Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Tor Weaponized to Steal Bitcoin
Newest First  |  Oldest First  |  Threaded View
SitusPoker1
50%
50%
SitusPoker1,
User Rank: Apprentice
10/23/2019 | 7:52:58 AM
SitusPoker1
nice Post
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
10/22/2019 | 8:57:09 PM
bitcoin
"According to the researchers, the bitcoin-stealing campaign has been active and unnoticed for years. "

This has been covered very well up to this point obviously, I wonder how did Researches noticed it. 

 

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
10/22/2019 | 8:53:44 PM
campaign
"The campaign, aimed at a Russian-speaking audience, uses a number of steps to convince users to install a weaponized version of Tor masquerading as the official Russian-language version of the browser. "

It is really interesting that this targets only Russian-speaking audience, I would have expected going beyond that.

 
slotnetwork
50%
50%
slotnetwork,
User Rank: Apprentice
10/21/2019 | 7:21:24 AM
Slots Network
very nice blog 


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/3/2020
Data Loss Spikes Under COVID-19 Lockdowns
Seth Rosenblatt, Contributing Writer,  5/28/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-6497
PUBLISHED: 2020-06-03
Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 83.0.4103.88 allowed a remote attacker to perform domain spoofing via a crafted URI.
CVE-2020-6498
PUBLISHED: 2020-06-03
Incorrect implementation in user interface in Google Chrome on iOS prior to 83.0.4103.88 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2020-6499
PUBLISHED: 2020-06-03
Inappropriate implementation in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass AppCache security restrictions via a crafted HTML page.
CVE-2020-6500
PUBLISHED: 2020-06-03
Inappropriate implementation in interstitials in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-6501
PUBLISHED: 2020-06-03
Insufficient policy enforcement in CSP in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.