Security News

Cybersecurity researchers on Tuesday disclosed a new large-scale campaign targeting Kubeflow deployments to run malicious cryptocurrency mining containers. "The burst of deployments on the various clusters was simultaneous. This indicates that the attackers scanned those clusters in advance and maintained a list of potential targets, which were later attacked on the same time," Microsoft's Senior Security Research Engineer Yossi Weizman said in a report.

New upgrades have been made to a Python-based "Self-replicating, polymorphic bot" called Necro in what's seen as an attempt to improve its chances of infecting vulnerable systems and evading detection. "Although the bot was originally discovered earlier this year, the latest activity shows numerous changes to the bot, ranging from different command-and-control communications and the addition of new exploits for spreading, most notably vulnerabilities in VMWare vSphere, SCO OpenServer, Vesta Control Panel and SMB-based exploits that were not present in the earlier iterations of the code," researchers from Cisco Talos said in a deep-dive published today.

Ransomware is used to lock up data and make organizations pay a ransom to regain access. A doxware attack not only keeps your data from you, but also threatens to publish the most sensitive data on Leak Sites or the Dark Web unless you pay a ransom.

Wikipedia says MicroStrategy is a company that provides business intelligence, mobile software, and cloud-based services, but that wouldn't be the first outdated information on the crowdsourced knowledge repository. In a US Securities and Exchange Commission filing, the software company founded in 1989 said it would purchase $10m in the Bitcoin cryptocurrency at an average price of $43,663.

Crypto.com describes itself as the world's fastest-growing crypto app with over 10 million users across 90+ countries. The network slowdown kept recurring throughout the week, including today and has led to issues such as massive delays in purchases being reflected in the users' accounts.

Trust Wallet and MetaMask wallet users are being targeted in ongoing and aggressive Twitter phishing attacks to steal cryptocurrency funds. MetaMask and Trust Wallet are mobile apps that let you create wallets to store, buy, send, and receive cryptocurrency and NFTs. When users launch MetaMask or Trust Wallet apps for the first time, the app prompts them to create a new wallet.

Another new information stealer - Panda Stealer - is being spread through a worldwide spam campaign. The researchers found 264 files similar to Panda Stealer on VirusTotal, with some of them being shared by threat actors on Discord.

What do the Bass0matic, blockchain and zero-knowledge proofs have in common? Each term shows up in Jean-Philippe Aumasson's new publication: "Crypto Dictionary: 500 Cryptographic Tidbits for the Curious." Aumasson is the chief security officer and cofounder of Taurus Group, a Swiss fintech company and the author of "Serious Cryptography: A Practical Introduction to Modern Encryption." Aumasson writes in the preface that the dictionary is not meant to be a comprehensive look at cryptography's diverse areas.

Cybercriminals have created a fake Microsoft DirectX 12 download page to distribute malware that steals your cryptocurrency wallets and passwords. First discovered by security researcher Oliver Hough, when the fake DirectX 12 installers are launched, they will quietly download malware from a remote site and execute it.

A kids' game called "Jungle Run" that, until recently, was available in the Apple App store, was secretly a cryptocurrency-funded casino set up to scam people out of money. His latest discovery was that Jungle Run, which was marketed in the App Store as a game for ages 4+, transformed into a crypto-funded casino when he set his VPN to Turkey.