admin

admin

  • Joined: September 10, 2024
  • Articles: 8823

Google Alerts Users About Increase in State-Sponsored Cyber Attacks

Oct 03, 2012

“Warning: We suspect state-sponsored attackers may be trying to compromise your account or device.” This unusual notification has appeared at the top of Gmail inboxes, Google home pages, and Chrome browsers over the last three months, catching many users off guard. According to Google, these warnings are not the result of a breach within their systems or a specific attack. Since initiating alerts for potential state-sponsored activities in June, the company has detected thousands more cyberattack instances than initially expected, as reported by the New York Times. Google is now ready to send these alerts to tens of thousands more users, thanks to enhanced detection methods for suspicious activities. Mike Wiacek, a manager on Google’s information security team, noted that the company has significantly improved its understanding of attack methods and the entities behind them, leading to the rollout of new alerts starting Tuesday.

Google Alerts Users to State-Sponsored Cyber Attacks October 3, 2012 In a significant move to enhance user security, Google has begun issuing warnings about potential state-sponsored cyber threats aimed at compromising user accounts and devices. For the past three months,…

Title: The Rise of Weak Passwords and Account Breaches: Insights from the 2025 Blue Report

August 21, 2025
Password Security / Identity Protection

Security professionals often focus on countering advanced adversary techniques, yet many impactful attacks stem from compromised credentials. The latest Picus Security’s Blue Report 2025 reveals that organizations still struggle to prevent password cracking and detect the misuse of compromised accounts. As we reach the midpoint of 2025, it’s evident that compromised accounts remain a significant vulnerability, emphasizing the urgent need for a proactive stance against these threats.

A Wake-Up Call: The Alarming Increase in Successful Password Cracking

The Picus Blue Report offers an annual analysis of how effectively organizations are preventing and detecting genuine cyber threats, going beyond traditional measures to highlight critical areas for improvement.

Weak Passwords and Compromised Accounts: Insights from the 2025 Blue Report August 21, 2025 Password Security / Identity Protection In an evolving landscape of cybersecurity threats, organizations often prioritize advanced adversary tactics, yet the most significant vulnerabilities frequently arise from…

NSA Identifies New Vulnerabilities in Microsoft Exchange Servers

April 14, 2021

In its April update, Microsoft addressed a total of 114 security vulnerabilities, including one actively exploited zero-day flaw and four remote code execution issues within Exchange Server. Among these vulnerabilities, 19 are classified as Critical, 88 as Important, and one as Moderate. Notably, CVE-2021-28310 is a privilege escalation vulnerability within Win32k, currently under active exploitation, allowing attackers to execute malicious code and gain elevated privileges on affected systems. Cybersecurity firm Kaspersky, which reported the flaw to Microsoft in February, connected the zero-day exploit to the Bitter APT group, known for utilizing a similar vulnerability (CVE-2021-1732) in attacks last year. “This is an escalation of privilege (EoP) exploit likely used in conjunction with other browser exploits to bypass sandboxes or obtain system privileges for further access,” explained Kaspersky researcher Boris Larin.

NSA Uncovers New Vulnerabilities Impacting Microsoft Exchange Servers April 14, 2021 In a recent wave of updates, Microsoft addressed a total of 114 security vulnerabilities, prominent among them being a zero-day exploit and multiple remote code execution issues affecting Microsoft…

Swedish Authorities’ PRQ Raid Sparks Cyber Attack from Anonymous

On October 3, 2012, hackers identifying as members of the Anonymous network seized control of the official website for Sweden’s National Board of Health and Welfare. This development followed a police raid on PRQ, a Stockholm-based web hosting company, just days prior. A video allegedly created by Anonymous appeared on YouTube, warning Swedish authorities of potential consequences. The hacktivist group announced that a cyber attack on Sweden’s Riksbank was planned for Wednesday night, stating: “It has come to our attention that the Swedish government raided PRQ servers to shut down various file-sharing and torrent websites. This has gone too far. This is unacceptable. Anonymous says this stops right now. You don’t mess with The Internet… Today we hit their wallets hard.” The Riksbank is taking these threats seriously, acknowledging them as a public security concern and committing to maintaining the safety of their online presence.

