The Breach News

New Vulnerabilities May Allow Hackers to Bypass Spectre Mitigations on Linux

Cybersecurity researchers have recently unveiled two critical vulnerabilities in Linux-based systems. If exploited, these flaws could enable attackers to bypass mitigations for speculative execution attacks like Spectre and access sensitive kernel memory. Identified by Piotr Krysiuk from Symantec’s Threat Hunter team, the vulnerabilities are designated as CVE-2020-27170 and CVE-2020-27171, both with a CVSS score of 5.5. They affect all Linux kernels released before version 5.11.8. Security patches were made available on March 20, with various distributions, including Ubuntu, Debian, and Red Hat, implementing fixes. CVE-2020-27170 can disclose content from any kernel memory location, while CVE-2020-27171 enables data retrieval from a 4GB segment of kernel memory. First reported in January 2018, the Spectre and Meltdown vulnerabilities exploit weaknesses in modern CPUs to leak sensitive data.

New Vulnerabilities Raise Concerns Over Spectre Mitigations on Linux Systems On March 29, 2021, cybersecurity researchers revealed two significant vulnerabilities affecting Linux-based operating systems that could enable hackers to bypass existing protections against speculative execution attacks, including the notorious Spectre exploit. Discovered by Piotr Krysiuk from Symantec’s Threat Hunter team,…

Read More

New Vulnerabilities May Allow Hackers to Bypass Spectre Mitigations on Linux

Cybersecurity researchers have recently unveiled two critical vulnerabilities in Linux-based systems. If exploited, these flaws could enable attackers to bypass mitigations for speculative execution attacks like Spectre and access sensitive kernel memory. Identified by Piotr Krysiuk from Symantec’s Threat Hunter team, the vulnerabilities are designated as CVE-2020-27170 and CVE-2020-27171, both with a CVSS score of 5.5. They affect all Linux kernels released before version 5.11.8. Security patches were made available on March 20, with various distributions, including Ubuntu, Debian, and Red Hat, implementing fixes. CVE-2020-27170 can disclose content from any kernel memory location, while CVE-2020-27171 enables data retrieval from a 4GB segment of kernel memory. First reported in January 2018, the Spectre and Meltdown vulnerabilities exploit weaknesses in modern CPUs to leak sensitive data.

Google Alerts Users About Increase in State-Sponsored Cyber Attacks

Oct 03, 2012

“Warning: We suspect state-sponsored attackers may be trying to compromise your account or device.” This unusual notification has appeared at the top of Gmail inboxes, Google home pages, and Chrome browsers over the last three months, catching many users off guard. According to Google, these warnings are not the result of a breach within their systems or a specific attack. Since initiating alerts for potential state-sponsored activities in June, the company has detected thousands more cyberattack instances than initially expected, as reported by the New York Times. Google is now ready to send these alerts to tens of thousands more users, thanks to enhanced detection methods for suspicious activities. Mike Wiacek, a manager on Google’s information security team, noted that the company has significantly improved its understanding of attack methods and the entities behind them, leading to the rollout of new alerts starting Tuesday.

Google Alerts Users to State-Sponsored Cyber Attacks October 3, 2012 In a significant move to enhance user security, Google has begun issuing warnings about potential state-sponsored cyber threats aimed at compromising user accounts and devices. For the past three months, many Google users have noticed an unusual notification appearing at…

Read More

Google Alerts Users About Increase in State-Sponsored Cyber Attacks

Oct 03, 2012

“Warning: We suspect state-sponsored attackers may be trying to compromise your account or device.” This unusual notification has appeared at the top of Gmail inboxes, Google home pages, and Chrome browsers over the last three months, catching many users off guard. According to Google, these warnings are not the result of a breach within their systems or a specific attack. Since initiating alerts for potential state-sponsored activities in June, the company has detected thousands more cyberattack instances than initially expected, as reported by the New York Times. Google is now ready to send these alerts to tens of thousands more users, thanks to enhanced detection methods for suspicious activities. Mike Wiacek, a manager on Google’s information security team, noted that the company has significantly improved its understanding of attack methods and the entities behind them, leading to the rollout of new alerts starting Tuesday.

The Ongoing Struggle to Renew Essential US Spy Powers Remains Chaotic

Content Review: Cybersecurity Implications of Legislative Changes Recent legislative discussions surrounding the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA) have ignited significant concern among cybersecurity experts and advocates for civil liberties. In a revealing critique, a senior Democratic aide described components of the proposed legislation as…

Read MoreThe Ongoing Struggle to Renew Essential US Spy Powers Remains Chaotic

Title: The Rise of Weak Passwords and Account Breaches: Insights from the 2025 Blue Report

August 21, 2025
Password Security / Identity Protection

Security professionals often focus on countering advanced adversary techniques, yet many impactful attacks stem from compromised credentials. The latest Picus Security’s Blue Report 2025 reveals that organizations still struggle to prevent password cracking and detect the misuse of compromised accounts. As we reach the midpoint of 2025, it’s evident that compromised accounts remain a significant vulnerability, emphasizing the urgent need for a proactive stance against these threats.

