News

Guram stresses that he is not ‘sponsored by Zoom’ 😊 First of all, nothing is bulletproof and anything can be hacked. We all make mistakes and learn from them. That’s how and why we improve and update software on a regular basis. Question is: on what basis are other blog posters or researchers assuming that there’s RCE, UNC Path Injection, weak or no E2E encryption and many other vulnerabilities which have been mentioned over the...

We can report that this week, Portuguese multinational energy giant Energias de Portugal (EDP) is the latest enterprise to be battling against cyber attackers after suffering a ransomware attack. The group behind this attack used the RagnorLocker malware variant and it has been reported that the hackers are demanding $10.9m as ransom in return for the stolen and locked files. It is believed that there is up to 10TB worth of critical corporate information which...

 Game-maker Zynga Inc.'s data security measures allegedly were weak and enabled a breach affecting more than 170 million users of its Words With Friends online game, according to a complaint filed in California federal court. The suit filed Wednesday in the Northern District of California claims Zynga failed to “reasonably protect” the data and didn’t provide timely breach notification, in violation of state consumer protection laws. Source: Bloomberg Law

  A massive television ad fraud campaign that abuses the programmatic advertising ecosystem for connected TV (CTV) has successfully impersonated more than 2 million people in over 30 countries so far during its run, defrauding more than 300 different brands out of their ad dollars. The recently uncovered CTV operation — named ICEBUCKET by the researchers at White Ops that discovered it – was bent on tricking advertisers into thinking there were real people watching...

SentinelOne has spoken out after an "attention-seeking prankster" trolled one of the firm's security researchers with the release of a new ransomware strain. On Wednesday, the cybersecurity firm said that new MBRLocker malware variants have been released in a consistent wave over April, and while many of them appear to be little more than "pranks" rather than serious attempts at deploying ransomware capable of generating a profit, one particular release caught the company's attention. Source:...

Hackers claim they have discovered two zero-day vulnerabilities for the Zoom video conferencing platform that would allow threat actors to spy on people’s private video conferences and further exploit a target’s system. Flaws target Zoom clients for the Windows and the MacOS operating system, according to a published report by Vice Motherboard. According to the report, the hackers are asking $500,000 for the Windows exploit. The article cites two unnamed cybersecurity zero-day brokers who claim...

Confidential documents belonging to some of the largest aerospace companies in the world were stolen and updated on the internet by the hackers after Visser denied to pay the ransom. The company manufactures precision parts for major industry players and these include CNC Machining, Injection Molds & Tooling, Metal Additive Manufacturing & 3D Plastic Printing. According to the Register, these documents included details of military equipment designed by Lockheed-Martin such as specifications for an antenna...

 The operators of the Nemty ransomware have announced this week they were shutting down their public Ransomware-as-a-Service operation and opting to go private in order to focus and put more resources on targeted attacks. For those unfamiliar with this malware operation, Nemty is a classic RaaS (Ransomware-as-a-Service). It launched in the summer of 2019 and has been heavily advertised on underground Russian-speaking hacking forums. Source: ZD Net

The Portugese multinational energy giant Energias de Portugal (EDP) is the latest company to fall victim to the RagnarLocker ransomware and the attackers are now asking for a $10.9m ransom to unlock its files. According to BleepingComputer and MalwareHunterTeam, the attackers claim to have stolen over 10TB of sensitive company files which they are threatening to leak if their ransom demands are not met. Source: Techradar

Tech company Wappalyzer has disclosed a security incident this week after a hacker began emailing its customers and offering to sell Wappalyzer's database for $2,000. "If you receive this e-mail it's because we get the full database of Wappalyzer, and your e-mail is on the database," the hacker, going by the name of CyberMath, wrote in an email sent to Wappalyzer customers this week. Source: ZD Net