That’s a lot of pain: $125,000 ransom seems small—but why do the scrotes want it paid in baguettes?

The post Schneider Electric Confirms Ransom Hack — Hellcat Demands French Bread as ‘Joke’ appeared first on Security Boulevard.

The malware has been circulating since at least 2021. It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua Security said. It can also exploit CVE-2023-33246, a vulnerability with a severity rating of 10 out of 10 that was patched last year in Apache RocketMQ, a messaging and streaming platform that’s found on many Linux machines.

The researchers are calling the malware Perfctl, the name of a malicious component that surreptitiously mines cryptocurrency. The unknown developers of the malware gave the process a name that combines the perf Linux monitoring tool and ctl, an abbreviation commonly used with command line tools. A signature characteristic of Perfctl is its use of process and file names that are identical or similar to those commonly found in Linux environments. The naming convention is one of the many ways the malware attempts to escape notice of infected users...

The post Perfectl Malware appeared first on Security Boulevard.

The decentralized finance (DeFi) and
cryptocurrency industries are being targeted by North Korean social engineering
schemes in highly personalized and convincing ways.

Here is an example that the FBI is showcasing:

1.      
A
person from your dream company, using the name of an old colleague, contacts
you on social media, mentioning a conference you both recently attended and
discussing shared interests.

2.      
He
asks if you're job hunting and reveals his company needs your skills, offering
a significant pay raise.  He arranges an
interview with his CTO and during the interview, the CTO gives you a
“pre-employment” test that involves troubleshooting code from some GitHub
repositories you do not recognize.

3.      
You
clone the repositories, execute the code, find the bugs, and pass the test with
flying colors.

Congrats - you have fallen for a well-disguised
social engineering scheme conducted by North Korean cyber actors. One of those
GitHub repositories was malicious and landed a malware dropper on your machine
which installed a key logger and acquired your credentials to access your
company’s network.

The North Korean attackers gain access and moving
laterally, eventually getting access to the seed phrases and security
signatures for your company’s cryptocurrency assets.  Shortly thereafter all the company’s crypto
assets disappear and everything you and your colleagues worked for is gone.

The threat is real.

Check out the full FBI public warning here: https://www.ic3.gov/Media/Y2024/PSA240903

The post FBI Warns of North Korea Attacks Against the Crypto Industry appeared first on Security Boulevard.

Oink, oink, FAIL—you’re in jail: Kansas bank chief exec Shan Hanes stole money from investors, a church and others to buy cryptocurrency to feed a scam.

The post Pig Butchering at Heart of Bank Failure — CEO Gets 24 Years in Jail appeared first on Security Boulevard.

DeFAIL: Cryptocurrency fans lose their worthless tokens via phishing attacks on decen­tral­ized finance sites.

The post Squarespace Hacked — DeFi Wallets Drained (Imaginary Money Stolen) appeared first on Security Boulevard.

Donald Trump’s presidential campaign is known for aggressively trying to raise money, even sending emails to donors hoping to cash in on setbacks like his conviction late last month on 34 felony counts for illegally influencing the 2016 campaign. Bad actors now are trying to do the same, running donation scams by impersonating the campaign..

The post Cybercriminals Target Trump Supporters with Donation Scams appeared first on Security Boulevard.

Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pseudo-random number generator used to generate passwords in that version—­and subsequent versions until 2015­—did indeed have a significant flaw that made the random number generator not so random. The RoboForm program unwisely tied the random passwords it generated to the date and time on the user’s computer­—it determined the computer’s date and time, and then generated passwords that were predictable. If you knew the date and time and other parameters, you could compute any password that would have been generated on a certain date and time in the past...

The post Breaking a Password Manager appeared first on Security Boulevard.

It took two brothers who went to MIT months to plan how they were going to steal, launder and hide millions of dollars in cryptocurrency -- and only 12 seconds to actually pull off the heist.

The post Brothers Indicted for Stealing $25 Million of Ethereum in 12 Seconds appeared first on Security Boulevard.

The post Ukrainian REvil Hacker Gets 13-Year Sentence Plus $16M Fine appeared first on TuxCare.

The post Ukrainian REvil Hacker Gets 13-Year Sentence Plus $16M Fine appeared first on Security Boulevard.

The post Crypto Mixer Money Laundering: Samourai Founders Arrested appeared first on TuxCare.

The post Crypto Mixer Money Laundering: Samourai Founders Arrested appeared first on Security Boulevard.