Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 73

Oct 8, 2022

The world’s biggest crypto exchange Binance lost $100 million in hack

Posted by in categories: cryptocurrencies, cybercrime/malcode

The hackers have not yet been identified.

Binance, the world’s largest cryptocurrency exchange, was hacked, and around $100 million of Binance Coins (BNB) were stolen, the CEO of Binance, Changpeng “CZ” Zhao, tweeted Friday morning.


The CEO of Binance, Changpeng “CZ” Zhao, took to Twitter on Friday morning to announce that his platform had been hacked and that $100 million in Binance Coins had been stolen. The hackers have yet to be identified.

Oct 8, 2022

Team demonstrates that basic mechanism for internet security can be broken

Posted by in categories: cybercrime/malcode, government, internet

The National research center for Cybersecurity ATHENE has found a way to break one of the basic mechanisms used to secure internet traffic. The mechanism, called RPKI, is actually designed to prevent cybercriminals or government attackers from diverting traffic on the internet.

Such redirections are surprisingly common on the internet, for example, for espionage or through misconfigurations. The ATHENE scientist team of Prof. Dr. Haya Shulman showed that attackers can completely bypass the security mechanism without the affected network operators being able to detect this. According to analyses by the ATHENE team, popular implementations of RPKI worldwide were vulnerable by early 2021.

The team informed the manufacturers, and now presented the findings to the international expert public.

Oct 7, 2022

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

Posted by in category: cybercrime/malcode

As part of another BYOVD attack, BlackByte ransomware exploits a flaw in a legitimate Windows driver to bypass security software.

Oct 7, 2022

Malware Apps May Have Stolen The Passwords Of 1 Million Facebook Users, Meta Says

Posted by in category: cybercrime/malcode

Rudimentary malware hidden inside fake photo editors, VPNs and even horoscope and flashlight apps has affected a large number of Facebook users, says a new report released by Meta.

Oct 5, 2022

Experts Warn of New RatMilad Android Spyware Targeting Enterprise Devices

Posted by in categories: cybercrime/malcode, robotics/AI

A new Android malware dubbed “RatMilad” has been observed targeting Middle Eastern enterprise mobile devices by posing as VPNs and spoofing apps.

Oct 5, 2022

Avast releases free decryptor for Hades ransomware variants

Posted by in categories: cybercrime/malcode, encryption

Avast has released a decryptor for variants of the Hades ransomware known as ‘MafiaWare666’, ‘Jcrypt’, ‘RIP Lmao’, and ‘BrutusptCrypt,’ allowing victims to recover their files for free.

The security company says it discovered a flaw in the encryption scheme of the Hades strain, allowing some of the variants to be unlocked. However, this may not apply to newer or unknown samples that use a different encryption system.

Utilizing Avast’s tool, victims of the supported ransomware variants can decrypt and access their files again without paying a ransom to the attackers, which ranges between $50 and $300. However, ransom demands reached tens of thousands in some cases.

Oct 5, 2022

Hundreds of Microsoft SQL servers backdoored with new malware

Posted by in category: cybercrime/malcode

Security researchers have found a new piece of malware targeting Microsoft SQL servers. Named Maggie, the backdoor has already infected hundreds of machines all over the world.

Maggie is controlled through SQL queries that instruct it to run commands and interact with files. Its capabilities extend to brute-forcing administrator logins to other Microsoft SQL servers and doubling as a bridge head into the server’s network environment.

The backdoor was discovered by German analysts Johann Aydinbas and Axel Wauer of the DCSO CyTec. Telemetry data shows that Maggie is more prevalent in South Korea, India, Vietnam, China, Russia, Thailand, Germany, and the United States.

Oct 5, 2022

As ransomware attacks increase, new algorithm may help prevent power blackouts

Posted by in categories: cybercrime/malcode, energy, information science

Millions of people could suddenly lose electricity if a ransomware attack just slightly tweaked energy flow onto the U.S. power grid.

No single power utility company has enough resources to protect the entire grid, but maybe all 3,000 of the grid’s utilities could fill in the most crucial gaps if there were a map showing where to prioritize their security investments.

Purdue University researchers have developed an to create that map. Using this tool, regulatory authorities or cyber insurance companies could establish a framework that guides the security investments of power utility companies to parts of the grid at greatest risk of causing a blackout if hacked.

Oct 4, 2022

Popular YouTube Channel Caught Distributing Malicious Tor Browser Installer

Posted by in category: cybercrime/malcode

A popular Chinese-language YouTube channel has emerged as a means to distribute a trojanized version of a Windows installer for the Tor Browser.

Kaspersky dubbed the campaign OnionPoison, with all of the victims located in China. The scale of the attack remains unclear, but the Russian cybersecurity company said it detected victims appearing in its telemetry in March 2022.

The malicious version of the Tor Browser installer is being distributed via a link present in the description of a video that was uploaded to YouTube on January 9, 2022. It has been viewed over 64,500 times to date.

Oct 4, 2022

Researchers Report Supply Chain Vulnerability in Packagist PHP Repository

Posted by in category: cybercrime/malcode

Researchers have disclosed details about a now-patched high-severity security flaw in Packagist, a PHP software package repository, that could have been exploited to mount software supply chain attacks.

“This vulnerability allows gaining control of Packagist,” SonarSource researcher Thomas Chauchefoin said in a report shared with The Hacker News. Packagist is used by the PHP package manager Composer to determine and download software dependencies that are included by developers in their projects.

Continue reading “Researchers Report Supply Chain Vulnerability in Packagist PHP Repository” »

Page 73 of 223First7071727374757677Last