Microsoft spotted a cloud threat actor tracked as 8220 that is now targeting Linux servers in a long-running cryptomining campaign. Microsoft Security Intelligence experts are warning of a long-running campaign conducted by a cloud threat actor group, tracked as 8220, that is now targeting Linux servers to install crypto miners. “We observed nota

North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyber heist with the help of several cybersecurity firms. 

Threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony on Thursday evening. Last week threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. Today @HarmonyProtocol disclosed a breach which resulted in the theft of 85,837.252 Ethereum (approx. $99,334,302.58 USD as of this w

The Israeli surveillance firm NSO Group revealed that its Pegasus spyware was used by at least five European countries. The controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region. NSO Group’s General Counsel Chaim Gelfand admitted that the co

Chinese cybercriminals are using SeaFlower backdoored versions of iOS and Android Web3 wallets to steal users’ seed phrase. Researchers from Confiant have uncovered a sophisticated malware campaign, tracked as SeaFlower, targeting Web3 wallet users. Chinese crooks are spreading backdoored versions of iOS and Android Web3 wallets to steal users’ seed phras

Researchers at the University of Hamburg demonstrated that WiFi connection probe requests expose users to track. A group of academics at the University of Hamburg (Germany) demonstrated that it is possible to use WiFi connection probe requests to identify and track devices and thereby their users. Mobile devices transmit probe requests to receive info

Threat actors are exploiting the recently disclosed CVE-2022-26134 RCE in Atlassian Confluence servers to deploy cryptocurrency miners. CheckPoint researchers have observed threat actors exploiting the recently disclosed CVE-2022-26134 remote code execution vulnerability in Atlassian Confluence servers to deploy cryptocurrency miners. Last week, Atlass

Hackers have stolen over $250,000 in Ethereum from Bored Ape Yacht Club (BAYC), this is the third security breach it suffered this year. Threat actors compromised Bored Ape Yacht Club (BAYC) for the third time this year, they have stolen and sold NFTs, making away with 142 ETH, equivalent to over $250,000. The hacker conducted a phishing attack, they set

The Clipminer botnet allowed operators to earn at least $1.7 million, according to a report published by security researchers at Symantec. Researchers at Symantec’s Threat Hunter Team uncovered a cryptomining operation that has potentially made the actors behind it at least $1.7 million in illicit gains. The bot focuses on cryptocurrency mining and crypto

The maintainers of the Tails project (The Amnesic Incognito Live System) warn users that the Tor Browser bundled with the OS could expose their sensitive information. The maintainers confirmed that Tor Browser in Tails 5.0 and earlier is unsafe to use for sensitive information. “We recommend that you stop using Tails until the release of 5.1 (Ma

VMware addressed a critical authentication bypass vulnerability “affecting local domain users” in multiple products. The virtualization giant warns that a threat actor can exploit the flaw, tracked as CVE-2022-22972 (CVSSv3 base score of 9.8), to obtain admin privileges and urges customers to install patches immediately. “This cr

Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Data stolen from this kind of malware includes private keys, seed

The U.S. Department of Treasury sanctioned cryptocurrency mixer Blender.io used by North Korea-linked Lazarus APT. The U.S. Department of Treasury sanctioned the cryptocurrency mixer Blender.io used by the North Korea-linked Lazarus APT to launder the funds stolen from Axie Infinity’s Ronin bridge. This is the first time ever, Treasury is sanctionin

Threat actors exploited a bug in the Fuse protocol used by DeFi platforms Rari Capital and Fei Protocol and stole more than $80 million. Threat actors stole more than $80 million from the decentralized finance (DeFi) platforms Rari Capital and Fei Protocol on Saturday. Researchers from smart contract analysis firm Block Sec reported that attackers exploit

An interesting article published by The Intercept reveals the secretive business of a US surveillance firm named Anomaly Six. When we speak about the secretive business of surveillance businesses we often refer to the powerful tools developed by Israeli firms like NSO Group and Candiru, but many other firms operates in the shadow like the US company Anoma