BleepingComputer has verified that the helpdesk portal of a router maker is currently sending MetaMask phishing emails in response to newly filed support tickets, in what appears to be a compromise.…
Tag: BLOCKCHAIN
On Substack, publications run by cybersecurity professionals and journalists with expertise in cybersecurity can help practitioners keep pace with developments in security operations and many other areas of cybersecurity.…
Summary: A new malware distribution campaign is using fake Google Chrome, Word, and OneDrive errors to deceive users into running malicious PowerShell “fixes” that install malware.
Threat Actor: ClearFake, ClickFix, …
Key findings
Proofpoint researchers identified an increasingly popular technique leveraging unique social engineering to run PowerShell and install malware. Researchers observed TA571 and the ClearFake activity cluster use this technique. …
Summary: This article discusses the phishing activity targeting Brazil, with a focus on the involvement of threat actors linked to North Korea.
Threat Actor: Threat actors linked to North Korea …
Summary: UwU Lend, a decentralized finance (DeFi) protocol, has been targeted by a hacker who stole nearly $20 million worth of ETH. The company has made an offer to the …
This staggering amount underscores the imminent need for cyber security to be treated as a global priority. Moreover, with the explosion …
Imagine being a developer who’s building the next-gen crypto app by using popular open source components to speed up coding. Instead, you end up including a package in your build …
On May 2, 2024, Arctic Wolf Labs began monitoring deployment of a new ransomware variant referred to as Fog. The ransomware activity was observed in several Arctic Wolf Incident …
Summary: Microsoft has identified a new North Korean threat actor called Moonstone Sleet, which has been active since August 2023 and shows similarities to another North Korean group, Diamond Sleet.…
Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that uses both a combination of many tried-and-true techniques used by other North Korean …
Summary: This article discusses the importance of making software bills of materials (SBOMs) more easily shareable in order to enhance visibility into enterprise software supply chains and improve security.
Threat …
Elastic Security Labs has identified an intrusion set incorporating several malicious modules and leveraging vulnerable drivers to disable known security solutions (EDRs) for crypto mining. Additionally, the team discovered …
Summary: Two former MIT students have been indicted for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency in a “first-of-its-kind” scheme.
Threat Actor: Anton Peraire-Bueno and …
Summary: The Dutch court has sentenced the co-founder of Tornado Cash, an anonymizing cryptocurrency service, to five years and four months in prison for money laundering. This case highlights the …
Summary: This article discusses the new guidance for victims of cybercrime and ransomware provided by the UK’s National Cyber Security Centre (NCSC).
Threat Actor: N/A Victim: N/A
Key Point :…
Summary: The number of ransomware payments is decreasing, despite the rising number of victims, due to increased cyber resilience, availability of decryptors, and law enforcement actions.
Threat Actor: Ransomware gangs …
Summary: This content discusses the prevalence of recovery fraud in the cryptocurrency space, where victims of crypto scams or cyberattacks are targeted again by individuals or companies claiming to offer …
The 2024 U.S. tax season is well underway, and as usual, scams of all kinds targeting taxpayers and causing the Internal Revenue Service (IRS) problems have cropped up. One such …
The Sysdig Threat Research Team (TRT) is on a mission to help secure innovation at cloud speeds.
A group of some of the industry’s most elite threat researchers, the Sysdig …
Zscaler ThreatLabz researchers recently encountered a significant number of websites associated with fraudulent activities being hosted on popular web hosting and blogging platforms. Threat actors intentionally create these sites …
Summary: A hacker has been found guilty of orchestrating a $110 million cryptocurrency fraud scheme involving the Mango Markets decentralized finance platform.
Threat Actor: Hacker | Aaron Eisenberg Victim: Mango …
Curated bookmark list categorized by area and event monitoring, person of interest search, corporate profiling, mapping, AI, intelligence analysis, reporting tools, collective tools, cryptocurrency, country specific, verification and fact-checking.
They …
Summary: The number of ransomware victims who choose to pay a ransom has dropped to a record low, with only 28% paying in the first quarter of 2024, down from …
Summary: Global cybersecurity services provider Cyderes has acquired Ipseity Security, a Canadian company specializing in identity and access management (IAM).
