News

Hackers exploited D-Link routers to steal personal data

Attackers used D-Link routers to steal bank credentials from fake malicious websites of several Brazilian banks.

A variant of WannaCry ransomware affected Taiwan Semiconductor Manufacturing Company

TSMC – one of the world’s largest makers of semiconductors and processors, which cooperates with AMD, Apple, Nvidia and Qualcomm was forced to suspend production processes due to the attack of WannaCry.

Announcing Windows Server 2019 and SDK Preview Build 17723

Microsoft released new preview builds of Windows Server 2019 and SDK which include a few new features.

Microsoft certification exam

Another achievement of our team member – 70-411 Exam: Administering Windows Server 2012 has been successfully completed by our specialist.

Microsoft released Windows Server 2019 and SDK Preview Build 17713

Build 17713 is now available, and it comes alongside of a new SDK Preview build of the same number.

Microsoft announced new options for SQL Server 2008 and Windows Server 2008 end of support

Microsoft offers a new way to extend support: migrate to Azure, get free Extended Security Updates.

DomainFactory customer data was compromised

German hosting provider DomainFactory, owned by GoDaddy, confirmed the data breach. Customers are recommended to change their passwords immediately.

Microsoft announced Known Folder Move (KFM) for OneDrive

KFM makes it easier to move content from the Desktop, Documents, and Pictures folders to OneDrive.

Microsoft releases Windows Server 2019 Insider Preview Builds 17692

The company officially announced release of Windows Server 2019 Insider Preview build 17692, which includes several new features for testing.

Microsoft provides protections from vulnerability Spectre Variant 4

As part of the planned June 2018 Patch Tuesday Microsoft added protections from an additional subclass of speculative execution side channel vulnerability known as Speculative Store Bypass (CVE-2018-3639).

Windows Hello will support FIDO2 Security Keys

Microsoft announced that unites Windows Hello and FIDO2 security keys to enable easy and secure authentication on shared devices.

Microsoft stopped supporting some versions of Windows 10

Windows 10 version 1607 users will no longer receive new cumulative updates, and additional servicing for version 1511 also ends.

Critical vulnerability in Microsoft Malware Protection Engine

Microsoft has released a security update for Malware Protection Engine, including a patch for the remote code execution vulnerability

Two critical vulnerabilities were patched: update Samba servers immediately

Two critical vulnerabilities that could allow unprivileged remote attackers to launch DoS attacks against servers and change any other users’ passwords, including admin’s, were detected and addressed by maintainers of Samba.

Windows Server 2016 Certification

Another achievement of our team member – MCSA 70-743 Exam: Upgrading Your Skills to Windows Server 2016 has been successfully completed by our specialist.

Microsoft Windows Server 2016 certification program has been passed by our specialist

MCSA: Windows Server 2016 (70-743) has been successfully completed by one more specialist.

New security flaw in Windows 10

Google Project Zero discovered a new security issue that was tested on Windows 10 Version 1709.

Cisco released a second fix for a critical vulnerability in its ASA

Cisco engineers found other attack vectors and features that are affected by CVE-2018-0101 vulnerability that were not originally identified by the NCC Group and subsequently updated the security advisory.

Microsoft announces new OneDrive for Business feature: Files Restore

New feature allows business customers to restore accidentally deleted or compromised files, as well as view the history of file changes in their OneDrive.

ISC has released security updates for BIND

Vulnerability CVE-2017-3145 affects all versions of BIND since 9.9.0, released in 2000, and can lead to denial-of-service and crash.

Fake Spectre and Meltdown patch spreads Smoke Loader malware

Cyber-criminals used the fake website of the German Federal Office for Information Security (BSI) to distribute Smoke Loader malware disguised as security patches for Meltdown and Specter.

No more Windows security updates for devices with incompatible antiviruses

Microsoft has added important note on the support page describing incompatibilities between antivirus (AV) products and the recent Windows Meltdown and Spectre patches.

Performance impact of Spectre and Meltdown patching on Windows Systems

Windows 7 and Windows 8 users running older processors will be most affected by performance issues.

VMware released patches for three critical vulnerabilities

Vulnerabilities affected vSphere Data Protection (VDP) and allowed authentication bypass, arbitrary file upload and path traversal.

