Fresh ATM Crypto Software Bugs: Jackpot or Bust?
Organizations, and possibly ATMs, are at risk of compromise, thanks to holes in a Microsoft BitLocker security wrapper.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Organizations, and possibly ATMs, are at risk of compromise, thanks to holes in a Microsoft BitLocker security wrapper.
The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a cryptocurrency miner. [...]
The popular HTTP client known as Axios has suffered a supply chain attack after two newly published versions of the npm package introduced a malicious dependency that delivers a trojan capable of targeting Windows, macOS, and Linux systems
The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from Windows and macOS systems with the ultimate goal of facilitating financial theft
Cybersecurity researchers have disclosed details of a malware campaign that's targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem
A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems
Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts
DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. [...]
Business email compromise, illicit cryptomining, phishing ... if it makes a dollar, this lot do it Multiple miscreants are misusing OAuth to automate financially motivated cyber crimes – such as business email compromise (BEC), phishing, large-scale spamming campaigns – and deploying virtual machines to illicitly mine for cryptocurrencies, according to Microsoft.…
Microsoft Details OAuth Tactics, Says Losses Reached Up to $1.5M Per VictimHackers are exploiting OAuth applications to compromise user accounts, manipulate and confer elevated privileges, and set up cryptomining operations, which has cost some organizations up to $1.5 million in losses, according to Microsoft's Threat Intelligence team.
After compromising Azure and Outlook user accounts, threat actors are creating malicious apps with high privileges to conduct cryptomining, phishing, and password spraying.
Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks
Users in Latin America (LATAM) are the target of a financial malware called JanelaRAT that's capable of capturing sensitive information from compromised Microsoft Windows systems
A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems
The North Korean state-backed hacking crew, otherwise known as the Lazarus Group, has been attributed to yet another financially motivated campaign that leverages a trojanized decentralized finance (DeFi) wallet app to distribute a fully-featured backdoor onto compromised Windows systems