Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 22

Jun 16, 2022

What is the Hertzbleed computer chip hack and should you be worried?

Posted by in categories: cybercrime/malcode, encryption, information science

A new hack called Hertzbleed can read snippets of data from computer chips remotely and could leave cryptography algorithms vulnerable to attack.

Jun 15, 2022

New peer-to-peer botnet infects Linux servers with cryptominers

Posted by in categories: cryptocurrencies, cybercrime/malcode, education

A new peer-to-peer botnet named Panchan appeared in the wild around March 2022, targeting Linux servers in the education sector to mine cryptocurrency.

Panchan is empowered with SSH worm functions like dictionary attacks and SSH key abuse to perform rapid lateral movement to available machines in the compromised network.

At the same time, it has powerful detection avoidance capabilities, such as using memory-mapped miners and dynamically detecting process monitoring to stop the mining module immediately.

Continue reading “New peer-to-peer botnet infects Linux servers with cryptominers” »

Jun 14, 2022

Android malware on the Google Play Store gets 2 million downloads

Posted by in categories: cybercrime/malcode, mobile phones

Cybersecurity researchers have discovered adware and information-stealing malware on the Google Play Store last month, with at least five still available and having amassed over two million downloads.

Adware infections displaying unwanted advertisements that can be particularly intrusive, degrade the user experience, deplete the battery, generate heat, and even cause unauthorized charges.

This software generally tries to hide by masquerading as something else on the host device and makes money for remote operators by forcing the victim to perform views or clicks on affiliated advertisements.

Continue reading “Android malware on the Google Play Store gets 2 million downloads” »

Jun 14, 2022

Cloudflare mitigates record-breaking HTTPS DDoS attack

Posted by in categories: cybercrime/malcode, internet

Internet infrastructure firm Cloudflare said today that it mitigated a 26 million request per second distributed denial-of-service (DDoS) attack, the largest HTTPS DDoS attack detected to date.

The record-breaking attack occurred last week and targeted one of Cloudflare’s customers using the Free plan.

The threat actor behind it likely used hijacked servers and virtual machines seeing that the attack originated from Cloud Service Providers instead of weaker Internet of Things (IoT) devices from compromised Residential Internet Service Providers.

Continue reading “Cloudflare mitigates record-breaking HTTPS DDoS attack” »

Jun 14, 2022

Microsoft: Exchange servers hacked to deploy BlackCat ransomware

Posted by in category: cybercrime/malcode

Microsoft says BlackCat ransomware affiliates are now attacking Microsoft Exchange servers using exploits targeting unpatched vulnerabilities.

In at least one incident that Microsoft’s security experts observed, the attackers slowly moved through the victim’s network, stealing credentials and exfiltrating information to be used for double extortion.

Two weeks after the initial compromise using an unpatched Exchange server as an entry vector, the threat actor deployed BlackCat ransomware payloads across the network via PsExec.

Continue reading “Microsoft: Exchange servers hacked to deploy BlackCat ransomware” »

Jun 12, 2022

Conti’s Attack Against Costa Rica Sparks a New Ransomware Era

Posted by in category: cybercrime/malcode

A pair of ransomware attacks crippled parts of the country—and rewrote the rules of cybercrime.

Jun 12, 2022

Chinese hackers breach ‘major’ telecoms firms, US says

Posted by in categories: cybercrime/malcode, government, internet

Chinese government-backed hackers have breached “major telecommunications companies,” among a range of targets worldwide, by exploiting known software flaws in routers and other popular network networking gear, US security agencies warned Tuesday.

“[T]hese devices are often overlooked by cyber defenders, who struggle to maintain and keep pace with routine software patching of Internet-facing services and endpoint devices,” says the advisory from the FBI, the National Security Agency and US Cybersecurity and Infrastructure Security Agency.

The agencies’ statement did not identify the victims of the hacking; the advisory was aimed at defensive measures to help organizations running the devices made by Cisco, Fortinet and other vendors, shore up their networks.

Jun 10, 2022

Researchers Disclose Critical Flaws in Industrial Access Control System from Carrier

Posted by in categories: cybercrime/malcode, finance

Researchers have taken the wraps off “Symbiote,” what they call a “nearly-impossible-to-detect” Linux malware that’s targeting the financial sector.

Jun 10, 2022

Symbiote: A Stealthy Linux Malware Targeting Latin American Financial Sector

Posted by in categories: cybercrime/malcode, finance, mobile phones

Cybersecurity researchers have taken the wraps off what they call a “nearly-impossible-to-detect” Linux malware that could be weaponized to backdoor infected systems.

Dubbed Symbiote by threat intelligence firms BlackBerry and Intezer, the stealthy malware is so named for its ability to conceal itself within running processes and network traffic and drain a victim’s resources like a parasite.

The operators behind Symbiote are believed to have commenced development on the malware in November 2021, with the threat actor predominantly using it to target the financial sector in Latin America, including banks like Banco do Brasil and Caixa, based on the domain names used.

Jun 9, 2022

Ethereum Moves Closer to Blockchain Revamp After Milestone Test

Posted by in categories: blockchains, cryptocurrencies, cybercrime/malcode

Ethereum, the world’s most used cryptocurrency blockchain network, passed a milestone test ahead of a highly anticipated technical upgrade without any major glitches.

Developers ran the latest software for the upgrade known as the Merge on Ropsten, which is one of the oldest so-called testnets of the network. The testnets are used by developers to find potential bugs and glitches before moving their applications to the blockchain. While the Merge has been carried out on other testnets earlier this year, Ropsten was seen as providing the most realistic technical environment and the best estimate for the outcome of the final process.

Page 22 of 156First1920212223242526Last