A Wake-Up Call: The Alarming Increase in Successful Password Cracking

The Picus Blue Report offers an annual analysis of how effectively organizations are preventing and detecting genuine cyber threats, going beyond traditional measures to highlight critical areas for improvement.

Weak Passwords and Compromised Accounts: Insights from the 2025 Blue Report August 21, 2025 Password Security / Identity Protection In an evolving landscape of cybersecurity threats, organizations often prioritize advanced adversary tactics, yet the most significant vulnerabilities frequently arise from simpler failures, namely weak passwords and compromised accounts. The latest…

Read More

Title: The Rise of Weak Passwords and Account Breaches: Insights from the 2025 Blue Report

August 21, 2025
Password Security / Identity Protection

Security professionals often focus on countering advanced adversary techniques, yet many impactful attacks stem from compromised credentials. The latest Picus Security’s Blue Report 2025 reveals that organizations still struggle to prevent password cracking and detect the misuse of compromised accounts. As we reach the midpoint of 2025, it’s evident that compromised accounts remain a significant vulnerability, emphasizing the urgent need for a proactive stance against these threats.

A Wake-Up Call: The Alarming Increase in Successful Password Cracking

The Picus Blue Report offers an annual analysis of how effectively organizations are preventing and detecting genuine cyber threats, going beyond traditional measures to highlight critical areas for improvement.

NSA Identifies New Vulnerabilities in Microsoft Exchange Servers

April 14, 2021

In its April update, Microsoft addressed a total of 114 security vulnerabilities, including one actively exploited zero-day flaw and four remote code execution issues within Exchange Server. Among these vulnerabilities, 19 are classified as Critical, 88 as Important, and one as Moderate. Notably, CVE-2021-28310 is a privilege escalation vulnerability within Win32k, currently under active exploitation, allowing attackers to execute malicious code and gain elevated privileges on affected systems. Cybersecurity firm Kaspersky, which reported the flaw to Microsoft in February, connected the zero-day exploit to the Bitter APT group, known for utilizing a similar vulnerability (CVE-2021-1732) in attacks last year. “This is an escalation of privilege (EoP) exploit likely used in conjunction with other browser exploits to bypass sandboxes or obtain system privileges for further access,” explained Kaspersky researcher Boris Larin.

NSA Uncovers New Vulnerabilities Impacting Microsoft Exchange Servers April 14, 2021 In a recent wave of updates, Microsoft addressed a total of 114 security vulnerabilities, prominent among them being a zero-day exploit and multiple remote code execution issues affecting Microsoft Exchange Servers. This April patch release is significant, as it…

Read More

NSA Identifies New Vulnerabilities in Microsoft Exchange Servers

April 14, 2021

In its April update, Microsoft addressed a total of 114 security vulnerabilities, including one actively exploited zero-day flaw and four remote code execution issues within Exchange Server. Among these vulnerabilities, 19 are classified as Critical, 88 as Important, and one as Moderate. Notably, CVE-2021-28310 is a privilege escalation vulnerability within Win32k, currently under active exploitation, allowing attackers to execute malicious code and gain elevated privileges on affected systems. Cybersecurity firm Kaspersky, which reported the flaw to Microsoft in February, connected the zero-day exploit to the Bitter APT group, known for utilizing a similar vulnerability (CVE-2021-1732) in attacks last year. “This is an escalation of privilege (EoP) exploit likely used in conjunction with other browser exploits to bypass sandboxes or obtain system privileges for further access,” explained Kaspersky researcher Boris Larin.

Swedish Authorities’ PRQ Raid Sparks Cyber Attack from Anonymous

On October 3, 2012, hackers identifying as members of the Anonymous network seized control of the official website for Sweden’s National Board of Health and Welfare. This development followed a police raid on PRQ, a Stockholm-based web hosting company, just days prior. A video allegedly created by Anonymous appeared on YouTube, warning Swedish authorities of potential consequences. The hacktivist group announced that a cyber attack on Sweden’s Riksbank was planned for Wednesday night, stating: “It has come to our attention that the Swedish government raided PRQ servers to shut down various file-sharing and torrent websites. This has gone too far. This is unacceptable. Anonymous says this stops right now. You don’t mess with The Internet… Today we hit their wallets hard.” The Riksbank is taking these threats seriously, acknowledging them as a public security concern and committing to maintaining the safety of their online presence.

Swedish Authorities’ Raid on PRQ Incites Cyber Response from Anonymous October 3, 2012 In a recent escalation of digital conflict, hackers identifying themselves as part of the Anonymous collective have launched a cyber-attack targeting the official website of Sweden’s National Board of Health and Welfare. This offensive follows a police…

Read More

Swedish Authorities’ PRQ Raid Sparks Cyber Attack from Anonymous

On October 3, 2012, hackers identifying as members of the Anonymous network seized control of the official website for Sweden’s National Board of Health and Welfare. This development followed a police raid on PRQ, a Stockholm-based web hosting company, just days prior. A video allegedly created by Anonymous appeared on YouTube, warning Swedish authorities of potential consequences. The hacktivist group announced that a cyber attack on Sweden’s Riksbank was planned for Wednesday night, stating: “It has come to our attention that the Swedish government raided PRQ servers to shut down various file-sharing and torrent websites. This has gone too far. This is unacceptable. Anonymous says this stops right now. You don’t mess with The Internet… Today we hit their wallets hard.” The Riksbank is taking these threats seriously, acknowledging them as a public security concern and committing to maintaining the safety of their online presence.

