Security News

An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month to deploy an Apple macOS backdoor called JokerSpy. Elastic Security Labs, which is monitoring the intrusion set under the name REF9134, said the attack led to the installation of Swiftbelt, a Swift-based enumeration tool inspired by an open-source utility called SeatBelt.

For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly known before today! Microsoft has previously fixed CVE-2023-3079, a type confusion vulnerability in Chromium's V8 JavaScript engine, which was spotted being exploited by attackers to target Chrome users.

The U.S. Department of Justice has charged two Russian nationals in connection with masterminding the 2014 digital heist of the now-defunct cryptocurrency exchange Mt. Gox. According to unsealed indictments released last week, Alexey Bilyuchenko, 43, and Aleksandr Verner, 29, have been accused of conspiring to launder approximately 647,000 bitcoins stolen from September 2011 through at least May 2014 as a result of unauthorized access to a server holding crypto wallets used by Mt. Gox customers.

American prosecutors have unsealed an indictment against two Russians who allegedly had a hand in the ransacking and collapse of Mt Gox a decade ago, an implosion that cost the cryptocurrency exchange's thousands of customers most of their digital coins. Bilyuchenko and Aleksandr Verner, 29, were charged with conspiring to launder about 647,000 Bitcoins stolen from Mt Gox starting in 2011, fueling the exchange's eventual collapse in 2014.

Russian nationals Alexey Bilyuchenko and Aleksandr Verner have been charged with the 2011 hacking of the leading cryptocurrency exchange Mt. Gox and the laundering of around 647,000 bitcoins they stole. The U.S. Department of Justice also charged Bilyuchenko with conspiring with Russian national Alexander Vinnik to run the unlicensed BTC-e Bitcoin trading platform between 2011 and 2017.

A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft Exchange servers. Notably, the malware communicates with its command-and-control server via emails sent using the Exchange Web Services API, sending stolen info and receiving base64-encoded commands through text attachments to emails with the "Update Microsoft Edge" subject.

Right now that means transitioning purely on-premises environments from Basic Authentication to Auth 2.0, also known as Modern Authentication, or Modern Auth. While this move is aimed at Exchange Server 2019, "Customers who have backend servers running Exchange Server 2016 CU23 are also supported for Modern auth," Microsoft's Exchange Team wrote this month.

Hackers exploited a Level Finance smart contract vulnerability to drain 214,000 LVL tokens from the decentralized exchange and swapped them for 3,345 BNB, worth approximately $1,100,000. While Level Finance said the attack did not affect its liquidity pool and the DAO treasury, and the exploit was isolated from all other contracts, the LVL token lost roughly 50% of its value immediately after the attack was made known.

The FBI and Ukrainian police have seized nine cryptocurrency exchange websites that facilitated money laundering for scammers and cybercriminals, including ransomware actors. The seized sites allowed users to anonymously convert cryptocurrency into harder-to-trace coins to obscure the money trace and help cybercriminals launder their pilfers without being traced by law enforcement.

Microsoft is investigating ongoing Microsoft 365 issues preventing some Exchange Online customers from accessing their mailboxes. According to outage monitoring platform Downdetector, thousands of Microsoft 365 report experiencing server connection and login issues, as well as when accessing their Outlook mailboxes.