WordPress Bitcoin Payments – Blockonomics Security Vulnerabilities

Ancient 'STONED' Virus Signatures found in Bitcoin Blockchain

If you are dealing in cryptocurrency Bitcoin and have Microsoft's Security Essentials (MSE) installed on your system, then you could be infected by a virus called "DOS/STONED" from the Bitcoin BlockChain. With a number of high-profile cases of fraud, theft, and technical incompetence against the...

PayPal Fixes Serious Account Hijacking Bug in Manager

PayPal patched a hole in its Manager portal this week that could have made it easy for an attacker to hijack an admin’s account, change their password and steal their personal information — not to mention their savings. Manager is a feature of the service that allows users to manage their Payflow.....

PayPal Filter Bypass

...

Threat Outbreak Alert: Fake Bank Payment Failure Notification Email Messages on May 13, 2014

Medium Alert ID: 34209 First Published: 2014 May 13 17:32 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a bank payment notification for the recipient. The text in the email message attempts to convince the...

Paypal BBP #109 MOS - Bypass & Persistent Vulnerability

...

Paypal BBP #109 MOS - Bypass & Persistent Vulnerability

...

Microsoft Identifies New Malware Dropping Sefnit Botnet

Plenty has been written about the Sefnit malware family and its favor with using Tor to mask communication, as well as the money it’s made for criminals via click-fraud schemes. Sefnit, however, has had a pair of accomplices that until recently were regarded as harmless programs by most security...

Threat Outbreak Alert: Fake Bank Payment Notification Email Messages on May 6, 2014

Medium Alert ID: 34133 First Published: 2014 May 6 16:59 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a bank payment notification for the recipient. The email message attempts to convince the recipient to open the...

Target finally Plans to issue Chip and PIN Credit Cards

The massive data breaches in U.S largest retailers 'Target', marked the largest card heists in the U.S. history in which financial credentials of more than 110 million customers were compromised, have forced the retailer to take step towards more secure transactions. The retailer company on...

Heartbleed patch bypass vulnerability,is bitcoin a Scam or Oolong? - Vulnerability warning-the black bar safety net

Someone in the seclists questions, the new Heartbleed is true? And provide an original link http://pastebin. com/qPxR9BRv to turnthe wallyou know） ! The original of the brief meaning is: They found that the OpenSSL patch scheme to throw the natural vulnerability exists in the processing variables.....

CVE-2013-7372

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture (JCA) in Android before 4.4...

Design/Logic Flaw

The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture (JCA) in Android before 4.4...

Click-Fraud Sefnit Variant Shuns Tor for SSH

Sefnit was the first malware family to shed light on the problem of botnets and other malicious code using the Tor anonymity network as a communication protocol. While others before and since have done the same, Sefnit made the biggest splash at the end of last summer when the botnet caused a 600.....

Threat Outbreak Alert: Fake Payment Cancellation Notification Email Messages on April 28, 2014

Medium Alert ID: 33973 First Published: 2014 April 28 19:38 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment cancellation notice for the recipient. The text in the email message attempts to convince the...

Google Removes Bitcoin Mining Android Malware from Play

Google recently removed five bogus wallpaper apps from its Play marketplace after they were deemed malicious and found sneakily mining Bitcoins. The malware, dubbed BadLepricon, was spotted funneling Bitcoin into wallets and allowed the attacker to change mining pools easily to maximize the mining....

Silk Road Dealer Plead Guilty For Selling Illegal Drugs for Bitcoins

Last October, the ‘Silk Road’ story broke when its owner Ross William Ulbricht, a 29-year-old who allegedly created and managed the Silk Road underground website, was arrested by the Federal Bureau of Investigation (FBI). The police seized the website that was considered one of the most popular...

Android Bitcoin-Mining Malware found on Google Play Store

Google always bound to face trouble over the wide and open nature of its app checking policies on Google Play Store, and despite so many security measures, the search engine giant mostly fails to recognize the Android malware that are lurking around its Google Play store in vast numbers. Recently,....

Malicious Chrome Extension Hijacks CryptoCurrencies and Wallets

Although the number of malicious browser extensions has significantly increased in the past years, but recently a new extension of the Google Chrome is allegedly targeting Cryptocurrency users that is capable of stealing Bitcoins and other crypto coins silently. The malicious Chrome browser...

Threat Outbreak Alert: Fake Payment Notification Email Messages on April 23, 2014

Medium Alert ID: 33905 First Published: 2014 April 23 13:27 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment notification for the recipient. The text in the email message attempts to convince the recipient...

