Browsing tag
A threat actor, presumably from Tunisia, has been linked to a new campaign targeting exposed Jupyter Notebooks in a two-fold attempt to illicitly mine cryptocurrency and breach cloud environments. Dubbed Qubitstrike by Cado, the intrusion set utilizes Telegram API to exfiltrate cloud service provider credentials following a successful compromise. “The payloads for the Qubitstrike campaign […]
A Turkish-speaking entity called Nitrokod has been attributed to an active cryptocurrency mining campaign that involves impersonating a desktop application for Google Translate to infect over 111,000 victims in 11 countries since 2019. “The malicious tools can be used by anyone,” Maya Horowitz, vice president of research at Check Point, said in a statement shared […]
Adobe Flash is known to be a minefield of vulnerabilities and notorious actors exploit the same from time-to-time. Using fake Adobe Flash update popup on websites is another attack vector often used. Along the similar lines, a recent type of fake Flash update has been uncovered by a security researcher of Palo Alto Networks’ Unit 42 […]
The website Have I Been Pwned is known for analyzing and storing database dumps and leaked account details. A user can simply visit the site to know if their account has been compromised in the recent past. The good part is that the service is completely free. Much to the concern of many users, a fake […]
In-browser mining services like CoinHive have given an easy-to-setup tool to notorious players who wish to hijack your CPU cycles and print free money. There are ways to curb this cryptojacking but new services keep mushrooming to target novice as well as experienced users. For the first time, a Firefox add-on has been spotted that […]