Nasty new botnet exploits Docker containers to mine cryptocurrency
Unknown threat actors are using compromised endpoints to mine Monero......»»
11 million devices infected with botnet malware hosted in Google Play
Necro infiltrated Google Play in 2019. It recently returned. Enlarge (credit: Getty Images) Five years ago, researchers made a grim discovery—a legitimate Android app in the Google Play market that was surreptitiously.....»»
Life imitates xkcd comic as Florida gang beats crypto password from retiree
Group staged home invasions to steal cryptocurrency. Enlarge / Sometimes this is all you need. (credit: Aurich Lawson | Getty Image) Remy Ra St. Felix spent April 11, 2023, on a quiet street in a rented BMW X5, staking o.....»»
FBI forced Flax Typhoon to abandon its botnet
A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director Chris Wray confirmed on Wednesday. “We executed court-authorized opera.....»»
Massive China-state IoT botnet went undetected for four years—until now
75% of infected devices were located in homes and offices in North America and Europe. Enlarge (credit: Getty Images) The FBI has dismantled a massive network of compromised devices that Chinese state-sponsored hackers.....»»
1.3 million Android-based TV boxes backdoored; researchers still don’t know how
Infection corrals devices running AOSP-based firmware into a botnet. Enlarge (credit: Getty Images) Researchers still don’t know the cause of a recently discovered malware infection affecting almost 1.3 million streami.....»»
Losses due to cryptocurrency and BEC scams are soaring
Every type of fraud is on the rise, and 2023 was a particularly devastating year for victims of cryptocurrency and business email compromise (BEC) scams, according to the FBI. Cryptocurrency fraud Based on complaints filed to FBI’s Internet Cri.....»»
Why are sharks coming to Boston Harbor? Researchers believe it"s a nursery ground
Once unthinkable when the harbor was nasty and polluted, today's cleaner waters have actually become a desirable shark habitat as young sharks migrate here yearly......»»
DockerSpy: Search for images on Docker Hub, extract sensitive information
DockerSpy scans Docker Hub for images and retrieves sensitive information, including authentication secrets, private keys, and other confidential data. “DockerSpy was created to address the growing concern of sensitive data leaks within Docker.....»»
Found: 280 Android apps that use OCR to steal cryptocurrency credentials
Optical Character Recognition converts passwords shown in images to machine-readable text. Enlarge (credit: Getty Images) Researchers have discovered more than 280 malicious apps for Android that use optical character re.....»»
North Korean hackers’ social engineering tricks
“North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months,” the FBI has warned through a public service announcement. This suggest.....»»
Commercial spyware vendor exploits used by Kremlin-backed hackers, Google says
Findings undercut pledges of NSO Group and Intgellexa their wares won't be abused. Enlarge (credit: Getty Images) Critics of spyware and exploit sellers have long warned that the advanced hacking sold by commercial surve.....»»
Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites
Suspected Russian hackers have been hitting iPhone and Android users visiting government websites with exploits first leveraged by commercial surveillance vendors, Google TAG researchers shared. The watering hole campaigns Between November 2023 and J.....»»
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asian countries. When examining the root cause, ESET d.....»»
A YouTube video really can remove water from your iPhone
A YouTube video claiming it can remove water from your iPhone might seem up there with emails from Nigerian princes and videos of Elon Musk promoting some new cryptocurrency, but tests reveal that it does actually work … somewhat. A tech writer.....»»
Self-dealing has a long history on crypto exchanges: Researchers investigate "wash trading"
In 2019, the American tech trading company Bitwise presented to the SEC that an astounding 95% of cryptocurrency exchanges were fake. This claim may be credited to a type of market manipulation called "wash trading," which involves inflating trading.....»»
Spider exploits firefly"s flashing signals to lure more prey
Fireflies rely on flashing signals to communicate to other fireflies using light-emitting lanterns on their abdomens. In fireflies of the species Abscondita terminalis, males make multi-pulse flashes with two lanterns to attract females, while female.....»»
Hide yo environment files! Or risk getting your cloud-stored data stolen and held for ransom
Cybercriminals are breaking into organizations’ cloud storage containers, exfiltrating their sensitive data and, in several cases, have been paid off by the victim organizations to not leak or sell the stolen data. “The attackers behind t.....»»
Rapid removal of emerging endocrine disruptors in wastewater using high-performance single-atom catalysts
Bisphenols are widely used as the main raw material for plastics such as receipts, water bottles, water containers, and vinyl due to their heat-resistant and mechanochemical properties. Among bisphenols, bisphenol A (BPA), which we often refer to as.....»»
FTX to pay $12.7B to victims of Sam Bankman-Fried’s massive scheme
US commodities trading agency claimed its largest recovery ever for FTX victims. Enlarge (credit: NurPhoto / Contributor | NurPhoto) FTX, the bankrupt cryptocurrency exchange formerly helmed by fraudster Sam Bankman-Frie.....»»
Mac malware posing as apps like Loom, LedgerLive, and Black Desert Online
A “sophisticated and alarming” Mac malware attack is being carried out in the guise of free versions of popular apps like the screen recording utility Loom, cryptocurrency manager LedgerLive, and MMO game Black Desert Online. It appears to be.....»»