Microsoft fixes Windows 10 bug that can corrupt NTFS drives

Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads that crash Windows 10 simply by opening the folder where they are downloaded. In January, we reported on a new Windows 10 vulnerability discovered by Jonas LykkegĂ„rd that allows any user or program, even those with low privileges, to … Continue reading Microsoft fixes Windows 10 bug that can corrupt NTFS drives

Major BGP leak disrupts thousands of networks globally

A large BGP routing leak that occurred last night disrupted the connectivity for thousands of major networks and websites around the world. Although the BGP routing leak occurred in Vodafone's autonomous network (AS55410) based in India, it has impacted U.S. companies, including Google, according to sources. BGP leak causes 13x spike in misdirected traffic Yesterday, … Continue reading Major BGP leak disrupts thousands of networks globally

SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence

A high-level manager and systems administrator associated with the FIN7 threat actor has been sentenced to 10 years in prison, the U.S. Department of Justice announced Friday. Fedir Hladyr, a 35-year-old Ukrainian national, is said to have played a crucial role in a criminal scheme that compromised tens of millions of debit and credit cards, … Continue reading SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence

Ryuk ransomware operation updates hacking techniques

Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network. The trend observed in attacks this year reveals a predilection towards targeting hosts with remote desktop connections exposed on the public internet. Furthermore, using targeted phishing emails to deliver the … Continue reading Ryuk ransomware operation updates hacking techniques

BazarLoader Malware Abuses Slack, BaseCamp Clouds

The BazarLoader malware is leveraging worker trust in collaboration tools like Slack and BaseCamp, in email messages with links to malware payloads, researchers said. And in a secondary campaign aimed at consumers, the attackers have added a voice-call element to the attack chain. The BazarLoader downloader, written in C++, has the primary function of downloading … Continue reading BazarLoader Malware Abuses Slack, BaseCamp Clouds