Security News

North Korean attacks on crypto exchanges reportedly netted an estimated $316m in cryptocurrency in 2019 and 2020, according to a report by Japan's Nikkei. The outlet says it saw that figure in a draft of a United Nations report destined for the desk of the Security Council's North Korea Sanctions Committee.

A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free. Over the weekend, a threat actor known as ShinyHunters posted the link to an archive that contains the alleged database dumps for the Buyucoin cryptocurrency exchange.

A webshell called BumbleBee has taken flight in an ongoing xHunt espionage campaign that has targeted Microsoft Exchange servers at Kuwaiti organizations. "We found BumbleBee hosted on an internal Internet Information Services web server on the same network as the compromised Exchange server, as well as on two internal IIS web servers at two other Kuwaiti organizations," researchers explained in a Monday blog.

UK-based cryptocurrency exchange EXMO informed customers on Monday that it discovered large withdrawals from its hot wallets. "We are still investigating the incident, but as of now, the security audit report showed that some amounts of BTC, XRP, ZEC, USDT, ETC and ETH in EXMO's hot wallets were transferred out of the exchange," EXMO announced.

British cryptocurrency exchange EXMO has disclosed that unknown attackers withdrew almost 5% of its total assets after compromising its hot wallets. Hot wallets are Internet-connected and are used by exchanges to temporarily store assets for ongoing transactions and transfers unlike cold wallets which have no Internet connection.

CodeZero has launched the ZERO BrandCard, a digital identity card of the future, backed by LISNR to enable a secure and contactless digital identity exchange. Looking for a market solution to help combat digital identity spoofing & enable contactless authentication, CodeZero recognized LISNR's ultrasonic technology as the safest and most seamless data transfer and authentication medium.

Microsoft's final batch of security patches for 2020 shipped today with fixes for at least 58 documented vulnerabilities affecting a wide range of OS and software products. The December security updates include fixes for code execution vulnerabilities in the company's flagship Windows operating system and serious problems in Microsoft Sharepoint, Microsoft Exchange, HyperV, and a Kerberos security feature bypass.

Apple's head of global security tried to bung cops hundreds of free iPads in exchange for special gun permits, it is claimed. Thomas Moyer, 50, was last week charged [PDF] with bribing senior officers in Santa Clara county, home to Apple's Cupertino headquarters.

Two never-before-seen Powershell backdoors have been uncovered, after researchers recently discovered an attack on Microsoft Exchange servers at an organization in Kuwait. The attack used two newly discovered backdoors: One that researchers called "TriFive," and the other, a variant of a previously discovered PowerShell-based backdoor, which they called "Snugy."

Researchers at the University of Rochester and Cornell University have taken an important step toward developing a communications network that exchanges information across long distances by using photons, mass-less measures of light that are key elements of quantum computing and quantum communications systems. The development of such a quantum network -designed to take advantage of the physical properties of light and matter characterized by quantum mechanics - promises faster, more efficient ways to communicate, compute, and detect objects and materials as compared to networks currently used for computing and communications.