Security News
American prosecutors have unsealed an indictment against two Russians who allegedly had a hand in the ransacking and collapse of Mt Gox a decade ago, an implosion that cost the cryptocurrency exchange's thousands of customers most of their digital coins. Bilyuchenko and Aleksandr Verner, 29, were charged with conspiring to launder about 647,000 Bitcoins stolen from Mt Gox starting in 2011, fueling the exchange's eventual collapse in 2014.
Russian nationals Alexey Bilyuchenko and Aleksandr Verner have been charged with the 2011 hacking of the leading cryptocurrency exchange Mt. Gox and the laundering of around 647,000 bitcoins they stole. The U.S. Department of Justice also charged Bilyuchenko with conspiring with Russian national Alexander Vinnik to run the unlicensed BTC-e Bitcoin trading platform between 2011 and 2017.
A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft Exchange servers. Notably, the malware communicates with its command-and-control server via emails sent using the Exchange Web Services API, sending stolen info and receiving base64-encoded commands through text attachments to emails with the "Update Microsoft Edge" subject.
Right now that means transitioning purely on-premises environments from Basic Authentication to Auth 2.0, also known as Modern Authentication, or Modern Auth. While this move is aimed at Exchange Server 2019, "Customers who have backend servers running Exchange Server 2016 CU23 are also supported for Modern auth," Microsoft's Exchange Team wrote this month.
Hackers exploited a Level Finance smart contract vulnerability to drain 214,000 LVL tokens from the decentralized exchange and swapped them for 3,345 BNB, worth approximately $1,100,000. While Level Finance said the attack did not affect its liquidity pool and the DAO treasury, and the exploit was isolated from all other contracts, the LVL token lost roughly 50% of its value immediately after the attack was made known.
The FBI and Ukrainian police have seized nine cryptocurrency exchange websites that facilitated money laundering for scammers and cybercriminals, including ransomware actors. The seized sites allowed users to anonymously convert cryptocurrency into harder-to-trace coins to obscure the money trace and help cybercriminals launder their pilfers without being traced by law enforcement.
Microsoft is investigating ongoing Microsoft 365 issues preventing some Exchange Online customers from accessing their mailboxes. According to outage monitoring platform Downdetector, thousands of Microsoft 365 report experiencing server connection and login issues, as well as when accessing their Outlook mailboxes.
Microsoft announced today that Client Access Rules deprecation in Exchange Online will be delayed by one year until September 2024. Microsoft 365 administrators can utilize CARs comprising priority values, exceptions, actions, and conditions to filter client access to Exchange Online using various factors.
Some Exchange Online users who have the RPS feature turned off by Microsoft can now have it re-enabled - at least until September when the tool is retired. Microsoft is moving all of its Exchange Online tenants from the legacy - and increasingly insecure - Remote PowerShell Protocol to the PowerShell v3 module.
Microsoft aims to make it impossible for unsupported and/or unpatched on-prem Microsoft Exchange servers to use the company's Exchange Online hosted cloud service to deliver email. Blocking potentially malicious emails from reaching Exchange Online.