TeamPCP Compromises Bitwarden CLI, Deploys Shai-Hulud Malware via Dependabot

On April 20, 2026, around 5:00 PM CET, the cybersecurity community was alerted to a significant compromise involving the widely utilized tool @bitwarden This open-source password manager, developed by Bitwarden, is instrumental for developers, allowing secure storage of sensitive information such as passwords and API keys within an encrypted vault…

Read MoreTeamPCP Compromises Bitwarden CLI, Deploys Shai-Hulud Malware via Dependabot

Urgent: Update Your Chrome Browser Immediately to Fix Recently Discovered Vulnerability

Google has released a critical update for the Chrome web browser across Windows, Mac, and Linux, addressing seven security issues, including one actively exploited flaw. Identified as CVE-2021-21224, this vulnerability arises from a type confusion problem in the V8 JavaScript engine, reported by security researcher Jose Martinez on April 5. Security expert Lei Cao explains that the bug occurs during integer type conversion, leading to an out-of-bounds condition that could allow arbitrary memory read/write access. “Google is aware of reports indicating that exploits for CVE-2021-21224 are in the wild,” stated Chrome’s Technical Program Manager, Srinivas Sista, in a recent blog post. This update follows the release of proof-of-concept code by a researcher named “frust” on April 14, highlighting the urgency of addressing this issue.

Urgent Update: Chrome Browser Patch Addresses Active Exploit On April 20, 2021, Google released a critical update for its Chrome web browser, applicable to Windows, Mac, and Linux systems, which addresses seven security vulnerabilities, including one that has been actively exploited in the wild. This particular flaw, identified as CVE-2021-21224,…

Read More

Urgent: Update Your Chrome Browser Immediately to Fix Recently Discovered Vulnerability

Google has released a critical update for the Chrome web browser across Windows, Mac, and Linux, addressing seven security issues, including one actively exploited flaw. Identified as CVE-2021-21224, this vulnerability arises from a type confusion problem in the V8 JavaScript engine, reported by security researcher Jose Martinez on April 5. Security expert Lei Cao explains that the bug occurs during integer type conversion, leading to an out-of-bounds condition that could allow arbitrary memory read/write access. “Google is aware of reports indicating that exploits for CVE-2021-21224 are in the wild,” stated Chrome’s Technical Program Manager, Srinivas Sista, in a recent blog post. This update follows the release of proof-of-concept code by a researcher named “frust” on April 14, highlighting the urgency of addressing this issue.

Anonymous Threatens Estonian Government with Impending Cyber Attack

Oct 10, 2012

On October 8, the hacker collective Anonymous, through its AnonSwedenOp account, released a video on YouTube warning the Estonian government of a potential cyber attack. The video accused the government of neglecting its citizens, claiming, “The Estonian government sacrificed its own people rather than providing support. Instead of helping its own, it has funneled money to Greece, which is in a better financial position.” They highlighted the irony of Estonia’s financial struggles while simultaneously donating €357 million to Greece.

The group’s video indicated that the attack, dubbed Operation #OpEstonia, is likely scheduled for Friday, October 12. It concluded with a message of solidarity towards the Estonian people: “This must end. Estonian people, we haven’t forgotten you.”

Recently, Anonymous also targeted the website of the Swedish central bank, raising concerns about the potential scale and intensity of the forthcoming attack.

Stay updated—subscribe to our daily newsletter for the latest developments.

Anonymous Threatens Estonian Government with Cyber Attack On October 8, the hacker collective Anonymous, through its AnonSwedenOp channel, released a video on YouTube, issuing a warning to the Estonian government about a potential cyber attack. The video criticizes the government’s priorities, claiming that it has failed to adequately support its…

Read More

Anonymous Threatens Estonian Government with Impending Cyber Attack

Oct 10, 2012

On October 8, the hacker collective Anonymous, through its AnonSwedenOp account, released a video on YouTube warning the Estonian government of a potential cyber attack. The video accused the government of neglecting its citizens, claiming, “The Estonian government sacrificed its own people rather than providing support. Instead of helping its own, it has funneled money to Greece, which is in a better financial position.” They highlighted the irony of Estonia’s financial struggles while simultaneously donating €357 million to Greece.

The group’s video indicated that the attack, dubbed Operation #OpEstonia, is likely scheduled for Friday, October 12. It concluded with a message of solidarity towards the Estonian people: “This must end. Estonian people, we haven’t forgotten you.”

Recently, Anonymous also targeted the website of the Swedish central bank, raising concerns about the potential scale and intensity of the forthcoming attack.

Stay updated—subscribe to our daily newsletter for the latest developments.