Latest Entries »

A German email provider has closed the account of a hacker behind the new ransomware outbreak, meaning victims can’t get decryption keys.

View full article »

Like earlier ransomware worm, new attacks use potent exploit stolen from the NSA.

View full article »

Earlier today (June 27th), we received reports about a new wave of ransomware attacks spreading around the world, primarily targeting businesses in Ukraine, Russia and Western Europe. If you were one of the unfortunate victims, this screen might look familiar: View full article »

A massive attack erupted today (June 27) worldwide, with a high concentration of hits in Ukraine – including the Ukrainian central bank, government offices and private companies. View full article »

Photo published for «Киевэнерго» и украинские банки подверглись хакерской атаке

Watch out, readers! It is ransomware, another WannaCry, another wide-spread attack.
The WannaCry ransomware is not dead yet and another large scale ransomware attack is making chaos worldwide, shutting down computers at corporates, power supplies, and banks across Russia, Ukraine, Spain, France, UK, India, and Europe and demanding $300 in bitcoins. View full article »

In issue 1260 I discussed Microsoft’s “apicall” instruction that can invoke a large number of internal emulator apis and is exposed to remote attackers by default in all recent versions of Windows. I asked Microsoft if this was intentionally exposed, and they replied “The apicall instruction is exposed for multiple reasons”, so this is intentional. View full article »

The Register article … s_10_leak/ has got BetaArchive a fair amount of attention this evening. They claim, and I quote “32TB of Windows 10 internal builds, core source code leak online”. View full article »

Unreleased 64-bit ARM versions, Server editions among dumped data

View full article »

A recent incident has left the voting records of 198 million Americans exposed. The data included the names, dates of birth, addresses, and phone numbers of voters from both parties. It also included voter’s positions on various political issues and their projected political preference. Although it is not unusual to collect this type of information, it should raise alarm bells that the platform hosting this data was not secured. This is the largest known data exposure in the United States, leaving the sensitive information of millions of Americans unprotected. View full article »

On June 20th Check Point published an IPS signature providing virtual patching for the Siemens SIPROTEC DoS vulnerability. This IPS signature can help protect against a new malware, CrashOverride, also known as Industroyer– that is a direct threat to Electric Grid Operators. View full article »