FreshRSS

🔒
❌ Secure Planet Training Courses Updated For 2019 - Click Here
There are new available articles, click to refresh the page.
☐ ☆ ✇ The Hacker News

Tornado Cash Founders Charged in Billion-Dollar Crypto Laundering Scandal

By: THN — August 24th 2023 at 07:38
The U.S. Justice Department (DoJ) on Wednesday unsealed an indictment against two founders of the now-sanctioned Tornado Cash cryptocurrency mixer service, charging them with laundering more than $1 billion in criminal proceeds. Both the individuals, Roman Storm and Roman Semenov, have been charged with conspiracy to commit money laundering, conspiracy to commit sanctions violations, and
☐ ☆ ✇ The Hacker News

North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns

By: THN — August 23rd 2023 at 12:43
The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as TraderTraitor, which is also known by the name Jade Sleet. An investigation undertaken by the FBI found
☐ ☆ ✇ The Hacker News

Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead

By: The Hacker News — August 23rd 2023 at 11:44
Developers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11, Permiso Security’s p0 Labs team identified and tracked an attacker developing and deploying eight (8) incremental iterations of their credential harvesting malware while continuing to develop infrastructure for an upcoming (spoiler: now launched) campaign
☐ ☆ ✇ The Hacker News

New LABRAT Campaign Exploits GitLab Flaw for Cryptojacking and Proxyjacking Activities

By: THN — August 17th 2023 at 14:26
A new, financially motivated operation dubbed LABRAT has been observed weaponizing a now-patched critical flaw in GitLab as part of a cryptojacking and proxyjacking campaign. "The attacker utilized undetected signature-based tools, sophisticated and stealthy cross-platform malware, command-and-control (C2) tools which bypassed firewalls, and kernel-based rootkits to hide their presence," Sysdig 
☐ ☆ ✇ The Hacker News

New Statc Stealer Malware Emerges: Your Sensitive Data at Risk

By: THN — August 10th 2023 at 14:08
A new information malware strain called Statc Stealer has been found infecting devices running Microsoft Windows to siphon sensitive personal and payment information. "Statc Stealer exhibits a broad range of stealing capabilities, making it a significant threat," Zscaler ThreatLabz researchers Shivam Sharma and Amandeep Kumar said in a technical report published this week. "It can steal
☐ ☆ ✇ The Hacker News

Malicious Campaigns Exploit Weak Kubernetes Clusters for Crypto Mining

By: THN — August 9th 2023 at 09:05
Exposed Kubernetes (K8s) clusters are being exploited by malicious actors to deploy cryptocurrency miners and other backdoors. Cloud security firm Aqua, in a report shared with The Hacker News, said a majority of the clusters belonged to small to medium-sized organizations, with a smaller subset tied to bigger companies, spanning financial, aerospace, automotive, industrial, and security sectors
☐ ☆ ✇ The Hacker News

NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack

By: THN — August 4th 2023 at 12:13
A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin. The development comes more than a year after Ilya Lichtenstein, 35, and his wife, Heather Morgan, 33, were arrested in February 2022, following the seizure of roughly 95,000 of the stolen
☐ ☆ ✇ The Hacker News

Malicious npm Packages Found Exfiltrating Sensitive Data from Developers

By: THN — August 4th 2023 at 10:33
Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information. Software supply chain firm Phylum, which first identified the "test" packages on July 31, 2023, said they "demonstrated increasing functionality and refinement," hours after which they were removed and re-uploaded under different
☐ ☆ ✇ The Hacker News

Hackers Target Apache Tomcat Servers for Mirai Botnet and Crypto Mining

By: THN — July 27th 2023 at 10:46
Misconfigured and poorly secured Apache Tomcat servers are being targeted as part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners. The findings come courtesy of Aqua, which detected more than 800 attacks against its Tomcat server honeypots over a two-year time period, with 96% of the attacks linked to the Mirai botnet. Of these attack attempts, 20% (or
☐ ☆ ✇ The Hacker News

Rust-based Realst Infostealer Targeting Apple macOS Users' Cryptocurrency Wallets

By: THN — July 26th 2023 at 07:08
A new malware family called Realst has become the latest to target Apple macOS systems, with a third of the samples already designed to infect macOS 14 Sonoma, the upcoming major release of the operating system. Written in the Rust programming language, the malware is distributed in the form of bogus blockchain games and is capable of "emptying crypto wallets and stealing stored password and
☐ ☆ ✇ The Hacker News

North Korean State-Sponsored Hackers Suspected in JumpCloud Supply Chain Attack

By: THN — July 20th 2023 at 13:30
An analysis of the indicators of compromise (IoCs) associated with the JumpCloud hack has uncovered evidence pointing to the involvement of North Korean state-sponsored groups, in a style that's reminiscent of the supply chain attack targeting 3CX. The findings come from SentinelOne, which mapped out the infrastructure pertaining to the intrusion to uncover underlying patterns. It's worth noting
☐ ☆ ✇ The Hacker News

Exploring the Dark Side: OSINT Tools and Techniques for Unmasking Dark Web Operations

By: The Hacker News — July 19th 2023 at 10:04
On April 5, 2023, the FBI and Dutch National Police announced the takedown of Genesis Market, one of the largest dark web marketplaces. The operation, dubbed "Operation Cookie Monster," resulted in the arrest of 119 people and the seizure of over $1M in cryptocurrency. You can read the FBI's warrant here for details specific to this case. In light of these events, I'd like to discuss how OSINT
☐ ☆ ✇ The Hacker News

TeamTNT's Silentbob Botnet Infecting 196 Hosts in Cloud Attack Campaign

By: THN — July 13th 2023 at 15:55
As many as 196 hosts have been infected as part of an aggressive cloud campaign mounted by the TeamTNT group called Silentbob. "The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and Nginx servers, Weave Scope, SSH, and Jupyter applications," Aqua security researchers Ofek Itach and Assaf Morag said in a
☐ ☆ ✇ The Hacker News

Ransomware Extortion Skyrockets in 2023, Reaching $449.1 Million and Counting

By: THN — July 12th 2023 at 13:09
Ransomware has emerged as the only cryptocurrency-based crime to grow in 2023, with cybercriminals extorting nearly $175.8 million more than they did a year ago, according to findings from Chainalysis. "Ransomware attackers are on pace for their second-biggest year ever, having extorted at least $449.1 million through June," the blockchain analytics firm said in a midyear crypto crime report
☐ ☆ ✇ The Hacker News

Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining

By: The Hacker News — July 12th 2023 at 07:39
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. "The attack consists of Python code that loads an XMRig Miner directly into memory using memfd, a known Linux fileless technique," security researchers Avigayil Mechtinger, Oren Ofer, and Itamar Gilad said. "This is the first publicly
❌