Iowa State Hacked--To Mine Bitcoins

It’s an odd week these days when there isn’t a data breach at some university or college. These institutions are prime targets for attackers for several reasons, not the least of which are their open network environments and databases bulging with personal information. But now attackers are...

Desktop Viruses Coming to Your TV and Connected Home Appliances

Smart Devices are growing at an exponential rate and so are the threats to them. After your Computers, Servers, Routers, Mobiles and Tablets, now hackers are targeting your Smart TVs, warns Eugene Kaspersky the co-founder and chief executive of Kaspersky Lab. As the increase in the manufactures...

Threat Outbreak Alert: Fake Shipping Documents Attachment Email Messages on June 25, 2014

Medium Alert ID: 33903 First Published: 2014 April 22 20:16 GMT Last Updated: 2014 June 26 11:57 GMT Version: 39 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain shipping documents for the recipient. The text in the email message...

Threat Outbreak Alert: Fake Product Purchase Order Request Email Messages on June 26, 2014

Medium Alert ID: 33857 First Published: 2014 April 22 15:37 GMT Last Updated: 2014 June 26 11:57 GMT Version: 42 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product purchase order request for the recipient. The email message...

Samsung Galaxy S5 Fingerprint Scanner Easily Get Hacked

Samsung Galaxy S5 Fingerprint feature promises an extra layer of security for your smartphone, which also lets you make payments through PayPal. But does it really secure? Just three days after the launch of the Galaxy S5, Security researchers have successfully managed to hack Galaxy S5...

Threat Outbreak Alert: Fake Tax Notification Email Messages on April 7, 2014

Medium Alert ID: 33686 First Published: 2014 April 8 13:16 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a tax notification for the recipient. The email message attempts to convince the recipient to open the...

Threat Outbreak Alert: Fake Product Purchase Request Email Messages on April 21, 2014

Medium Alert ID: 33675 First Published: 2014 April 7 13:43 GMT Last Updated: 2014 April 22 15:40 GMT Version: 4 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product inquiry for the recipient. The text in the email message...

Threat Outbreak Alert: Fake Bank Account Deposit Notification Email Messages on April 7, 2014

Medium Alert ID: 33672 First Published: 2014 April 7 13:43 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claims to contain bank account deposit notification for the recipient. The email message attempts to convince the recipient...

Vulnerable Texas Transportation Site 'TxTag' leaves 1.2 Million Credit Cards at Risk

Do you know, Why another major company is getting hacked every week? Because of poor policies, Laziness to Incident Response and lack in will-power to put efforts on applying important patches. Some companies are not taking their security more seriously, and best suitable example for this is...

Threat Outbreak Alert: Fake ACH Transaction Error Report Email Messages on April 2, 2014

Medium Alert ID: 33631 First Published: 2014 April 3 15:27 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an ACH transaction error report for the recipient. The text in the email message attempts to convince the...

Amazon Web Services Combing Third Parties for Credentials

Amazon Web Services is actively searching a number of sources, including code repositories and application stores, looking for exposed credentials that could put users’ accounts and services at risk. A week ago, a security consultant in Australia said that as many as 10,000 secret Amazon Web...

Dumb Ransomware Developer leaves Decryption Keys on Infected Computers

So, How do Hackers compromise a Website? Simply by exploiting the flaws in it, that means they took advantage of the error in the developers’ code. Now, this time the hackers itself has left behind a crucial flaw in its malware code which can be exploited by us to help save our computer systems....

DVR Infected with Bitcoin Mining Malware

Johannes Ullrich of the SANS Institute claims to have found malware infecting digital video recorders (DVR) predominately used to record footage captured by surveillance camera systems. Oddly enough, Ullrich claims that one of the two binaries of malware implicated in this attack scheme appears to....

Threat Outbreak Alert: Email Messages with Malicious Attachments on March 31, 2014

Medium Alert ID: 33580 First Published: 2014 March 31 17:14 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that contain an attachment for the recipient. The email message attempts to convince the recipient to open the attachment for...

Threat Outbreak Alert: Fake Tax Information Request Email Messages on March 31, 2014

Medium Alert ID: 33579 First Published: 2014 March 31 15:42 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a request for tax information for the recipient. The text in the email message attempts to convince the...

Threat Outbreak Alert: Fake Payment Transfer Notice Email Messages on March 31, 2014

Medium Alert ID: 33578 First Published: 2014 March 31 15:39 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment transfer cancellation notice for the recipient. The text in the email message attempts to convince...

