Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware

Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability CVE-2022-26134 in the wild for malicious cryptocurrency mining...

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware. Cybersecurity company Trend Micro said it found the financially-motivated group leveraging the vulnerability to drop Python...

Nitrokod Crypto Miner Infected Over 111,000 Users with Copies of Popular Software

A Turkish-speaking entity called Nitrokod has been attributed to an active cryptocurrency mining campaign that involves impersonating a desktop application for Google Translate to infect over 111,000 victims in 11 countries since 2019. "The malicious tools can be used by anyone," Maya Horowitz,...

The Family That Mined the Pentagon's Data for Profit

The Freedom of Information Act helps Americans learn what the government is up to. The Poseys exploited it—and became unlikely defenders of transparency...

Add limit on NFT Mining Count

Lines of code Vulnerability details Add limit on NFT Mining Count Context: Description: Mint Function is the most important architectural part of an NFT project. The mint function has no quantity limit. For example, in a 10000 NFT project, 10000 NFT Mints can be triggered at the same time. Howeve...

CVE-2022-37450

Go Ethereum aka geth through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making RUM, as exploited in the wild in 2020 through 2022...

CVE-2022-37450

Go Ethereum aka geth through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making RUM, as exploited in the wild in 2020 through 2022...

CVE-2022-37450

Go Ethereum (geth)

CVE-2022-37450

Go Ethereum aka geth through 1.10.21 allows attackers to increase rewards by mining blocks in certain situations, and using a manipulation of time-difference values to achieve replacement of main-chain blocks, aka Riskless Uncle Making RUM, as exploited in the wild in 2020 through 2022...

A Growing Number of Malware Attacks Leveraging Dark Utilities 'C2-as-a-Service'

A nascent service called Dark Utilities has already attracted 3,000 users for its ability to provide command-and-control C2 services with the goal of commandeering compromised systems. "It is marketed as a means to enable remote access, command execution, distributed denial-of-service DDoS attack...

Go Ethereum 安全漏洞

Go Ethereum is an official Go implementation of the Ether protocol for the Ethereum community. A security vulnerability exists in Go Ethereum version 1.10.21, which stems from allowing an attacker to increase rewards by mining blocks under certain circumstances and using time-differential value...

Attackers leveraging Dark Utilities "C2aaS" platform in malware campaigns

By Edmund Brumaghin, Azim Khodjibaev and Matt Thaxton, with contributions from Arnaud Zobec. Executive Summary Dark Utilities, released in early 2022, is a platform that provides full-featured C2 capabilities to adversaries. It is marketed as a means to enable remote access, command execution,...

Australian Hacker Charged with Creating, Selling Spyware to Cyber Criminals

A 24-year-old Australian national has been charged for his purported role in the creation and sale of spyware for use by domestic violence perpetrators and child sex offenders. Jacob Wayne John Keen, who currently resides at Frankston, Melbourne, is said to have created the remote access trojan R...

Hackers Distributing Password Cracking Tool for PLCs and HMIs to Target Industrial Systems

Industrial engineers and operators are the target of a new campaign that leverages password cracking software to seize control of Programmable Logic Controllers PLCs and co-opt the machines to a botnet. The software "exploited a vulnerability in the firmware which allowed it to retrieve the...

Pro-China Group Uses Dragonbridge Campaign to Target Rare Earth Mining Companies

A pro-China influence campaign singled out rare earth mining companies in Australia, Canada, and the U.S. with negative messaging in an unsuccessful attempt to manipulate public discourse to China's benefit. Targeted firms included Australia's Lynas Rare Earths Ltd, Canada's Appia Rare Earths &...

Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers

A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. "The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence...

Natural Language Processing and “Mindful” AI Drive More Sophisticated Bad Bot Attacks

The evolution from human to bot attacks Over the last several years of my career in cyber security, I have been fortunate to work with professionals who researched and developed new cyber security detection and prevention solutions that block high-end cyber attacks. Initially, these attacks were...

Former Amazon Employee Found Guilty in 2019 Capital One Data Breach

A 36-year-old former Amazon employee was convicted of wire fraud and computer intrusions in the U.S. for her role in the theft of personal data of no fewer than 100 million people in the 2019 Capital One breach. Paige Thompson, who operated under the online alias "erratic" and worked for the tech...

Panchan’s Mining Rig: New Golang Peer-to-Peer Botnet Says “Hi!”

Akamai researchers have discovered a new P2P botnet targeting APJ. Read about it here...

Upgraded Q -> M from 124 [1654443300023]

Judge has assessed an item in Issue 124 as Medium risk. The relevant finding follows: C4-007 : USE SAFEERC20.SAFEAPPROVE Impact This is probably an oversight since SafeERC20 was imported and safeTransfer was used for ERC20 token transfers. Nevertheless, note that approve will fail for certain tok...