Treasury Department sanctions cryptocurrency ‘mixer’ Tornado Cash
Written by Tonya Riley Aug 8, 2022 |...
Meta Cracks Down on Cyber Espionage Operations in South Asia Abusing Facebook
By: Ravie Lakshmanan
Facebook parent company Meta disclosed that it took action against two espionage operations in South Asia that leveraged its social media platforms to distribute malware to potential...
10 Malicious Code Packages Slither into PyPI Registry
Administrators of the Python Package Index (PyPI) have removed 10 malicious software code packages from the registry after a security vendor informed them about the issue.The incident is the latest...
SBOM formats SPDX and CycloneDX compared
Software bills of materials (SBOMs) are becoming a critical component of vulnerability management. Many organizations, however, are still wrestling with understanding fundamental topics in the SBOM discussion, such as...
Once hacked for $77M, Beanstalk’s algo stablecoin protocol relaunches
Ethereum-based algorithmic stablecoin project Beanstalk Farms has relaunched its protocol just under four months after going offline after suffering a devastating $77 million governance exploit.The protocol and its governance...
Cross chains, beware: deBridge flags attempted phishing attack, suspects Lazarus Group
Cross-chain protocols and Web3 firms continue to be targeted by hacking groups, as deBridge Finance unpacks a failed attack that bears the hallmarks of North Korea’s Lazarus Group hackers.deBridge...
Finance Redefined: Solana and Nomad bridge fall prey to exploits losing millions
Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you significant developments over the last week.This past week, the...
A Growing Number of Malware Attacks Leveraging Dark Utilities ‘C2-as-a-Service’
By: Ravie Lakshmanan
A nascent service called Dark Utilities has already attracted 3,000 users for its ability to provide command-and-control (C2) services with the goal of commandeering compromised systems.
"It is...
Emergency Alert System Flaws Could Let Attackers Transmit Fake Messages
By: Ravie Lakshmanan
The U.S. Department of Homeland Security (DHS) has warned of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices.
If left unpatched, the issues could allow an...
Open Redirect Flaw Snags Amex, Snapchat User Data
Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims.
Attackers are exploiting a well-known open redirect flaw to phish people’s credentials and personally...
