-
The security of the Threema messenger protocol turned out to be false
An analysis of the cryptographic protocols of the anonymous messenger Threema revealed several vulnerabilities that can bypass authentication protection and recover users' private keys.Threema is an encrypted messaging app with over 11 million users. According to ETH Zurich experts, flaws in the cryptographic protocol allow a hacker to:impersonate a legitimate user;change the order of messages in the dialog;clone the victim's account;use the backup recovery mechanism to obtain the user's private key;discreetly access future messages of users without their knowledge;access Threema servers to play old messages (this happens when the user reinstalls the app or changes...
-
An infected version of Telegram is spreading on the dark web to spy on Android users
ESET researchers have said that the StrongPity APT group is attacking Android users with a trojanized version of the Telegram app, which is distributed through a fake website that mimics Shagle's video chat service.The cyber-spy group StrongPity (APT-C-41 and Promethium) has been active since at least 2012 and targets victims in Syria, Turkey, Africa, Asia, Europe and North America.In the discovered campaign, cybercriminals distribute a backdoor to Android users that is capable of:record phone calls;track the location of the device;view SMS messages, call log, contacts and files;collect incoming messages from social networks and email clients...
-
How to choose a strain of magic mushrooms for a beginner?
Very often in the darknet you can find a Golden Teacher recommendation for the first time, however, GT is a rather “hard” strain, pay attention not to “strong”, but “hard”, therefore it is not recommended to use it for a beginner. Its effects are very mental, many first-timers can feel like a bad trip. For some, this effect was so strong that they destroyed the entire crop and refused to grow mushrooms further, although if they had started with a different strain, things might have been different.That is why Burma and Z-strain are recommended for...
-
Hackers have learned to drain the batteries of devices with Wi-Fi
Ali Abedi of Stanford University in California and his colleagues discovered a phenomenon they called "polite Wi-Fi". The essence of the phenomenon lies in the fact that devices communicate with other wireless gadgets, even if they do not belong to the same network. Moreover, hackers do not need to know the password for this, have special permissions, and the responses with requests may not contain any important information. However, Abedi's team still found a way to abuse such a connection.Recall that earlier a group of Belgian scientists from the University of Waterloo, led by Dr....
-
More than 700 organizations around the world have been hit by ransomware attacks
Kaspersky Lab experts reported that in the fourth quarter of 2022, more than 700 organizations around the world suffered from targeted ransomware attacks.Only eight large groups of cybercriminals are responsible for half of these attacks. Currently the most active are Clop (TA 505), Hive, Lockbit, RagnarLocker, BlackByte and BlackCat. The last two began to attack from the fall of 2021.Most of the attacks were carried out by LockBit. Over the entire existence of the ransomware, the number of its victims has exceeded a thousand. Among the main goals of the group are industries such as...
-
Crypto exchange FTX claims $415 million stolen
According to the company, the hack occurred shortly after the stock exchange crashed in November 2022.Crypto exchange FTX, which went bankrupt in November 2022, said that hackers stole $415 million from its accounts. CNBC reports this.According to them, $323 million were stolen from the international company FTX.com, another $90 million from the accounts of the American division of the company. $2 million withdrawn from hedge fund Alameda ResearchAccording to the company, the hack happened shortly after the stock market crash in November 2022.Recall that on November 11, 2022, the crypto exchange announced its bankruptcy, and...
-
Microsoft will disable SMB guest access
Only passwords, only hardcore!Microsoft wants to increase the security of Windows in the Pro editions by disabling guest access via the SMB protocol. The change is seen in Windows 11 Insider Preview Build 25276 released this month.A few years ago, Microsoft forcibly disabled the SMB1 protocol in recent versions of Windows, which caused inconvenience to many users. Now the changes concern the SMB2 and SMB3 protocols. They will continue to work, but guest access for them will be disabled by default, which means that you can only log in with a password. At the same...
-
White hat hackers will force ManageEngine developers to close a critical vulnerability
The PoC exploit is planned to be released to the public by the end of the week.The Horizon3 research team has developed a PoC exploit that targets a critical vulnerability in several Zoho ManageEngine products. At the end of the week, they plan to put it online, in the public domain. So, apparently, white hat hackers want to attract the attention of developers so that they “patch” a security hole as soon as possible.The vulnerability is known as CVE-2022-47966. It allows unauthorized attackers to execute arbitrary code on ManageEngine servers, that is, to carry out...
-
Euphoretics and overheating of the body
What is Hyponatremia This is a decrease in the level of sodium in the blood due to an excess of water in the body. Reducing the concentration to dangerous levels can lead to the development of temporary cerebral edema, confusion and headache, and in severe cases, to convulsions and death. This condition is difficult to quickly recognize, since it does not have pronounced and unambiguous external manifestations.“Drink plenty of water!” is a common recommendation for euphoretic users. However, it is large amounts of water, coupled with vigorous exercise and heavy sweating, that quickly use up...
-
Symantec experts find link between Bluebottle and OPERA1ER groups
Researchers at Symantec found that the activities of the Bluebottle group match those of the TTPs of the OPERA1ER group.Bluebottle members have used a signed Windows driver in attacks against banks in French-speaking countries, analysts say. Notably, the OPERA1ER group is made up of French-speaking hackers and is based in Africa, attacking local organizations as well as companies in Argentina, Paraguay and Bangladesh. According to Symantec, the actions and goals of the hackers from both groups are the same.The researchers found that both groups used the GuLoader tool to download malware and a signed driver,...
