Security News
Julius Aleksanteri Kivimäki, the suspect believed to be behind an attack against one of Finland's largest psychotherapy clinics, Vastaamo, was allegedly identified by tracing what has been believed to be untraceable Monero transactions. Finnish investigators from the National Bureau of Investigation, with the help of Binance, followed the trail of payments to Kivimäki, who exchanged the funds for Monero and then exchanged them back to Bitcoin.
It's the latest in a string of unusual wallet-draining attacks that began in April The Monero Project is admitting that one of its wallets was drained by an unknown source in September, losing the...
New stealthy malware designed to hunt down vulnerable Redis servers online has infected over a thousand of them since September 2021 to build a botnet that mines for Monero cryptocurrency. "This advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional anti-virus solutions to compromise a large number of Redis servers," the researchers said.
Monero, the privacy-oriented decentralized cryptocurrency project, underwent a planned hard fork event on Saturday, introducing new features to boost its privacy and security. Completed at block 2,688,888, the hard fork now features a larger ring size, an improved 'Bulletproofs' algorithm for faster transactions, a revamped multisig mechanism, and performance upgrades that reduce wallet sync times by 30-40%. This upgrade is a hard fork sitting on 0.18 'Fluorine Fermi', so the new version isn't backward compatible with older ones.
The latest variant of the Sysrv botnet malware is menacing Windows and Linux systems with an expanded list of vulnerabilities to exploit, according to Microsoft. The strain, which Microsoft's Security Intelligence team calls Sysrv-K, scans the internet for web servers that have security holes, such as path traversal, remote file disclosure, and arbitrary file download bugs, that can be exploited to infect the machines.
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success. From LDAP to RMI. Most attacks targeting the Log4j "Log4Shell" vulnerability have been through the LDAP service.
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success. From LDAP to RMI. Most attacks targeting the Log4j "Log4Shell" vulnerability have been through the LDAP service.
Threat group FreakOut's Necro botnet has developed a new trick: infecting Visual Tools DVRs with a Monero miner. Juniper Threat Labs researchers have issued a report detailing new activities from FreakOut, also known as Necro Python and Python.
Hackers exploiting the recently disclosed Atlassian Confluence remote code execution vulnerability breached an internal server from the Jenkins project. While the attack is concerning because Jenkins is a popular open-source server for automating parts of software development, there is no reason that the project releases, plugins, or code have been impacted.
Data analysis firm Splunk says it's found a resurgence of the Crypto botnet - malware that attacks virtual servers running Windows Server inside Amazon Web Services. Splunk's Threat Research Team posted its analysis of the attack on Monday, suggesting it starts with a probe for Windows Server instances running on AWS, and seeks out those with remote desktop protocol enabled.