NSA Warns of Sandworm Backdoor Attacks on Mail Servers
The Russian spy group, a.k.a. BlackEnergy, is actively compromising Exim mail servers via a critical security vulnerability.
‘Hack-For-Hire’ Firms Spoof WHO To Target Google Credentials
Google TAG report reveals that “hack for hire” firms are tapping into the coronavirus pandemic via WHO phishing lures.
ACLU Sues Clearview AI Over Faceprint Collection, Sale
Watchdog group said company has violated the Illinois BIPA and ‘will end privacy as we know it’ without intervention.
Inside the Hoaxcalls Botnet: Both Success and Failure
The DDoS group sets itself apart by using exploits — but it doesn’t always pan out.
Hackers Compromise Cisco Servers Via SaltStack Flaws
Attackers compromised six Cisco VIRL-PE servers that are affected by critical SaltStack vulnerabilities.
Google Location Tracking Lambasted in Arizona Lawsuit
The lawsuit, filed against Google by Arizona’s Attorney General, alleges that the tech giant uses “deceptive and unfair conduct” to obtain users’ location data.
PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time
Microsoft has warned on a new breed of patient ransomware attacks that lurk in networks for weeks before striking.
Valak Loader Revamped to Rob Microsoft Exchange Servers
Phishing campaigns targeting enterprises in U.S. and Germany have been used to nab enterprise mailing info, passwords and certificates.
The zero-day exploits of Operation WizardOpium
Back in October 2019 we detected a classic watering-hole attack on a North Korea-related news site that exploited a chain of Google Chrome and Microsoft Windows zero-days. While we’ve already published blog posts briefly describing this operation (available here and here), in this blog post we’d like to take a deep technical dive into the…
DoubleGun Group Builds Massive Botnet Using Cloud Services
The latest campaign spread malware via pirate gaming portals.