Threat Actor: N/A
Victim: N/A
Key Point :
Cyderes has…Summary: A former security engineer has been sentenced to three years in prison for hacking two decentralized cryptocurrency exchanges and stealing over $12.3 million.
Threat Actor: Shakeeb Ahmed | Shakeeb …
The list comprises 25 influential figures in the technology sector, arranged by age from youngest to oldest. These individuals are recognized for their significant contributions across various areas of technology, …
Insikt Group examines a large-scale Russian-language cybercrime operation using fake Web3 gaming initiatives to distribute malware designed to steal information from both macOS and Windows users. These Web3 games, which …
Key Point : – A cybercrook has been setting up websites that mimic privnote.com. – These phishing sites alter messages containing cryptocurrency addresses. – The real Privnote encrypts messages and …
The impact that AI has on society has steadily crept into the darkest nooks and crannies of the internet. So much so that cybercrooks are hitching free rides on the …
At XLab, we see a lot of botnets every day, mainly tweaks of old Mirai and Gafgyt codes. These are common and usually don’t grab our attention. But recently, we …
Jamf Threat Labs dissects ongoing infostealer attacks targeting macOS users. Each with different means of compromising victim’s Macs but with similar aims: to steal sensitive user data.
IntroductionOver the …
____________________ Summary : The week saw two prominent crypto platforms being compromised, with millions worth of cryptocurrency stolen by hackers with confusing motives.
Key Point : ⭐ Munchables blockchain-based game …
Threat actors (TAs) are actively exploiting platforms like Google Ads and social media platforms such as X (formerly Twitter) to disseminate crypto drainers, employing tactics such as compromising…
Article Summary: 🔍 A United Nations panel is investigating 58 cyberattacks by North Korean hackers, resulting in $3 billion in revenue over six years. 🕵️ The cyberthreat actors targeted defense …
In late 2023 and early 2024, the ransomware ecosystem experienced repeated disruption of its most prolific Ransomware-as-a-Service (RaaS) groups at the hands of international Law Enforcement (LE). Alphv’s dark …
Summary: The interaction between web2 client-server architectures and web3 systems presents security challenges. Web3 systems often rely on classic centralized components, which can create unique attack surfaces. In this post, …
North Korea’s Lazarus hacking group allegedly has turned back to an old service in order to launder $23 million stolen during an attack in November.
Investigators at blockchain research company …
Written by World Watch team from CERT Orange Cyberdefense (Marine PICHON, Vincent HINDERER, Maël SARP and Ziad MASLAH) and Sekoia TDR team (Livia TIBIRNA, Amaury G. and Grégoire CLERMONT)
TL;DR…The Sysdig Threat Research Team (TRT) discovered a malicious campaign using the blockchain-based Meson service to reap rewards ahead of the crypto token unlock happening around March 15th. Within minutes, …
PRESS RELEASE
SINGAPORE – 29th February 2024 — In the modern age, large companies are wrestling to leverage their customers’ data to provide ever-better AI-enhanced experiences but a key barrier …
France-based Zama, which describes itself as an open source cryptography company, on Thursday announced raising $73 million in a Series A funding round.
The investment, which Zama says is one …
Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly, a popular application for scheduling appointments and …
Hunt is tracking an ongoing sophisticated phishing campaign targeting individuals in the Telegram groups focused on the blockchain and angel investing communities, specifically entrepreneurs. The tactics described below are strikingly …
JPCERT/CC has confirmed that Lazarus has released malicious Python packages to PyPI, the official Python package repository (Figure 1). The Python packages confirmed this time are as follows:
pycryptoenv pycryptoconf…The folder also contained an LNK file and a __MACOS folder with payload, this time timestamped Dec. 22, 2023.
Similar to the previously analyzed archive, several stages lead to this …
On Wednesday, February 21, Phylum’s automated risk detection platform alerted us to an anomalous publication of a PyPI package named django-log-tracker. This package was first published to PyPI in April …