Qnap Recommends Disabling AFP Due to Critical Vulnerability

Qnap developers report they are working on updating of their QTS and QuTS operating systems, as Netatalk released patches last month that address seven vulnerabilities in their software at once, of which one vulnerability is critical. asks users to temporarily disable the AFP protocol on their NAS until critical bugs are fixed. By the way, we wrote that Qnap warns that Dirty Pipe vulnerability affects most of the company’s NAS, and that Attackers use a three-year-old RCE bug to install backdoors in Qnap NAS. Netatalk is an open source implementation of AFP (Apple Filing Protocol) that allows...

US State Department Announces $10 Million Reward for Information on Sandworm Hackers

The US government has announced a reward of up to $10 million for information that will identify or locate the hackers of the Sandworm APT group, linked by Western experts to Russian intelligence agencies. Tuesday, April 26, the State Department announced a reward for information about six alleged officers of the Main Directorate of the General Staff of the Russian Armed Forces accused of carrying out cyber attacks on critical US infrastructure. In 2020, the US Department of Justice filed charges against them for being part of the elite government hacking arm of Sandworm (other names are...

Bugs in ALAC audio codec threaten millions of Android devices

Check Point researchers have discovered that many Android devices running on Qualcomm and MediaTek chipsets are vulnerable to remote code execution due to a bugs in the Apple Lossless Audio Codec (ALAC) audio codec. Lossless Audio Codec (ALAC) was introduced by Apple in 2004, and in 2011 the company open-sourced it. After that, many other device manufacturers (besides Apple) began to use ALAC in their products. Interestingly, all these years, Apple continued to improve the proprietary version of its codec, but the open-source version has not been updated even in all 11 years. Let me remind...

In 4 months, the Black Cat group hacked 60 organizations around the world

Between November 2021 and March 2022, the Black Cat ransomware group (aka ALPHV) compromised the networks of at least 60 organizations around the world. was announced in a joint notice issued by the FBI cyber unit and the Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday, April 20. According to Forbes, the notice is part of a series of similar reports on tactics, techniques and procedures, as well as indicators of compromise (IOC) ransomware identified by the FBI during investigations. So, since the beginning of the year, the FBI has issued notices regarding such cyber...

Three UEFI Firmware Vulnerabilities Affect Millions of Lenovo Users

Lenovo has published a security bulletin and warned of three vulnerabilities that affect its UEFI, which is used on at least 100 laptop models of the company. made it possible to inject malware into the firmware and execute arbitrary code. In addition, such threats are almost impossible to detect and remove. By the way, we already wrote that Bugs in Lenovo laptops allow getting administrator privileges – check your Lenovo firmware versions. All three new vulnerabilities were discovered by ESET researchers back in October last year, and they have now been fixed. In total, the bugs affect...

Video conferencing applications overhear users even after pressing the Mute button

Researchers have proven that popular video conferencing applications, including those used in corporate environments, continue to actively request the microphone, even after pressing the Mute button. study of the problem was published by a group of experts from the University of Wisconsin-Madison and Loyola University of Chicago. By the way, we also have articles about interesting research on cybersecurity, for example, we wrote that Researcher shows how to extract text from pixelated images. In fact, the mute buttons provided in the applications themselves may not deactivate the microphone...

7-Zip Vulnerability Potentially Gives Hackers Admin Privileges

7-Zip, a free open source file archiver has been diagnosed with a flagrant vulnerability (CVE-2022-29072). It has been revealed that dragging a specially-tailored file into the application’s Help>Contents menu area potentially allows execution of any commands with system privileges. The vulnerability exists on Windows platforms and it originates from incorrect settings of 7z.dll library combined with clipboard overload. After receiving the notification 7-Zip developers did not admit their responsibility for the vulnerability. They insisted that the effect occurred because of the hh.exe...

New Underground Industrial Spy Marketplace Trading in Data Discovered

Hackers have launched a new Industrial Spy marketplace on the darknet, where they trade data stolen from hacked companies and distribute dumps for free. the same time, Industrial Spy positions itself as a marketplace where companies can acquire the data of their competitors in order to gain access to trade secrets, production drawings, accounting reports and customer databases. It is possible that cybercrime has a shortage of reliable trading platforms after the liquidation of the Hydra market. It is noted that many companies whose data is traded by attackers have suffered from ransomware...