-
A small bug in the SafeMoon DeFi platform code allowed cybercriminals to “pump out” almost $9 million worth of cryptocurrencies
The interesting circumstances of the attack confuse even experts.The SafeMoon token liquidity pool lost $8.9 million after an unknown hacker took advantage of the newly added “burn” smart contract feature, which artificially inflated the price of the SFM cryptocurrency, allowing members to sell it at a much higher profit.Liquidity pools on DeFi platforms are large deposits of cryptocurrencies that facilitate trading, provide market liquidity, and generally allow exchanges to function without borrowing currency from third parties.Yesterday, SafeMoon confirmed the incident on its Twitter and stated that it is currently working on a solution to the...
-
KillNet tripled the number of DDoS attacks in 3 months
According to a report by cybersecurity researchers from Microsoft, the KillNet group has increased the number of its DDoS attacks on healthcare organizations since November 2022.In recent months, the group has been focusing on health organizations' websites, launching a campaign in February targeting hospitals in more than 25 US states. According to the CISA agency, less than 50% of all attacks were successful.Members of the Microsoft Azure Network Security Team Amir Dahan and Syed Pasha published an analysis of DDoS attacks on healthcare organizations. They tracked all attacks from November 18, 2022 to February 17,...
-
CISA describes how LockBit ransomware works
U.S. government agencies have released a joint cybersecurity bulletin that details indicators of compromise (IoC) and tactics, techniques, and procedures (TTPs) of the LockBit 3.0 ransomware.The alert came from the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Information Sharing and Analysis Center (MS-ISAC).Since its inception in late 2019, LockBit hackers have released two versions of their ransomware, LockBit 2.0 (LockBit Red) (2021) and LockBit 3.0 (LockBit Black) (2022). The ransomware is configured in such a way that it does not infect computers with the following language settings: Romanian (Moldova), Arabic (Syria), and...
-
Crown Resorts gambling company had their data lost by hackers
The Fortra GoAnywhere vulnerability has again helped hackers infiltrate the systems of the most profitable companies.Crown Resorts, Australia's largest gaming and entertainment company, has confirmed a data breach after exploiting a GoAnywhere vulnerability. The leak was carried out by the Cl0p ransomware gang.The Cl0p group claims the hackers stole data from the company's networks and demanded a ransom, but Crown Resorts said the data breach did not affect customers or business operations. Crown Resorts said the firm will be working with law enforcement to investigate the incident.So far, the cybercriminals have only reported the Crown...
-
Selfless hackers: North Korean APT43 conducts espionage operations at its own expense
The cybercriminal group working in the interests of the DPRK does not need an external source of funding.Cybersecurity experts at Mandiant have discovered a North Korean hacker group that finances itself through cybercriminal operations. The group directs the proceeds to support spy campaigns against government organizations in South Korea, the United States, Japan and the European Union.Mandiant has been tracking APT43 cybercrimes since 2018, but only now have experts become confident that one particular group of attackers is involved in these attacks.The researchers claim that APT43 is "a moderately sophisticated cyber operator supporting the interests...
-
Marijuana smoke does not cause damage to the lungs, compared to tobacco smoke
According to a study published by a team of Australian doctors in the latest edition of the scientific journal Respiratory Medicine, cannabis smoke does not pose a threat to the integrity and health of a person's lungs. Long-term follow-up and study of the lung health of a group of people who used cannabis only from a young age did not reveal any problems in terms of health and organ function, in contrast to people who mixed cannabis with tobacco or used tobacco exclusively during the observation period.The study involved three groups of volunteers, aged 21,...
-
Grouping BianLian excluded encryption from the chain of attacks
The BianLian ransomware group has shifted its focus from encrypting files only to exfiltrating data and using it to extort victims. This was reported by the information security company Redacted, which saw signs that the group is trying to use its extortion skills and increase pressure on victims.BianLian operators have retained their Initial Access and Lateral Movement methods, and continue to deploy their own Golang-based backdoor that gives them remote access to a compromised device.On its website, BianLian lists its victims as early as 48 hours after being compromised and gives companies approximately 10 days...
-
New HinataBot botnet uses vulnerabilities in network equipment to carry out DDoS attacks
In a recent report from Akamai, experts revealed a new Golang-based botnet called HinataBot. The botnet uses known vulnerabilities to compromise routers and servers in order to organize massive DDoS attacks.Among the methods used to distribute malware are the exploitation of open Hadoop YARN servers, as well as vulnerabilities in Realtek SDK (CVE-2014-8361) and Huawei HG532 routers (CVE-2017-17215).Old unpatched vulnerabilities and weak credential protection have become easy prey for attackers. After all, they found a documented entry point that does not require complex social engineering tactics and the like.The attackers behind HinataBot are said to...
-
Dark web sales have started to recover after a sharp decline in 2022
By the end of 2022, dark web sales have doubled after falling sharply during the year.Kaspersky Lab specialists analyzed ads on 226 darknet platforms and forums, as well as in 489 public channels of cybercriminals in Telegram.The analysis showed that the total number of messages mentioning the use of guarantors - intermediaries whose services are used by attackers to reduce risks - over the past 3 years exceeded 1 million, of which almost 313 thousand were published in 2022.In addition, for most of 2022, there was a decline in the activity of cybercriminals on the...
-
The most reliable methods to protect your location on the Internet
Protecting your online privacy is critical in today's world. In addition to all means of protection, you must ensure that your location does not become known to third parties.Your location can be tracked and shared without your knowledge in a number of ways, including through your IP address and device location services.In this article, we'll look at several methods to protect your online anonymity and prevent your location data from being leaked. You can protect your personal information and control your browsing experience by following these steps.4 ways to prevent your location from being exposed...
