Security News

Telegram, one of the most popular encrypted messaging app, briefly went offline yesterday for hundreds of thousands of users worldwide after a powerful distributed denial-of-service (DDoS) attack hit its servers.

Telegram founder Pavel Durov later revealed that the attack was mainly coming from the IP addresses located in China, suggesting the Chinese government could be behind it to sabotage Hong Kong protesters. Since last week, millions of people in Hong Kong are fighting their political leaders over the proposed amendments to an extradition law that would allow a person arrested in Hong Kong to face trial elsewhere, including in mainland China.

Many people see it as a fundamental threat to the territory’s civic freedoms and the rule of law.

Read more »

Are you using Komodo’s Agama Wallet to store your KMD and BTC cryptocurrencies? Were your funds also un-authorisedly transferred overnight to a new address? If yes, don’t worry, it’s probably safe, and if you are lucky, you will get your funds back.

Komodo, a cryptocurrency project and developer of Agama wallet, adopted a surprisingly unique way to protect its customers’ funds.

The company hacked its customers and unauthorisedly transferred nearly 8 million KMD and 96 Bitcoins from their cryptocurrency wallets to a new address owned by the company.

Why? To secure funds of its customers from hackers.

This may sound weird, but it’s true.

Komodo recently learned about a malicious open source, third-party JavaScript library that the company was using in its Agama Wallet app.
Read more »

The Pacha Group is a threat actor discovered by Intezer and profiled in a blog post published on February 28, 2019. Dating back to September 2018 the Pacha Group has deployed undetected crypto-mining malware to infiltrate Linux servers and mine cryptocurrency without user permissions.

One of the more notable observations discerned by Intezer researchers was the remarkably aggressive behavior exhibited by the Pacha Group’s crypto-mining malware, named Linux.GreedyAntd, which was using a large number of techniques to disable or eliminate other miners on the servers.

Intezer researchers have discovered that the Pacha Group is now targeting cloud-based infrastructures, while identifying new, undetected variants of Linux.GreedyAntd which share significant amounts of code with previous variants. Like previous versions, the malware being used is mainly focused on cryptomining, this time with some updated operational mechanisms.

Read more »

Elastic, the company behind the most widely used enterprise search engine ElasticSearch and the Elastic Stack, today announced that it has decided to make core security features of the Elastic Stack free and accessible to all users.

ELK Stack or Elastic Stack is a collection of three powerful open source projects—Elasticsearch, Logstash, and Kibana—that many large and small companies are using to format, search, analyze, and visualize a large amount of data in real time.

In recent months, we have seen how thousands of instances of insecure, poorly configured Elasticsearch and Kibana servers had left millions of users sensitive data exposed on the Internet.

Since the free version of Elastic Stack by default does not have any authentication or authorization mechanism, many developers and administrators fail to properly implement important security features manually.
Read more »

Project Zero’s team mission is to “make zero-day hard”, i.e. to make it more costly to discover and exploit security vulnerabilities. They primarily achieve this by performing their own security research, but at times they also study external instances of zero-day exploits that were discovered “in the wild”. These cases provide an interesting glimpse into real-world attacker behavior and capabilities, in a way that nicely augments the insights we gain from our own research.
Today, they shared their tracking spreadsheet for publicly known cases of detected zero-day exploits, in the hope that this can be a useful community resource:

 

Spreadsheet link: 0day “In the Wild”
The data described in the spreadsheet is nothing new, but they think that collecting it together in one place is useful.
For example, it shows that:

Read more »