of the hacker group as well. Armageddon group primarily targeted Ukraine Authorities don`t disclose information on attack`s …

Read More »

Squid Game Crypto Scam

Squid Game Crypto Scam

Luke Hartford, a structural engineer from Sydney, Australia recently came across a tweet by someone named Jonhree112. The user called for attention to the new cryptocurrency on the rise. It increased 1,000 percent in price and everything promised to get up to the whole 200 percent. At that time each coin cost 72 cents. The latest Netflix series Squid Game …

Read More »

Google fixes 2 actively exploited zero-days

Google fixes 2 actively exploited zero-days

Recently Google released an emergency update for Chrome browser. The reason for that also lies in 2 actively exploited zero-day vulnerabilities. The internet giant’s Threat Analysis Group (TAG) discovered and reported on the flaw on September 15, 2021, and October 26, 2021, correspondingly. Cybersecurity specialists say they are those actively exploited in the wild. Identified as CVE-2021-38000 and CVE-2021-38003 the …

Read More »

AtomSilo, Babuk, and LockFile victims get free decryptor key

AtomSilo, Babuk, and LockFile ransomware victims get free decryptor key

Victims of AtomSilo, Babuk and LockFile get a free decryptor key. The decryption key for AtomSilo and LockFile presents itself in a single download because of the similarities between the two. The decryptor for Babuk appeared separately. AtomSilo,Babuk and LockFile decryptor key Jiří Vinopal, a security researcher at RE-CERT, shared the information on cracking the AtomSilo encryption. He also presented …

Read More »

Researcher showed how to easily crack Wi-Fi passwords

Researcher showed how to easily crack Wi-Fi passwords

Recently a Tel-Aviv-based security researcher shared on the internet the results of his experiment. Ido Hoorvitch wanted to show how vulnerable most networks are. The results amazed everyone. For the experiment, he used a $50 Wi-Fi signal extender and a laptop. Other tools included specialized hardware drivers that enable monitor mode with the signal extender and packet capture tools. The …

Read More »