Google Chrome Adds Protection for NSA’s Windows CryptoAPI Flaw

Google just released Chrome 79.0.3945.130 update, which will now detect certificates that attempt to exploit the NSA discovered CVE-2020-0601 CryptoAPI Windows vulnerability. As part of Microsoft’s January 2020 Patch Tuesday, security updates were released for a vulnerability discovered by the NSA in the Windows CryptoAPI library Crypt32.dll. This vulnerability allows attackers to create TLS and code-signing certificates…

Sodinokibi Ransomware Publishes Stolen Data for the First Time

For the first time, the operators behind the Sodinokibi Ransomware released files that had been stolen from one of their victims because ransom was not paid in time. Since last month, Sodinokibi members, better known as REvil, have publicly stated that they would continue to follow Maze’s example and publish data stolen from victims if they did not pay a ransom. Although threats have been made against Travelex and CDH Investments, they have not been carried out with them. All this changed today when Sodinokibi’s public representative said they were beginning to “keep promises” as they posted links to approximately 337 MB of allegedly…