Digital Currency

Emulating the Surging Hadooken Malware

| | adversary emulation, Broad-Based Attacks, cryptomining, Hadooken, Linux, Malware, Oracle, Remote Code Execution (RCE), Weblogic Servers
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the Hadooken malware during intrusions that abused misconfigurations and critical Remote Code Execution (RCE) vulnerabilities on public-facing Oracle Weblogic ...
AttackIQ
Shocking SQL Injection in TSA App & Bitcoin ATM Scams Targeting Seniors

Shocking SQL Injection in TSA App, Bitcoin ATM Scams Targeting Seniors

| | atm, Bitcoin, Bitcoin ATM, bug bounty, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Elderly, Episodes, Exploit, Hacking, Information Security, Infosec, Podcast, Podcasts, Privacy, scam, Scams, security, Security Research, Security Researcher, Senior Citizens, Seniors, sql injection, sqli, technology, tsa, vulnerability, Weekly Edition
This week, we discuss a critical SQL injection vulnerability discovered in an app used by the TSA, raising ethical questions about responsible disclosure. Plus, we shed light on the alarming rise of ...
Shared Security Podcast
FBI Warns of North Korea Attacks Against the Crypto Industry

FBI Warns of North Korea Attacks Against the Crypto Industry

| | cryptocurrency, Cybersecurity, DeFi, Hacking
 The decentralized finance (DeFi) and cryptocurrency industries are being targeted by North Korean social engineering schemes in highly personalized and convincing ways.   Here is an example that the FBI is showcasing: ...
Information Security Strategy

Gafgyt Botnet: Weak SSH Passwords Targeted For GPU Mining

| | cloud-native environments, cryptocurrency mining, Cybersecurity News, GPU computational power, IoT botnet, weak SSH passwords
A new variant of the Gafgy botnet has recently been discovered by cybersecurity researchers. As per media reports, the botnet appears to be machines with weak SSH passwords for mining crypto. In ...
TuxCare
Colorful squares floating in space

Squarespace Hacked — DeFi Wallets Drained (Imaginary Money Stolen)

| | API exploit, blockchain, Crypto, cryptocurrencies, cryptocurrency, cryptocurrency exchange, DeFi, domain hijacking, Google Domains, imaginary money, Ponzi scheme, SB Blogwatch, smart contract, Smart Contract Security, smart contracts, Squarespace, Web3
DeFAIL: Cryptocurrency fans lose their worthless tokens via phishing attacks on decen­tral­ized finance sites ...
Security Boulevard

Commando Cat Docker Cryptojacking: Alert & Prevention Tips

| | Cloud Security, Commando Cat, Container Security, cryptocurrency mining, Cryptojacking prevention, cryptomining malware, cyber threat, Cyberattack prevention, Cybersecurity, Cybersecurity Best Practices, Cybersecurity News, Docker configuration, Docker cryptojacking, Docker monitoring, Docker remote API, Docker Security?, Docker vulnerabilities, Kaiten malware, Malware Detection, System performance impact, ZiggyStarTux malware
Recent reports have unveiled a concerning cyber threat orchestrated by a group identified as Commando Cat. This threat actor has been actively engaging in cryptojacking campaigns, leveraging vulnerabilities in Docker instances to ...
TuxCare

Alert: Palo Alto Networks Prey to RedTail Malware Exploits

| | Advanced Evasion Techniques, Akamai Security, cryptocurrency mining, Cryptojacking, CVE-2024-3400, Cyber Threats, Cybersecurity Alert, Cybersecurity News, enterprise cybersecurity, Firewall Exploit, Malware Detection, Nation-State Cyber Attacks, Network Security, Palo Alto Networks, PAN-OS Vulnerability, Private Mining Pools, RedTail Malware, security updates, Supply chain cyberattacks, threat actors, XMRig miner
In a recent development, threat actors behind the RedTail cryptojacking mining malware have expanded their arsenal by exploiting a newly disclosed IT infrastructure security flaw in Palo Alto Networks firewall exploit. This ...
TuxCare

GHOSTENGINE Exploit: Vulnerable Drivers Facing Attack

| | BYOVD, Command-and-Control (C2), Cryptojacking, Cyber Threats, Cybersecurity, Cybersecurity News, Elastic Security Labs, Endpoint Detection and Response (EDR), Exploit, GHOSTENGINE, Microsoft Defender Antivirus, persistence, PowerShell Script, security protocols, System Performance, vulnerability patching, Vulnerable drivers, XMRig miner
A recent revelation in the cybersecurity realm uncovers a concerning development dubbed GHOSTENGINE, a cryptojacking campaign employing a sophisticated method to bypass security measures. In this blog, we’ll look at the GHOSTENGINE ...
TuxCare
Blackwire, Blockchain, Ethereum scam

Brothers Indicted for Stealing $25 Million of Ethereum in 12 Seconds

| | blockchain, crypto scam, cryptocurrency, Ethereum
It took two brothers who went to MIT months to plan how they were going to steal, launder and hide millions of dollars in cryptocurrency -- and only 12 seconds to actually ...
Security Boulevard

Ukrainian REvil Hacker Gets 13-Year Sentence Plus $16M Fine

| | botnets, cryptocurrency, cybercrime, Cybersecurity, Cybersecurity Measures, Cybersecurity News, dark web, International Cooperation, law enforcement, Legal Proceedings, money laundering, Ransomware, rEvil, Sodinokibi, Ukrainian Hacker
In a significant victory against cybercrime, the Ukrainian REvil hacker has been sentenced to over 13 years in prison and ordered to pay a hefty fine of $16 million for orchestrating thousands ...
TuxCare
Load more