Home » News

News

Superman fans are in danger: NSSC specialists created a list of the most common passwords

Change your password

“123456” is the most widely met among hacked passwords. This conclusion made specialists from UK National Cyber Security Centre, NCSC, making their first cybersecurity research. NCSC analysts took as a basis Hanter Troj’s base «Have I Been Pwned» and extracted 100 000 most frequently used passwords. Results can surprise people that are experienced in cybersecurity. Most popular passwords was “123456”, …

Read More »

Microsoft IE11 vulnerability is more dangerous than it seemed as browser Edge is also sensitive to it

Researchers noted strange behavior in Windows 10 that can allow intruders remotely steal files that are stored on hard disks after user opens malware file in Microsoft Edge. For the first time problem was reported when cybersecurity researcher John Page published information about vulnerability in Microsoft Internet Explorer 11 that allows opening access to files on Microsoft OS. Page also …

Read More »

Repentant cybercriminal leaked tools of Iranian hackers in Telegram

Iran APT34

In the middle of March 2019 hacker that is known as Lab Dookhtengan published in Telegram tools of Iranian APT34 group (aka Oilrig and HelixKitten) as well as information about hackers and their alleged supervisors from Ministry of Information and National Security of Iran. Journalists of ZDNet communicated with Lab Dookhtegan and report that he confirms participation in DNSpionage campaign …

Read More »

Evernote released a patch for a gap that allowed intruders performing any code on macOS

Evernote

Specialists in cybersecurity detected an error that allows hackers run malware code from Evernote. A[,dropcap]s a result, intruders can use specially created URI in a note that would lead to the attack. Through file:/// link they offer user to open any malware file, for instance, “../../../../malware.app“. Such vulnerabilities united under the term “path traversal”. While Evernote provides technical opportunity to …

Read More »

Vulnerability in EA Origin client allows intruders to control gamers’ PCs

EA Origin

For convenience of millions of users Origin supports URL that begins with «origin://». Such links make possible to open application quickly and download a game, following a simple link from the website. Researchers of Undergo Security found that using this bag intruders could make links “origin://../malware”, that would enable attackers to use any application with the rights of current user. …

Read More »

Belgian Foreign Ministry suspended work of its services because of hackers’ attacks

Belgian Foreign Ministry

On Tuesday, 16 April, cyberattack forced Belgian Foreign Ministry to turn off its electronic services, including passports’ issue and documents legalization. Diplobel network that connects Ministry with embassies and consultants around the word that completely switched off. Restoration of its work will take about 72 hours. “We noticed an attempt to penetrate the Foreign Affairs network and decided, as a …

Read More »

Through vulnerabilities in Chrome for iOS traffic directs on commercial websites

Chrome for iOS

Experts from Confiant company that specializes on tracing malware advertisement campaigns say that hackers often use vulnerability in Chrome for iOS for redirecting iPhone and iPad users on fraud websites. Researchers already reported Google about the issue and its developers analyze this information. Most likely, that soon they will issued a patch. Existing bug allows attackers to use malware code …

Read More »

Rookit Scranos left China and seeks victims throughout the world

Scranos world effect

Multifunctional rootkit operators extended field of their activity outside China and now attack users all over the world. As say specialists of Bitdefender company, the highest number of victims is noted in Romania, France, India, Brazil and Indonesia. Scranos combines functions of backdoor, infostealer and advertisement software and can use all Windows versions, including Windows 10. Despite Scranos is on …

Read More »

Hackers can use Adblock Plus filters for storage of malware code

Adblock Plus

In popular advertisement blocker Adblock Plus is found vulnerability that allows organization of JavaScript-code performance. JS-code can be executed in case of usage unchecked filter, adopted by intruders (for instance, while connection to list side rules or through the substitution of rules in MITM-attack). Authors of lists with filter sets can organize performance of their code in context of web-sites …

Read More »

ASF launched new versions of Apache Tomcat web-server to close hazardous vulnerability

