Latest News


Gread read: A look at IBM S/360 core memory

The IBM System/360 was a groundbreaking family of mainframe computers announced introduced in 1964, and much of the success of System/360 was due to core memory technology. The S/360 was an extremely risky "bet-the-company" project that cost IBM over $5 billion. The project was nearly derailed as the operating system OS/360 grew out of control: it was originally targeted for 16 KB systems, but grew to require 32 KB and then 64 KB. Fortunately, IBM was able to build larger core memories at a price that customers could still afford, so the operating system was usable. The System/360 project ended up being a huge success and ensured IBM's dominance of the computer industry for the next two decades.

Breach at IT Outsourcing Giant Wipro

Indian information technology (IT) outsourcing and consulting giant Wipro Ltd. is investigating reports that its own IT systems have been hacked and are being used to launch attacks against some of the company’s customers, multiple sources tell KrebsOnSecurity. Wipro has refused to respond to questions about the alleged incident.

Earlier this month, KrebsOnSecurity heard independently from two trusted sources that Wipro — India’s third-largest IT outsourcing company — was dealing with a multi-month intrusion from an assumed state-sponsored attacker.

Nearly one billion Chrome users vulnerable to exploit patched in later versions

Exodus Intelligence security researcher István Kurucsai discovered and published a proof-of-concept of a vulnerability found in Google Chrome.

Although the security flaw has been patched in Chrome’s version 8 JavaScript engine, a fix hasn’t been developed for Chrome version 73 leaving at least an estimated billion users at risk. Kurucsai pointed out that this situation isn’t unique to Google, but said in his blog post it’s important that users dig deep into a patch to know if it applies to an exploitable security vulnerability.

Skilled adversaries could use the gap between the zero day’s announcement and the release of the patch to launch a more effective attack, said Craig Young, computer security researcher for Tripwire’s VERT (Vulnerability and Exposure Research Team) told SC Media.

Massive SIM swap fraud leaves traditional 2FA users at risk

As two-factor authentication becomes more popular, threat actors have proven once again how this security feature can be exploited if not implemented properly.

Kaspersky researchers uncovered large-scale SIM swap fraud operations targeting users in both the Portugese-speaking nations of Brazil and Mozambique were able to use social engineering, bribery, and simple phishing attacks to ultimately steal money from victims.

CryptoPokemon ransomware decryptor developed

A new ransomware dubbed CryptoPokemon encrypts user files and demands approximately $104 worth of Bitcoin to decrypt the files.

CryptoPokemon encrypts files using SHA256 + AES128 and comes with a note containing an email address and website to contact the threat actors who describe themselves as “valiant support [who] will help you solve this problem.”

Emsisoft researchers are urging victims to not pay the ransom after they were able to find bugs in the malware’s source code which allowed them to create a free decryptor shared in their April 11 blog post.