Security News

Bug hunter Tavis Ormandy of Google's Project Zero just discovered a dangerous bug in the GNU Privacy Guard team's libgcrypt encryption software. The libgcrypt library is an open-source toolkit that anyone can use, but it's probably best known as the encryption library used by the GNU Privacy Guard team's own widely deployed GnuPG software.

A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free. Over the weekend, a threat actor known as ShinyHunters posted the link to an archive that contains the alleged database dumps for the Buyucoin cryptocurrency exchange.

An Iran-based software company is likely behind a recently identified crypto-jacking campaign targeting SQL servers, according to a report by British anti-malware vendor Sophos. The attacks result in the MrbMiner crypto-miner being installed onto the target servers, with the software apparently created, controlled, and hosted by a named Iranian company.

A relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server databases has now been linked to a small software development company based in Iran. First documented by Chinese tech giant Tencent last September, MrbMiner was found to target internet-facing MSSQL servers with the goal of installing a cryptominer, which hijacks the processing power of the systems to mine Monero and funnel them into accounts controlled by the attackers.

Threat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active. In 2018, scammers raked in $180,000 using a successful Elon Musk giveaway scam promoted on Twitter.

Reseachers are raising the alarm for a newly identified operation leveraging a new Remote Access Tool written in Golang to steal crypto-currency from unsuspecting users. Discovered last month, the campaign is believed to have been active since January 2020, consisting of a fully-fledged marketing campaign, custom applications related to crypto-currency, fake social media accounts, websites, and the new RAT, which Intezer calls ElectroRAT. Widely undetected, the Golang backdoor is written from scratch and is designed to target Windows, Linux, and macOS. To lure crypto-currency users into downloading Trojanized apps, the threat actor behind the campaign promoted the tools on crypto-currency and blockchain forums, as well as on social media platforms.

In what is surely an unthinking cut-and-paste issue, page 921 of the Brexit deal mandates the use of SHA-1 and 1024-bit RSA: The open standard s/MIME as extension to de facto e-mail standard SMTP...

UK-based cryptocurrency exchange EXMO informed customers on Monday that it discovered large withdrawals from its hot wallets. "We are still investigating the incident, but as of now, the security audit report showed that some amounts of BTC, XRP, ZEC, USDT, ETC and ETH in EXMO's hot wallets were transferred out of the exchange," EXMO announced.

On Monday a hacker dumped sensitive data stolen earlier this year from the Ledger cryptocurrency wallet's website. Researchers at security firm Cyble discovered files from the Ledger leak published Monday on a hacker forum, according to a report in BleepingComputer.

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.