Another day, another De-Fi (decentralised finance) attack. This time, online smart contract company Harmony, which pitches itself as an "open and fast blockchain", has been robbed of more than $80,000,000's worth of Ether cryptocoins. Surprisingly (or unsurprisingly, depending on your point of view), if visit Harmony's website, you'll probably end up totally unware of the massive loss that the business just suffered. READ MORE...
Internet services in Lithuania came under "intense" distributed denial of service attacks on Monday as the pro-Russia threat-actor group Killnet took credit. Killnet said its attacks were in retaliation regarding Lithuania's recent banning of shipments sanctioned by the European Union to the Russian exclave of Kaliningrad. Lithuania's government said that the flood of malicious traffic disrupted parts of the Secure National Data Transfer Network. READ MORE...
Threat hunters at Kaspersky have uncovered a series of attacks that targeted organizations across telecoms, transportation, and industrial sectors with the ShadowPad backdoor. The campaign hit the manufacturing and telecoms industries in Afghanistan and Pakistan, and a logistics and transport organization (a port) in Malaysia. Kaspersky initially identified the ShadowPad backdoor on industrial control systems (ICS) at a telecoms company in Pakistan. READ MORE...
Chinese web giant Tencent has admitted to a significant account hijack attack on its QQ messaging and social media platform. In a post to rival social media platform Sina Weibo - a rough analog of Twitter - Tencent apologized for the incident. The problem manifested on Sunday night and saw an unnamed number of QQ users complain their credentials no longer allowed them access to their accounts. Tencent has characterized that issue as representing "stolen" accounts. READ MORE...
The latest version of OpenSSL v3, a widely used open-source library for secure networking using the Transport Layer Security (TLS) protocol, contains a memory corruption vulnerability that imperils x64 systems with Intel's Advanced Vector Extensions 512 (AVX512). OpenSSL 3.0.4 was released on June 21 to address a command-injection vulnerability (CVE-2022-2068) that was not fully addressed with a previous patch (CVE-2022-1292). READ MORE...
The LockBit ransomware group just released its latest ransomware-as-a-service offering, LockBit 3.0, and along with it a first for the Dark Web: a bug-bounty program. The bounty program offers up rewards for personal identifiable information (PII) on high-value targets, security exploits, and more, according to screen grabs of messages that appear to have been shared by LockBit actors. READ MORE...
Over 900,000 misconfigured Kubernetes clusters were found exposed on the Internet to potentially malicious scans, some even vulnerable to data-exposing cyberattacks. Kubernetes is a highly versatile open-source container orchestration system for hosting online services and managing containerized workloads via a uniform API interface. However, if Kubernetes isn't configured properly, remote actors might be able to access internal resources and private assets that weren't meant to be made public. READ MORE...
The Bank of the West is warning customers that their debit card numbers and PINs have been stolen by skimmers installed on several of the bank's ATMs. The financial institute, which operates over 600 branches in the United States, first detected a wave of suspicious withdrawal attempts in November 2021 and coordinated with law enforcement to conduct an in-depth investigation. READ MORE...
The New York State Department of Financial Services imposed a $5 million penalty on Carnival Corp. for multiple violations committed in connection with four cybersecurity incidents - including two ransomware attacks - between 2019 and 2021. The New York State Department of Financial Services imposed a $5 million penalty on Carnival Corp. for multiple violations committed in connection with four cybersecurity incidents - including two ransomware attacks - between 2019 and 2021. READ MORE...
Ransomware groups are abusing unpatched versions of a Linux-based Mitel VoIP (Voice over Internet Protocol) application and using it as a springboard plant malware on targeted systems. The critical remote code execution (RCE) flaw, tracked as CVE-2022-29499, was first report by Crowdstrike in April as a zero-day vulnerability and is now patched. Mitel is popularly known for providing business phone systems and unified communication as a service (UCaaS) to all forms of organizations. READ MORE...