The Nebraska Department of Labor announced that the NEworks.nebraska.gov website is currently unavailable due to a national outage with their web vendor: Geographic Solutions, Inc.
On June 27, the culprit is said to have begun moving funds amounting to $39 million through the Tornado Cash mixer service in an attempt to obscure the ill-gotten gains and make it difficult to trace the transaction trail back to the original theft.
The PyPI repository containing malicious Python packages are steal sensitive data before sending it to publicly exposed endpoints. The sensitive data includes AWS credentials as well as environment variables. The stolen data is stored in TXT files and uploaded to a PyGrata[.]com domain. The endpoint though wasn’t properly secured, leaving a loophole for the analysts […]
The LockBit RaaS launched LockBit 3.0, the first-ever ransomware bug bounty program for security experts to submit bug reports and get rewarded with up to $1 million. Various bug bounty categories include website bugs (such as XSS vulnerabilities, and MySQL injections), Locker bugs (bugs in the ransomware itself), TOX messenger vulnerabilities, and Tor network vulnerabilities.
Despite all of the disruption caused by Google’s legal and technical meddling, AWM is still around and nearly as healthy as ever, although the service has been rebranded with a new name and there are dubious claims of new owners.
Keona Clipper, a new malware threat is stealing cryptocurrencies from infected computers by replacing the user wallet address with its own. It leverages Telegram to stay hidden. Researchers identified over 90 different iterations of Keona since May, indicating wide deployment. Users should take utmost precaution while making payments in cryptocurrency.
With the latest update, Mozilla has patched CVE-2022-34470, a high-severity use-after-free issue in nsSHistory that was triggered when navigating between XML documents, and which could lead to a potentially exploitable crash.
Mandiant’s security researchers have been tracking influence campaigns that a Chinese threat actor named Dragonbridge has been conducting against rare earth mining companies in Australia, Canada, and the United States.
The targeting and the timing coincided with the Russian invasion of Ukraine, with key migration organizations receiving malicious emails containing macro-laden documents.
ReversingLabs recently discovered a new version of the AstraLocker ransomware (AstraLocker 2.0) that was being distributed directly from Microsoft Office files used as bait in phishing attacks.