A software developer has been found guilty of sabotaging his ex-employer’s systems by running custom malware and installing a “kill switch” after being demoted at the company. […]
Undocumented backdoor found in Bluetooth chip used by a billion devices
The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented backdoor that could be leveraged for attacks. […]
YouTubers extorted via copyright strikes to spread malware
Cybercriminals are sending bogus copyright claims to YouTubers to coerce them into promoting malware and cryptocurrency miners on their videos. […]
US seizes $23 million in crypto stolen via password manager breach
U.S. authorities have seized over $23 million in cryptocurrency linked to the theft of $150 million from a Ripple crypto wallet in January 2024. Investigators believe hackers who breached LastPass in 2022 were behind the attack. […]
Unpatched Edimax IP camera flaw actively exploited in botnet attacks
A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. […]
US Seize Garantex in Cryptocurrency Money Laundering Bust
Two men linked to Garantex are accused of facilitating multi-billion dollar money laundering and sanctions violations.
The post US Seize Garantex in Cryptocurrency Money Laundering Bust appeared first on SecurityWeek.
Employee charged with stealing unreleased movies, sharing them online
A Memphis man was arrested and charged with stealing DVDs and Blu-ray discs of unreleased movies and sharing ripped digital copies online before their release. […]
In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report
Noteworthy stories that might have slipped under the radar: Google discloses AMD CPU flaw named EntrySign, ISPs in the US and China targeted in massive attack, ENISA report on NIS2 Directive.
The post In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report appeared first on SecurityWeek.
US charges Garantex admins with money laundering, sanctions violations
The administrators of the Russian Garantex crypto-exchange have been charged in the United States with facilitating money laundering for criminal organizations and violating sanctions. […]
FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations
Threat hunters have shed light on a “sophisticated and evolving malware toolkit” called Ragnar Loader that’s used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis (ex-REvil).
“Ragnar Loader plays a key role in keeping access to compromised systems, helping attackers stay in networks for long-term operations,” Swiss
“Ragnar Loader plays a key role in keeping access to compromised systems, helping attackers stay in networks for long-term operations,” Swiss