HP silently installs telemetry client on its customers’ PC

HP installs a telemetry program on the users’ devices without informing or asking their permission.

Google will block third-party software from injecting code into Chrome

Google says that changes will take place in three main phases over the 14 months from April 2018.

Skype will discontinue the option to sign in via Facebook

Microsoft announced that it plans to disable the use of Facebook accounts to sign in to Skype in January 2018.

Intel identified several security vulnerabilities in Management Engine, Server Platform Services and Trusted Execution Engine

In response to issues identified by external researchers, Intel performed a security review of Management Engine (ME), Server Platform Services (SPS) and Trusted Execution Engine (TXE) and identified several security vulnerabilities.

Microsoft will end support for Word, PowerPoint and Excel Viewers soon

Microsoft has confirmed that it will discontinue support for Word, Excel and PowerPoint Document Viewers and wants the users to start using the Windows 10 apps.

Emotet banking malware spread through one of the McAfee services

The service is meant to protect against phishing attacks and malware from links in emails was used to spread the malicious Emotet.

Microsoft offers security advisory for DDE attacks mitigation

Microsoft has released an official guidance on securing its Office applications from attacks leveraging Dynamic Data Exchange protocol.

GhostWriter: enabling to launch MiTM attacks In Cloud Storage Services

Misconfigured Amazon S3 Buckets allowing man-in-the-middle attacks (MiTM).

Microsoft releases new Skype for desktop

Following the update of mobile messenger, Microsoft presents a new desktop version of Skype with customizable themes and expanded capabilities.

Bad Rabbit – new ransomware spreads via network

A number of Russian media and state institutions of Ukraine were attacked by the new ransomware Bad Rabbit.

New attack scheme on Office 365 corporate users

New attack dubbed “KnockKnock” because attackers “knock” on backdoor system accounts to infiltrate entire O365 environments.

Researchers found a new method to bypass protection against Rowhammer attack

Experts have discovered a new way to bypass the protection against Rowhammer attacks, aimed at DRAM-memory.

CCleaner malware targeted the world’s largest tech companies

Hackers who compromised the popular app CCleaner also tried to attack top technology companies: Cisco, HTC, Samsung, Sony, Intel, Epson, DLink, Oracle (Dyn), Microsoft, Google (Gmail), etc.

CCleaner was hacked to spread malware

CCleaner download server was compromised to distribute malware.

Privacy enhancements in Windows 10 Fall Creators Update

Microsoft simplifies privacy settings in Windows 10 Fall Creators Update and gives more control over app-level permissions.

Business Software Event 2017

This year we present our new product – work time & security monitoring system SkypeTime at the Business Software Event 2017.

European view on the control of employees in the workplace

In the case decade ago, the Romanian and European courts participated over the applicant Bogdan Barbulescu, fired for personal correspondence with his brother and bride in Yahoo Messenger. The applicant lost the dispute in the Romanian courts regarding his dismissal. Bogdan appealed to the European Court with complaints about interference to private life (article 8 of the European Convention).

New wave of TrickBot spreading

Forcepoint Security Labs registered activity Trickbot banking Trojan.

The CIA gets remote access to your PC via AngelFire

A team of hackers from the CIA using the project «Angelfire» can monitor the PC based on the operating system Windows XP, Windows 7 or Server 2008 R2.

Successful passing of the Microsoft certification exam

Our specialists continue to confirm their qualifications: we congratulate our colleague Daria on the successful passing of the 70-412 Configuring Advanced Windows Server 2012 Services exam.

Positive Technologies’ researchers detected a way that partially disables the functionality of Intel ME

During the study of internal architecture of Intel Management Engine (ME) 11, Positive Technologies experts discovered an undocumented mode that allows to partially disable the functionality of the technology.

Multi platform malware spreading via Facebook Messenger

New cross-platform malware comes to the victim’s account in the form of a message of his friend.

ACI Anywhere: CISCO announced plans to extend ACI into the public cloud domain

CISCO announced plans to integrate their ACI (Application Centric Infrastructure) with public cloud infrastructure from Amazon Web Services, Microsoft Azure and Google Cloud Platform.

