SecurityLab, [24.12.19 10: 05]
An attempt by Chinese farmers to fight drones infecting pigs with African plague has disabled the navigation systems of some aircraft.

According to the South China Morning Post, an unauthorized GPS signal jamming device was installed on a farm in the northeast region of China last month to combat drones.

Fighting with criminals, Chinese farmers incapacitated by the aircraft navigation (

SecurityLab, [24.12.19 11: 05]
A team of specialists from the Tencent Blade group discovered five vulnerabilities in the SQLite database, called Magellan 2.0. Their operation allows hackers to remotely launch malicious code or cause programs to crash. Problems affect all applications that use the SQLite database, but the most dangerous is the Google Chrome browser that uses the WebSQL API function.
Magellan 2.0 vulnerabilities pose a threat to Chrome users (

SecurityLab, [24.12.19 13: 20]
An international team of scientists from the University of St Andrews (Scotland), king Abdullah University of Science and technology (Saudi Arabia) and the Center for non-traditional scientific processes (USA) has developed a cryptographic system that can not be hacked even with the help of quantum computers.
Scientists have developed an “impenetrable” cryptographic system (

SecurityLab, [24.12.19 14:35]
Operators of a new peer-to-peer botnet (P2P) called Mozi actively checked Netgear, D-Link and Huawei routers for unreliable Telnet passwords during a recent malicious campaign.

New Mozi botnet infects Netgear, D-Link and Huawei routers (

SecurityLab, [24.12.19 14: 35]

The Ministry of digital development, communications and mass communications of the Russian Federation told about the results of the first exercises that took place several days in Moscow, Vladimir, Rostov and several other regions within the framework of the law on the sovereign Runet.

The results of the first exercises in the framework of the law on the sovereign Runet are presented (

SecurityLab, [24.12.19 15:25]

A government contractor providing cybersecurity support for the us military is facing jail for illegally storing large amounts of classified information.

As reported by the Daily Beast, William Kinsel (William Kinsel) daily brought home on a personal “flash drive” secret documents. According to the accused, he did not pursue any malicious intent, it was just more convenient for him to work at home.
A us government contractor brought secret documents home on a flash drive (

SecurityLab, [25.12.19 08: 00]

NVIDIA has released a fix for a vulnerability in the NVIDIA GeForce Experience (GFE) application for Windows that allows a local attacker to cause a denial of service or increase their privileges on a system with vulnerable SOFTWARE.

NVIDIA GFE is a companion application for GeForce GTX video cards designed to update drivers and automatically optimize game settings.

Vulnerability in NVIDIA GFE allows you to cause a denial of service (

SecurityLab, [25.12.19 08: 15]

A major American radio network, Entercom, was subjected to a cyber attack that could affect the functions of the back office.

As a result of the attack, some stations were forced to run recorded programs.

Major American radio network Entercom attacked for the second time in a year (

SecurityLab, [25.12.19 08: 40]

On Wednesday, December 25, the services of the Koltsovo airport in Yekaterinburg failed.

According to the portal Е1.ги in the morning, check-in desks and information boards were not working at the airport, and Parking barriers were lifted manually.

At the airport “Koltsovo” out of order computer system (

SecurityLab, [25.12.19 09: 35]

In the Tyumen region, a criminal group led by the organizer was detained, engaged in phone fraud on the territory of the Sakhalin region.

The police detained phone fraudsters operating in the Sakhalin region (

SecurityLab, [25.12.19 09: 50]: Twitter: Say Goodbye to Privacy X-D

Security researcher Ibrahim Balic discovered a vulnerability in the Twitter app for Android, the exploitation of which allowed him to match 17 million phone numbers with Twitter accounts.

The bug allowed us to match 17 million phone numbers with Twitter accounts (

comment: Keept it simple: Simple solution: one can use simply firefox app to use the web based version of Twitter.

in general: software minimalism is key: install only the apps that one absolutely needs.

SecurityLab, [25.12.19 11: 00]

From July 2020, the rules on pre-installation of domestic software on electronic devices will come into force.

As noted by electronics manufacturers, this may cause problems in the stable operation of these devices.

