New Mac Malware Targets Cookies to Steal From Cryptocurrency Wallets

Mac users need to beware of a newly discovered piece of malware that steals their web browser cookies and credentials in an attempt to withdraw funds from their cryptocurrency exchange accounts. Dubbed CookieMiner due to its capability of stealing cookies-related to cryptocurrency exchanges, the...

Monero: Cybercrime's Top Choice for Mining Malware

An academic analysis of cryptomining malware has determined that the Monero virtual currency XMR is “by far” the most popular cryptocurrency to mine among cybercriminals. And, it would appear that cryptomining as a criminal enterprise is unlikely to wane anytime soon. After examining approximatel...

Top 2018 Security and Privacy Stories

It was only three days into 2018 when one of the year’s biggest security stories broke about the Meltdown and Spectre flaws in modern microprocessors. From there, the calendar filled quickly with both privacy and security SNAFUs. While some of year’s privacy and security missteps were just a...

PT-2022-7655 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: gpac versions prior to 1.1.0 Description: The issue is related to a null pointer dereference in the gpac multimedia platform. This can be exploited to cause a denial of service. The vulnerability is being actively exploited in the wild, with...

As Cryptocurrency Crash Continues, Will Mining Threat Follow?

Post authored by Nick Biasini. Executive Summary As 2018 draws to a close, one technology has definitively left its mark on the year: cryptocurrencies. Digital currencies started the year out strong after a meteoric rise toward the end of 2017. Since then, it's safe to say that cryptocurrencies...

Connecting the dots between recently active cryptominers

Post authored by David Liebenberg and Andrew Williams. Executive Summary Through Cisco Talos' investigation of illicit cryptocurrency mining campaigns in the past year, we began to notice that many of these campaigns shared remarkably similar TTPs, which we at first mistakenly interpreted as bein...

Crypto currency mining machine using Elasticsearch vulnerability propagation-vulnerability warning-the black bar safety net

ElasticSearch is based on Lucene search server. It provides a distributed multi-user capability of the full-text search engine, based on the RESTful web interface. Elasticsearch is developed in Java, and as the Apache license under the terms of the open source release, is the current popular...

A week in security (December 3 – 9)

Last week on Malwarebytes Labs, we gave readers an FYI on multiple breaches that affected Humble Bundle, Quora, and Dunkin' Donuts, to name a few. This follows the announcement from Marriott about a four-year-long breach that impacted half a billion of its patrons. We also pushed out the report,...

Cryptocurrency threat predictions for 2019

Kaspersky Security Bulletin: Threat Predictions for 2019 Threat predictions for industrial security in 2019 Cyberthreats to financial institutions 2019: overview and predictions Introduction – key events in 2018 2018 saw cryptocurrency become an established part of many people's lives, and a more...

Cryptojacking Attack Targets Make-A-Wish Foundation Website

Hackers have been stealing CPU-cycles from visitors to the Make-A-Wish Foundation’s international website in order to mine for Monero cryptocurrency. Researchers said they found the CoinIMP mining script embedded in the non-profit’s website, and that it was taking advantage of the Drupalgeddon 2...

Headmaster caught mining cryptocurrency at school; gets fired

By Uzair Amir A Chinese school headmaster Lei Hua was caught mining cryptocurrency using the school's electricity. As a result, he had to lose his job. It happened at Puman Middle School in Hunan province of China. Initially, teachers complained about the loud noise that continued day and night...

This Week in Security News: Spam Campaigns and Vulnerable Infrastructures

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, see how cybercriminals have learned to become more creative with malware through spam campaigns. Also, understand why securing energy and...

Best Piratebay Alternatives and Proxy List for Downloading Torrents

Are you looking for The Pirate Bay, Piratebay proxies, or alternatives to thepiratebay.se? You've come to the right place for the latest Piratebay news and a list of the best torrent sites. The Pirate Bay is one of the world's most famous and best torrent search engines. It allows users to downlo...

Best Piratebay Alternatives and Proxy List for Downloading Torrents

Are you looking for The Pirate Bay, Piratebay proxies, or alternatives to thepiratebay.se? You've come to the right place for the latest Piratebay news and a list of the best torrent sites. The Pirate Bay is one of the world's most famous and best torrent search engines. It allows users to downlo...

Fake Adobe Flash Updates Hide Malicious Crypto Miners

While fake Flash updates that push malware have traditionally been easy to spot and avoid, a new campaign has employed new tricks that stealthily download cryptocurrency miners on Windows systems. To the average user, the newly discovered samples, which have been active as early as August, seem...

Roaming Mantis, part III

In Q2 2018, Kaspersky Lab published two blogposts about Roaming Mantis sharing details of this new cybercriminal campaign. In the beginning, the criminals used DNS hijacking in vulnerable routers to spread malicious Android applications of Roaming Mantis aka MoqHao and XLoader, spoofing legitimat...

USB threats from malware to miners

Introduction In 2016, researchers from the University of Illinois left 297 unlabelled USB flash drives around the university campus to see what would happen. 98% of the dropped drives were picked up by staff and students, and at least half were plugged into a computer in order to view the content...

Threat Roundup for September 14 to September 21

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 14 and 21. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’ve observed by...

New Malware Combines Ransomware, Coin Mining and Botnet Features in One

Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems. Dubbed XBash, the new...

New Malware Combines Ransomware, Coin Mining and Botnet Features in One

Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems. Dubbed XBash, the new...