WeSteal, a shameless commodity cryptocurrency stealer available for sale

The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money in 2021. A new cryptocurrency stealer dubbed WeSteal is available on the cybercrime underground, unlike other commodity cryptocurrency stealers, its author doesn’t masquerade its purpose and promises “the leading way to make money in 2021.” … Continue reading WeSteal, a shameless commodity cryptocurrency stealer available for sale

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ — Krebs on Security

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Austin, Texas-based SolarWinds disclosed this week that a compromise … Continue reading Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ — Krebs on Security

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Austin, Texas-based SolarWinds disclosed this week that a compromise … Continue reading Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

Reverse shell botnet Gitpaste-12 spreads via GitHub and Pastebin

A newly discovered worm and botnet named Gitpaste-12 lives on GitHub and also uses Pastebin to host malicious code. The advanced malware comes equipped with reverse shell and crypto-mining capabilities and exploits over 12 known vulnerabilities, therefore the moniker. Spreads via GitHub, attacks in 12 different ways Gitpaste-12 was first detected by Juniper Threat Labs … Continue reading Reverse shell botnet Gitpaste-12 spreads via GitHub and Pastebin

Instagram bug allowed crashing the app via image sent to device

Technical details about a high-severity vulnerability in Facebook’s Instagram app for Android and iOS show how an attacker could exploit it to deny user access to the app, take full control of their account, or use their mobile device to spy on them. To trigger the bug, an attacker had only to send the target … Continue reading Instagram bug allowed crashing the app via image sent to device