Pierluigi Paganini
June 03, 2022
The Clipminer botnet allowed operators to earn at least $1.7 million, according to a report published by security researchers at Symantec. Researchers at Symantecâs Threat Hunter Team uncovered a cryptomining operation that has potentially made the actors behind it at least $1.7 million in illicit gains. The bot focuses on cryptocurrency mining and cryptocurrency theft […]
Pierluigi Paganini
May 26, 2022
The maintainers of the Tails project (The Amnesic Incognito Live System) warn users that the Tor Browser bundled with the OS could expose their sensitive information. The maintainers confirmed that Tor Browser in Tails 5.0 and earlier is unsafe to use for sensitive information. “We recommend that you stop using Tails until the release of 5.1 […]
Pierluigi Paganini
May 18, 2022
VMware addressed a critical authentication bypass vulnerability “affecting local domain users” in multiple products. The virtualization giant warns that a threat actor can exploit the flaw, tracked as CVE-2022-22972 (CVSSv3 base score of 9.8), to obtain admin privileges and urges customers to install patches immediately. “This critical vulnerability should be patched or mitigated immediately per the […]
Pierluigi Paganini
May 18, 2022
Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Data stolen from this kind of malware includes private keys, seed phrases, and […]
Pierluigi Paganini
May 07, 2022
The U.S. Department of Treasury sanctioned cryptocurrency mixer Blender.io used by North Korea-linked Lazarus APT. The U.S. Department of Treasury sanctioned the cryptocurrency mixer Blender.io used by the North Korea-linked Lazarus APT to launder the funds stolen from Axie Infinity’s Ronin bridge. This is the first time ever, Treasury is sanctioning a virtual currency mixer. […]
Pierluigi Paganini
May 01, 2022
Threat actors exploited a bug in the Fuse protocol used by DeFi platforms Rari Capital and Fei Protocol and stole more than $80 million. Threat actors stole more than $80 million from the decentralized finance (DeFi) platforms Rari Capital and Fei Protocol on Saturday. Researchers from smart contract analysis firm Block Sec reported that attackers […]
Pierluigi Paganini
April 26, 2022
An interesting article published by The Intercept reveals the secretive business of a US surveillance firm named Anomaly Six. When we speak about the secretive business of surveillance businesses we often refer to the powerful tools developed by Israeli firms like NSO Group and Candiru, but many other firms operates in the shadow like the […]
Pierluigi Paganini
April 22, 2022
The Lemon_Duck cryptomining botnet is targeting Docker servers to mine cryptocurrency on Linux systems. Crowdstrikes researchers reported that the Lemon_Duck cryptomining botnet is targeting Docker to mine cryptocurrency on Linux systems. The Lemon_Duck cryptomining malware was first spotted in June 2019 by researchers from Trend Micro while targeting enterprise networks. At the time of its first discovery, the bot was […]
Pierluigi Paganini
April 19, 2022
Credit-based stablecoin protocol Beanstalk discloses a security breach that resulted in the loss of all of its $182 million. The decentralized, credit-based finance system Beanstalk suffered a security breach that resulted in financial losses of $182 million. Researchers at blockchain analysis firm PeckShield reported that the attackers have stolen $80 M for the hacker. PeckShield first reported […]
Pierluigi Paganini
April 16, 2022
The U.S. government blames North Korea-linked APT Lazarus for the recent $600 million Ronin Validator cyber heist. The U.S. government attributes the recent $600 million Ronin Validator cryptocurrencty heist to the North Korea-linked APT Lazarus. The U.S. Treasury announced in a notice the sanctions against the Ethereum address used by the APT to receive the […]