ApacheTomcat

Apache Software Foundation (ASF) issued new version of Apache Tomcat web-server for elimination of dangerous vulnerability that enables remote code performance and interception of control over server. Vulnerability CVE-2019-0232 contains in Common Gateway Interface (CGI) Servlet and manifests on Windows with turned parameter «enableCmdLineArguments». Issue linked with mechanism of Java Runtime Environment (JRE) transition arguments of command line. As in …

Read More »

Hackers more than half a year had access to correspondence of Microsoft mailing services users

Microsoft mail hacked

According to Microsoft report, between January 1, 2019 till March 28, 2019, third parties had access to data, connected with foreign email-accounts. Company explains that unknown intruders compromised account details of unnamed technical service employee and got access to folders, email themes, email-accounts and other correspondence details. Although initially Microsoft denied that hackers had access to letters and attachments, soon …

Read More »

Gmail was a first mail service that launched safety standards MTA-STS and TLS Reporting support

Gmail

According to Google message, Gmail became first big mailing service that supports new safety standards MTA-STS and TLS Reporting. Both standards are extensions for Simple Mail Transfer Protocol (SMTP) that is a protocol used for sending of all emails today. MTA-STS and TLS Reporting assist email-services in establishing cryptographically protected connections with each other. In some kind, it is prevention …

Read More »

Microsoft report: in March hackers actively used WinRAR vulnerabilities

WinRar hacked

Microsoft published details of Windows-managed attacks on computers in media companies that took place in March. In the attacks, criminals utilized famous WinRAR vulnerability that gained popularity within criminal groups in the latest months. Hackers armed themselves with it immediately after publication by Check Point company, on February 20. That time researchers demonstrated how through this vulnerability code with the …

Read More »

Hackers used flaw in Yuzo Related Posts plugin for a massive attack on WordPress-powered websites

Mail service Mailgun was attacked together with more than a thousand of other companies’ sites on Wednesday, April 10. During the attack hackers exploited vulnerability in Yuzo Related Posts plugin that allows establishment of scripting between web-sites (XSS). With its help attackers implemented on vulnerable websites a code that redirects users on malware resources, including fake technical service portals, malicious …

Read More »

Researchers found vulnerabilities in WPA3 protocol that allow obtaining Wi-Fi passwords

dragonblood

Though Wi-Fi Protected Access III (WPA3) standard released less than a year ago, researchers found significant vulnerabilities in a standard that enable Wi-Fi extraction and network access. WPA3 was created to improve flaws in WPA2 protocol that for a long time was considered unsafe and vulnerable to Key Reinstallation Attack (KRACK). Despite WPA3 protocol relies on safer handshake SAE (Simultaneous …

Read More »

In new patch Microsoft corrected 74 bugs, including two 0-day vulnerabilities

Microsoft Corporation issued update package that treats 74 bugs, including two zero-day (0-day) vulnerabilities in different products. Two recently discovered issues as CVE-2019-0803 and CVE-2019-0859 are vulnerabilities of privilege shift that involve Win32k component. According to Microsoft description, bug exists due to incorrect procession of memory volumes, and its exportation allows using a code in a kernel mode. As a …

Read More »

PoC-code for vulnerability in Apache HTTP-server published on GitHub

Developer Charles Fol discovered Carpe Diem (CVE-2019-0211) vulnerability in Apache HTTP Server 2.4. In certain conditions, it allows implementing side code which gives rights of administrator and capturing server management. Charles Fol published PoC-code on GitHub website. In the accompanying comments engineer explained that code has intermediate meaning between demonstrative PoC and valid exploit and has educational purposes. However, intruders …

Read More »

Exodus Spyware Found in Apple iOS Devices

The Exodus spyware was signed with legitimate Apple developer certificates. The government spyware Exodus, which was previously found in 25 different applications on Google Play, is now ported to iOS as well. This is a warning researchers Lookout Security. Spy Exodus can extract user contacts, record conversations, intercept photos and track location. According to experts, the iOS version of this …

Read More »