Hackers Steal $19 Million From Bithumb Cryptocurrency Exchange

Hackers yesterday stole nearly $19 million worth of cryptocurrency from Bithumb, the South Korea-based popular cryptocurrency exchange admitted today. According to Primitive Ventures' Dovey Wan, who first broke the information on social media, hackers managed to compromise a number of Bithumb's h...

Counter-Strike 1.6 game client 0-day exploited to spread Belonard trojan

By Waqas Dr. Web’s cybersecurity researchers have identified an attacker is trying to exploit zero-day vulnerabilities in Counter-Strike 1.6 game specifically to distribute Belonard Trojan. Reportedly, about 39% of all the active servers of the game on Steam have been manipulated and compromised ...

New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites

If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it's highly recommended to immediately upgrade it before hackers could take advantage of a newly disclosed vulnerability to hack your website. Simon Scannell, a researcher at RIPS...

Hackers steal 6TB of data from enterprise software developer Citrix

By Waqas Enterprise software developer Citrix becomes a victim of state-sponsored hack attack after hackers steal the company's secrets. One of the most popular enterprise software and networking and remote access technology provider firm Citrix affirmed that its internal network was compromised ...

Can your Printer Hack your Secrets: Appweb Authorization Bypass

How IoT can pave the way for data breaches: Understanding the Appweb Authorization Bypass An engineering POV into everyday vulnerability. The everyday things you rely on may leave you vulnerable to attack. And it may not be the things themselves, but what is hiding inside. Are your IoT devices,...

Booter Boss Interviewed in 2014 Pleads Guilty

A 20-year-old Illinois man has pleaded guilty to running multiple DDoS-for-hire services that launched millions of attacks over several years. The plea deal comes almost exactly five years after KrebsOnSecurity interviewed both the admitted felon and his father and urged the latter to take a more...

GameGuardian - Android Game Hack/Alteration Tool

GameGuardian is a game hack/alteration tool. With it, you can modify money, HP, SP, and much more. You can enjoy the fun part of a game without suffering from its unseasonable design. Requires Android: 2.3.3+ GameGuardian Features Summary Runs on ARM, x64 and x86 devices, including x86 emulators...

Don’t Get Your Valentine an Internet-Connected Sex Toy

Mozilla expands its “Privacy Not Included” gift guide to the bedroom: It’s all sexy fun and games until someone hacks a WiFi-enabled butt plug...

US Air Force Defector Allegedly Helped Iran Hack Americans

In an astonishing indictment, the DOJ details how Monica Witt allegedly turned on her former counterintelligence colleagues...

Email service provider loses 2 decades worth of data due to hack attack

By Waqas Famed secure email service provider VFEmail has become a victim of a hack attack by an unknown cybercriminal. The company claims that it has suffered a “catastrophic destruction” of its US servers and almost two decades of data and backups in only a few hours. The entire digital...

The Xiaomi M365 Scooter Can Be Hacked to Speed Up or Stop

A hacker can accelerate Xiaomi M365 scooter—or hit the breaks—while a rider is on it...

A week in security (February 4 – 8)

Last week on Malwarebytes Labs, we took a closer look at the technical and reputational challenges for Facebook as it tries to integrate secure messaging across Messenger, WhatsApp, and Instagram. We explored Google’s latest attempts to change how the public sees—literally—web browser URLs, gave...

An Apple-Hacking Teen, SIM-Swap Indictments, and More Security News This Week

Location data scandals, a Zcash bug, and more of the week's top security news...

U.S. Government Goes After North Korea's Joanap Botnet

The U.S. Justice Department is looking to retaliate against North Korea-linked hackers who have built up a massive global network of infected computers. The department announced on Wednesday that it would seek to map out the Joanap botnet, which has been built and controlled by North Korea-linked...

A week in security (January 14 – 20)

Last week on the Malwarebytes Labs blog, we took a look at how the government shutdown is influencing cybersecurity jobs, Advanced Persistent Threats group APT10, the comeback of Fallout EK, the hosting of malicious sites on legitimate servers, and the Collection 1 data breach. Other cybersecurit...

TAU Threat Intelligence Notification – WindTail (OSX)

Summary Dark Matter researcher Taha Karim recently presented his research on the APT group WindShift at Hack in the Box Singapore. This group primarily focuses on highly targeted campaigns directed toward Middle Eastern government and commercial entities. One of the custom macOS backdoors employe...

Ring Security Cam Snooping, Location Tracking, and More Security News This Week

A German hack confession, unencrypted government sites, and more security news this week...

Luas data ransom: the hacker who cried wolf?

In a terrible start to the year for Irish tram firm Luas, their site was compromised a week ago and adorned with a stark ransom warning: Click to enlarge You are hacked. Some time ago I wrote that you have serious security holes. You didn’t reply. The next time someone talks to you, press the rep...

Australia’s Early Warning Network compromised

An early warning network designed to notify subscribers about dangerous weather in Australia has been compromised. The hacker sent many bogus messages via phone, SMS, and email, telling users that the service had been hacked. Early Warning Network, a service used by local governments to send...

The 'Twinning' Fad, the Weather Channel, and More Security News

A rogue PewDiePie fan, Marriott hack details, and more of the week's top security news...