U.S. Treasury Sanctions Sinbad Cryptocurrency Mixer Used by North Korean Hackers

Nov 30, 2023NewsroomHacking / Cryptocurrency The U.S. Treasury Department on Wednesday imposed sanctions against Sinbad, a virtual currency mixer that has been put to use by the North Korea-linked Lazarus Group to launder ill-gotten proceeds. “Sinbad has processed millions of dollars’ worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists,” the department said.…
Read more

CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks

Nov 30, 2023NewsroomRansomware / Vulnerability A CACTUS ransomware campaign has been observed exploiting recently disclosed security flaws in a cloud analytics and business intelligence platform called Qlik Sense to obtain a foothold into targeted environments. “This campaign marks the first documented instance […] where threat actors deploying CACTUS ransomware have exploited vulnerabilities in Qlik Sense for initial access,” Arctic Wolf researchers Stefan Hostetler, Markus Neis, and Kyle Pagelow said.…
Read more

North Korea’s Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks

Nov 30, 2023NewsroomCryptocurrency / Cyberattacks Threat actors from the Democratic People’s Republic of Korea (DPRK) are increasingly targeting the cryptocurrency sector as a major revenue generation mechanism since at least 2017 to get around sanctions imposed against the country. “Even though movement in and out of and within the country is heavily restricted, and its general population is isolated from the rest of the world, the regime’s ruling elite and its highly trained cadre of computer science professionals have privileged access to new technologies and information,” cybersecurity firm Recorded Future said in a report shared with The Hacker News.…
Read more

Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails

Nov 30, 2023NewsroomMachine Learning / Email Security Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. “RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, homoglyphs, LEET substitution, and more,” according to the project’s description on GitHub.…
Read more

Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

Nov 29, 2023NewsroomZero-Day / Web Browser Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library.…
Read more

GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability

Nov 29, 2023NewsroomMalware / Threat Intelligence The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that’s capable of remotely commandeering the infected hosts.…
Read more

DJVU Ransomware’s Latest Variant ‘Xaro’ Disguised as Cracked Software

Nov 29, 2023NewsroomRansomware / Cyber Threat A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. “While this attack pattern is not new, incidents involving a DJVU variant that appends the .xaro extension to affected files and demanding ransom for a decryptor have been observed infecting systems alongside a host of various commodity loaders and infostealers,” Cybereason security researcher Ralph Villanueva said.…
Read more

Okta Discloses Broader Impact Linked to October 2023 Support System Breach

Nov 29, 2023NewsroomCyber Attack / Data Breach Identity services provider Okta has disclosed that it detected “additional threat actor activity” in connection with the October 2023 breach of its support case management system. “The threat actor downloaded the names and email addresses of all Okta customer support system users,” the company said in a statement shared with The Hacker News.…
Read more

Unique Visitors
» 435 Today
» 20,900 Yesterday
» 21,335 This Week
» 671,374 This Month
» 1,577,214 This Year
» 17,812,309 Total (since 2019-12-11)
» Record: 205,757 (2023-08-13)
Counter by DarkWeb.Solutions