IT Security News

  • Novel Attack Turns Amazon Devices Against Themselves

    Researchers have discovered how to remotely manipulate the Amazon Echo through its own speakers.

    read more 

  • Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak

    The move comes just a week after GPU-maker NVIDIA was hit by Lapsus$ and every employee credential was leaked.

    read more 

  • NVIDIA’s Stolen Code-Signing Certs Used to Sign Malware

    NVIDIA certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines.

    read more 

  • Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape

    Both vulnerabilities are use-after-free issues in Mozilla's popular web browser.

    read more 

  • Massive Meris Botnet Embeds Ransomware Notes from REvil

    Notes threatening to tank targeted companies' stock price were embedded into the DDoS ransomware attacks as a string_of_text directed to CEOs and webops_geeks in the URL.

    read more 

  • Conti Ransomware Group Diaries, Part III: Weaponry

    Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it's like to be an employee of Conti's sprawling organization. Today's Part III looks at how Conti abused a panoply of popular commercial security services to undermine the security of their targets, as well as how the team’s leaders strategized for the upper hand in ransom negotiations with victims.

    read more 

  • Free HermeticRansom Ransomware Decryptor Released

    Cruddy cryptography means victims whose files have been encrypted by the Ukraine-tormenting ransomware can break the chains without paying extortionists.

    read more 

  • Conti Ransomware Group Diaries, Part II: The Office

    Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s story examined how Conti dealt with its own internal breaches and attacks from private security firms and governments. In Part II of this series we’ll explore what it’s like to work for Conti, as described by the Conti employees themselves.

    read more 

  • Conti Ransomware Group Diaries, Part I: Evasion

    A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. The records also provide insight into how Conti has dealt with its own internal breaches and attacks from private security firms and foreign governments.

    read more 

  • Russia Sanctions May Spark Escalating Cyber Conflict

    President Biden joined European leaders this week in enacting economic sanctions against Russia in response its military invasion of Ukraine. The West has promised tougher sanctions are coming, but experts warn these will almost certainly trigger a Russian retaliation against America and its allies, which could escalate into cyber attacks on Western financial institutions and energy infrastructure.

    read more