Tor proxy service caught stealing Bitcoin ransoms from ransomware creators

Security company Proofpoint has recently noticed that one Tor proxy service has been stealing Bitcoin from ransomware creators by replacing wallet addresses on payment websites, essentially making the situation worse for the ransomware victim. So far, they have stolen $22,000 in ransom money, but since creators are aware of this scheme, they are unlikely to steal more. However, while some…

Cybersecurity news headlines (January 5 – January 20)

In case you did not keep up with the world of cybersecurity in the past few weeks, we have compiled the biggest news headlines between January 5th and 20th. You’ll find a couple of major headlines, such as the US Senate voting in favor of a bill that could allow NSA to spy on citizens without needing a warrant, and…

Flaw in antivirus can be abused to hijack a computer

An Austrian cyber security auditor, Florian Bogner, recently discovered a flaw that allows a local attacker to abuse the ‘restore from quarantine’ feature in antivirus software. The flaw, named AVGater, allows to move malware from an AV’s quarantine folder to a sensitive locations on the victim’s system, allowing the malware to run with full privileges.…

Cybersecurity news headlines (December 15 – January 5)

The past couple of weeks have been pretty mundane when it comes to cybersecurity (not counting the news about ‘Meltdown’ and ‘Spectre’), we have seen worse times, but there have been better weeks. Between December 15 2017 and January 5 2018, arrest in connection to spreading ransomware were made, US officially blamed North Korea for WannaCry, Forever 21’s customer card…

Coin-hive.com – How it works?

What is Coin-Hive.com?
Coin-Hive.com is known to be a currency miner. Specifically speaking, it is a JavaScript library used to mine the cryptocurrency. In most cases, the following cryptocurrencies are mined using it: Monero, Dashcoin, DarkNetCoin, and others. Although this does not sound very dangerous, malware experts have noticed that cyber criminals have started embedding this miner into certain programs and…

Cybersecurity news headlines (December 1-14)

It has been an eventful two weeks, and while there were no worldwide ransomware attacks, we did see one major data breach, one huge data leak, more than a billion of credentials exposed, hackers stealing money from banks and $80 million worth of Bitcoin stolen. These are only the few incidents that took place over the last 14 days. Below…

Seven vulnerabilities in Libxls (Excel file reader library) could result in remote code execution

Seven vulnerabilities have been discovered in the LibXL C library by a security researcher. An attacker could exploit the flaws and perform remote code execution attack via specially crafted XLS files, Cisco’s Talos researcher, Marcin Noga, reports. Libxls is a C library which is used to read Microsoft Excel File Formats, raging from current versions XLS files to Excel 97…

Cybersecurity news headlines (November 1-8)

November 1-8 has been a pretty slow week. We did not witness major breaches involving millions of people, and no worldwide ransomware attack took place. However, some more notable incidents did occur, from popular anime site being hacked to a fake app being downloaded a million times from Google Chrome.…