Swedish Authorities’ Raid on PRQ Incites Cyber Response from Anonymous October 3, 2012 In a recent escalation of digital conflict, hackers identifying themselves as part of the Anonymous collective have launched a cyber-attack targeting the official website of Sweden’s National…

Urgent: Update Your Chrome Browser Immediately to Fix Recently Discovered Vulnerability

Google has released a critical update for the Chrome web browser across Windows, Mac, and Linux, addressing seven security issues, including one actively exploited flaw. Identified as CVE-2021-21224, this vulnerability arises from a type confusion problem in the V8 JavaScript engine, reported by security researcher Jose Martinez on April 5. Security expert Lei Cao explains that the bug occurs during integer type conversion, leading to an out-of-bounds condition that could allow arbitrary memory read/write access. “Google is aware of reports indicating that exploits for CVE-2021-21224 are in the wild,” stated Chrome’s Technical Program Manager, Srinivas Sista, in a recent blog post. This update follows the release of proof-of-concept code by a researcher named “frust” on April 14, highlighting the urgency of addressing this issue.

Urgent Update: Chrome Browser Patch Addresses Active Exploit On April 20, 2021, Google released a critical update for its Chrome web browser, applicable to Windows, Mac, and Linux systems, which addresses seven security vulnerabilities, including one that has been actively…

Anonymous Threatens Estonian Government with Impending Cyber Attack

Oct 10, 2012

On October 8, the hacker collective Anonymous, through its AnonSwedenOp account, released a video on YouTube warning the Estonian government of a potential cyber attack. The video accused the government of neglecting its citizens, claiming, “The Estonian government sacrificed its own people rather than providing support. Instead of helping its own, it has funneled money to Greece, which is in a better financial position.” They highlighted the irony of Estonia’s financial struggles while simultaneously donating €357 million to Greece.

The group’s video indicated that the attack, dubbed Operation #OpEstonia, is likely scheduled for Friday, October 12. It concluded with a message of solidarity towards the Estonian people: “This must end. Estonian people, we haven’t forgotten you.”

Recently, Anonymous also targeted the website of the Swedish central bank, raising concerns about the potential scale and intensity of the forthcoming attack.

Stay updated—subscribe to our daily newsletter for the latest developments.

Anonymous Threatens Estonian Government with Cyber Attack On October 8, the hacker collective Anonymous, through its AnonSwedenOp channel, released a video on YouTube, issuing a warning to the Estonian government about a potential cyber attack. The video criticizes the government’s…

Cybercriminals Utilize ClickFix Tactic and Fake CAPTCHA Pages to Distribute CORNFLAKE.V3 Backdoor

August 21, 2025
Malware / Cryptocurrency

Threat actors have been observed employing the ClickFix social engineering tactic to disseminate a versatile backdoor known as CORNFLAKE.V3. Google-owned Mandiant reported this activity, identified as UNC5518, as part of an access-as-a-service scheme that utilizes fake CAPTCHA pages to entice users into granting initial system access, which is subsequently monetized by other threat groups. “The initial infection method, referred to as ClickFix, involves tricking users on compromised websites into copying and executing a malicious PowerShell script through the Windows Run dialog,” Google detailed in a report released today. Access provided by UNC5518 is believed to be exploited by at least two distinct hacking groups, UNC5774 and UNC4108, to launch a multi-stage infection process and introduce additional payloads. UNC5774, another financially motivated group, employs CORNFLAKE to deploy various subsequent payloads. UNC4108, also a threat actor…

Cybercriminals Exploit ClickFix Strategy to Distribute CORNFLAKE.V3 Backdoor via Fake CAPTCHA Pages On August 21, 2025, cybersecurity experts reported a notable tactic employed by cybercriminals involving the deployment of a versatile backdoor, known as CORNFLAKE.V3, through a method termed ClickFix.…