Successful passing of the Microsoft certification exam

Our specialists continue to confirm their qualifications: we congratulate our colleague Oleg on the successful passing of the 70-345 Designing and Deploying Microsoft Exchange Server 2016 exam.

Successful passing of two Microsoft exams and earning MCSA certification

We congratulate our colleague Oleg on the successful passing of two Microsoft certification exams: 70-411 Administering Windows Server 2012 and 74-409 Server Virtualization with Windows Server Hyper-V and System Center and earning MCSA: Windows Server 2012 certification.

Windows 10 Creators Update fully available for all customers

Сompany announced the full availability of the update for all compatible devices running Windows 10 (via Windows Update).

Our specialist earned two Microsoft certificates

We are proud to congratulate our colleague Kirill on earning two Microsoft certificates: MCSE: Cloud Platform and Infrastructure and MCSA: Windows Server 2016.

Cyprus phone number with Office 365

In cooperation with local Cyprus telecommunication provider has been implemented and tested connection link of Cyprus PSTN with Microsoft Office 365 (Skype for Business).

Intel Clover Trail processors: some Windows 10 users aren’t able to upgrade to the latest version of the OS

Some processors, part of Intel’s Atom Clover Tail line, aren’t compatible with the Windows 10 Creators Update, so users can’t update the OS to the latest version.

PCs with Skype under serious threat: vulnerability CVE-2017-9948

A new security vulnerability has been discovered in Microsoft’s desktop version of Skype

Our specialists continue to successfully pass the Microsoft certification exams

We are proud to congratulate our colleagues – programmers Sergey and Ivan on the successful passing of Microsoft certification exams.

Chaos Computer Clubs breaks iris recognition system of the Samsung Galaxy S8

The iris recognition system of the new Samsung Galaxy S8 was successfully defeated

Our specialist successfully passed the Microsoft certification exam

We are proud to congratulate our colleague-system administrator Daria on successful passing of one more Microsoft certification exam.

Microsoft Edge vulnerable to cookie and password theft

The Microsoft Edge browser seems to have a severe password vulnerability.

WikiLeaks’ Vault 7: CIA Hacking Tools Revealed

WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency.

Microsoft cloud TITSUP: Skype, Outlook, Xbox, OneDrive, Hotmail down

The problems appear to have started on Tuesday, March 21, 2017 morning Pacific Time, although systems could have started to wobble earlier: basically, people were and still are unable to log into their Microsoft-hosted services.

Amazon cloud storage failure causes widespread disruption

Amazon.com Inc (AMZN.O) blamed human error for the disruption in its cloud services that resulted in widespread glitches for its clients from news sites to government services on Tuesday. An incorrect command led to the removal of a larger set of servers than intended, the company said in a blog post on Thursday.

Gmail will stop working in Chrome browser for Windows XP and Vista

Gmail online service will show a message warning about the termination of support for Chrome browser older versions. Due to significant changes relating to safety you have to download the 55-th Chrome update to continue using mail services.

Home Routers Under Attack via Malvertising on Windows, Android Devices

Nowadays, it is difficult to surprise someone by malicious advertising campaigns, but the experts of Proofpoint have discovered a new trend in this area. Now attackers are targeting not on the users ‘ browsers and in their routers.

Vulnerability Review 2016

New security vulnerability research realeased by Flexera. There were over 2,000 number of vulnerabilities across the top 20 software products, many of which you are using right now.

PDF + Google Chrome vulnerability

PDFium is a component of the Chrome web browser designed to display PDF documents. The vulnerability has been found in it, which allows to include dangerous code into a PDF file, and execute code by simply viewing a PDF.

The Linux kernel vulnerability

CVE-2016-0728 vulnerability has been found in the Linux kernel. When using it, a local user can attain root access permission. The issue has been there since 2012, and the worst part is that Android OS users are at the highest risk.

Trend Micro security issue

Tavis Ormandy from Google Project Zero found vulnerability in Trend Micro antivirus products for Windows. It allows any website to execute arbitrary commands on user’s PC. The reason of this issue is the component called Password Manager, as this product opens multiple HTTP RPC ports for handling API requests.