Threat Outbreak Alert: Fake Money Transfer Notification Email Messages on March 31, 2014

Medium Alert ID: 33573 First Published: 2014 March 31 12:57 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a money transfer notification for the recipient. The text in the email message attempts to convince the...

Coinbase: Coinbase Android Application - Bitcoin Wallet Leaks OAuth Response Code

Hi, There's a simple bug here, the Coinbase Android App. "BitCoin Wallet" leaks the OAuth Response Code which can be obtained using adb logcat -s Coinbase command line for testing, and any Android application on the same phone can read the response code for the user by reading the logs. As of now.....

Android Malware found on Google Play Store mines Cryptocurrencies

Cyber criminals are more business-minded than you might expect. As the business has moved to greater use of mobile and non-Windows computers, so cyber criminals have adapted techniques monetize their efforts. Security researchers at Lookout Mobile Security discovered that various apps uploaded to.....

Android Malware Mines Digital Cryptocurrency

On its surface, the idea of turning a smartphone into a cryptocurrency mining machine sounds novel. But practical and profitable? Not so much. That hasn’t stopped thieves from corrupting a number of popular Android applications for just that purpose, including two on the Google Play store called...

Cpuminer - CPU miner for Litecoin and Bitcoin

cpuminer is a multi-threaded, highly optimized CPU miner for Litecoin, Bitcoin and other cryptocurrencies. Currently supported algorithms are SHA-256d and scrypt(1024, 1, 1). It supports the getwork mining protocol as well as the Stratum mining protocol, and can be used for both solo and pooled...

Bitcoin Transaction Malleability Flaw Resolved

The so-called transaction malleability software issue blamed for the dissolution of Bitcoin exchange Mt. Gox has been patched. Also, the Bitcoin-QT reference client was also rebranded to Bitcoin Core, in order to clear confusion users might have had between the Bitcoin network and software....

New Zorenium Bot Boasts Ability to Run on iOS

UPDATE–The iOS platform has been remarkably resistant to malware infections over the years and attackers interested in mobile devices mainly have focused their efforts on Android. But the developer of a little-known bot that has the ability to run on Linux and Windows machines now has a version...

Linux Worm targets Internet-enabled Home appliances to Mine Cryptocurrencies

Could a perfectly innocent looking device like router, TV set-top box or security cameras can mine Bitcoins? YES! Hackers will not going to spare the Smart Internet-enabled devices. A Linux worm named Linux.Darlloz, earlier used to target Internet of Things (IoT) devices, i.e. Home Routers,...

MtGox Hacker tricks people to install Bitcoin Stealer

This News will blow everyone’s mind! If you are a bitcoins holder then you might be aware of MtGox, Once the World's biggest Bitcoin exchange. MtGox filed for bankruptcy last month after saying it lost some 8,50,000 Bitcoins to hackers and suddenly went dark with no explanations. A few days ago,...

Threat Outbreak Alert: Fake Bank Account Information Email Messages on March 12, 2014

Medium Alert ID: 33306 First Published: 2014 March 12 17:17 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain bank payment details for the recipient. The text in the email message attempts to convince the recipient to...

Payment Card processing services upgrading to Chip-and-PIN and Point-to-Point Encryption

The massive data breaches in U.S retailers 'Target' and 'Neiman Marcus', in which financial credentials of more than 110 million and 1.1 million customers were compromised respectively, have put a spotlight on the need for more secure transactions. To tackle this issue, the two major payment card.....

Coinbase: Coinbase Android Security Vulnerabilities

My name is Bryan Stern and I am Android Software Engineer. Last night I took another look at your Android application and found some disturbing vulnerabilities that could allow for a user's account to be hijacked. Fortunately, they are very easy to resolve. Below I have outlined the issue, gave...

Tor Network used to Host 900 Botnets and hidden Darknet Markets

Tor network offers users browse the Internet anonymously and is mostly used by activists, journalists to conceal their online activities from prying eyes. But it also has the Dark side, as Tor is also a Deep Web friendly tool that allows hackers and cyber criminals to carry out illicit activities.....

Threat Outbreak Alert: Fake Product Quotation Request Email Messages on March 5, 2014.

Medium Alert ID: 33215 First Published: 2014 March 6 15:04 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product quotation request for the recipient. The text in the email message attempts to convince the...

Microsoft, Kaspersky Shed Light on Sefnit Tor Botnet

Alarm bells went off last August when spikes in Tor client downloads were traced to a large click-fraud and Bitcoin-mining botnet called Sefnit. The malware was using the popular anonymity network to communicate with hackers in order to transmit stolen data and receive additional commands. In...