Manufacturers do not want to be responsible for the stability of devices with domestic SOFTWARE (

SecurityLab, [25.12.19 13: 40]

A few weeks ago, SecurityLab wrote about a ransomware attack on the city of Pensacola (USA), as a result of which the authorities were forced to disable most computer systems.

Because of the attack, phone lines were disconnected in some city offices, and e-mail and other services of the city administration were also not working.

As previously assumed, the cyberattack was carried out using extortionate software Maze.

The Maze operators continue to publish the stolen data (

SecurityLab, [25.12.19 14: 20]

On Tuesday, December 24, Maastrich University (the Netherlands) was the victim of a cyber attack.

It is not specified what kind of cyber attack was carried out on the University, but according to the administration, it was “serious”.

One of the world’s leading universities has been subjected to a cyber attack (

SecurityLab, [25.12.19 15:10]

A former employee of the IT Department of a new York hospital, Richard Liriano, pleaded guilty to hacking into the medical facility’s computer systems and employee email accounts, as well as stealing personal files and photos.

A former employee of the new York hospital confessed to stealing data colleagues (

SecurityLab, [25.12.19 15: 30]

Unknown cybercriminals “robbed” accounts belonging to the developers of the nuls cryptocurrency, stealing 2 million tokens (about $480 thousand).

More than half a million of them have already been put on the market, so it is impossible to track them.

Cybercriminals stole $480 thousand from the developers of the nuls cryptocurrency (

SecurityLab, [26.12.19 08: 20]

In Thailand, law enforcement agencies are investigating the recent hacking of a video surveillance system in a prison in the South of the country.

According to the New York Times, the attackers gained unauthorized access to the cameras and for several hours broadcast videos from them on the YouTube channel Bigbrother’s Gaze.

Hackers broke into security cameras in the prison and broadcast videos on YouTube (

SecurityLab, [26.12.19 08: 45]

Interactive service for the automated analysis of Any malware.

Run has compiled a list of the 10 most common threats uploaded to this platform.

At the top of the list is The emotet banking Trojan.

Emotet topped the top 10 malware of 2019 (

why “smart” devices are somtimes a stupid idea/worse than “simple” mechanical devices:

SecurityLab, [26.12.19 08:55]

If you allow the program to drive a vehicle, the ride may actually become safer, but not when the program crashes.

For example, due to a bug in the smart brake system, Mazda3 cars can, for no reason, urgently slow down at the most inappropriate time.

Mazda3 smart brakes “see” non-existent obstacles in the way (

SecurityLab, [26.12.19 09: 45]

24-year-old native of Nikolaevsk-on-Amur stole about 90 thousand rubles from the accounts of 25 people.

As reports a press-service UMVD of Russia across Khabarovsk territory, the attacker took advantage of the peculiarities of the system of money transfer through ATMs (to date, banks have already closed this “loophole”).

A resident of the Khabarovsk territory stole 90 thousand rubles from other people’s Bank accounts (

SecurityLab, [26.12.19 10: 05]

Fourteen canadian banks, including CIBC, TD Canada Trust, Scotiabank and the Royal Bank of Canada (RBC), were the victims of a large-scale phishing campaign that lasted for two years.

Canadian banks have been the victims of a major phishing campaign (

SecurityLab, [26.12.19 11:25]

The Pentagon issued a memo advising military personnel not to take DNA tests at home.

As reported by the US defense Department, commercial DNA tests are largely unregulated, can disclose personal and genetic information and allow criminals to use this information to carry out espionage or expose American national security officials.

The Pentagon has advised the military to avoid commercial DNA tests (

SecurityLab, [26.12.19 13: 40]

Basmanny court of Moscow found guilty three cybercriminals in the case of hacking into the computer systems of Russian Railways and S7.

According to the Moscow interregional transport Prosecutor’s office, hackers using malware for the period from 2013 to 2014 issued more than 5 thousand receipts for the amount of 17 million rubles.

Cybercriminals will get 10 to 13 years in prison for hacking into Russian Railways and S7 systems (

SecurityLab, [26.12.19 14: 50]