Bybit’s $1.4B breach. [Research Saturday]
CyberWire Daily5 Apr 2025

Bybit’s $1.4B breach. [Research Saturday]

Zach Edwards from Silent Push is discussing their work on "New Lazarus Group Infrastructure, Acquires Sensitive Intel Related to $1.4B ByBit Hack and Past Attacks." Silent Push analysts uncovered significant infrastructure used by the Lazarus APT Group, linking them to the $1.4 billion Bybit crypto heist through the domain bybit-assessment[.]com registered just hours before the attack. The investigation revealed a pattern of test entries, VPN usage, and fake job interview scams targeting crypto users, with malware deployment tied to North Korean threat actor groups like TraderTraitor and Contagious Interview. The team also identified numerous companies being impersonated in these scams, including major crypto platforms like Coinbase, Binance, and Kraken, to alert potential victims. The research can be found here: Silent Push Pivots into New Lazarus Group Infrastructure, Acquires Sensitive Intel Related to $1.4B ByBit Hack and Past Attacks Learn more about your ad choices. Visit megaphone.fm/adchoices

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(3657)

Deadline-driven defense.

Deadline-driven defense.

CISA directs agencies to “patch smarter, not harder.” The House fails to extend FISA. Europol pulls over AudiA6. GitHub announces npm security updates. Anthropic rejects Fable 5 jailbreak claims. CISA...

12 Juni 28min

The court calls Google’s bluff.

The court calls Google’s bluff.

Google faces liability for AI-generated claims. Washington pauses public AI model assessments. Anthropic ships a safer AI model. OpenAI disrupts influence operations. Ransomware operators get a powerf...

11 Juni 31min

The patch pile reaches new heights.

The patch pile reaches new heights.

Patch Tuesday goes big. Congress looks to harden critical infrastructure. A new Windows zero-day drops. Mobile AI creates security blind spots. AI agents fall for phishing. Browser extensions expose m...

10 Juni 32min

A checkmark for trust, a payload for theft.

A checkmark for trust, a payload for theft.

Miasma malware meddles with Microsoft. SAP fixes critical flaws, Google patches an exploited Chrome zero-day, CanisterWorm spreads through npm, Mac users face a new malvertising threat, France investi...

9 Juni 26min

Meta’s recovery plan needed recovery.

Meta’s recovery plan needed recovery.

Meta exposes 20,000 Instagram accounts through a support tool bug. CISA warns of active attacks on SolarWinds Serv-U. WordPress sites face takeover through a widely used plugin. A new Gafgyt variant b...

8 Juni 28min

Spoofing ships, jamming drones: how GPS manipulation confuses and compromises. [T-Minus: Space-Cyber Briefing]

Spoofing ships, jamming drones: how GPS manipulation confuses and compromises. [T-Minus: Space-Cyber Briefing]

GPS constellations have become foundational in modern society supporting everything from navigation to financial services, making the impacts of GPS disruptions all the more concerning. As reliance o...

7 Juni 26min

You've been muted...permanently. [Research Saturday]

You've been muted...permanently. [Research Saturday]

Ismael Valenzuela, Arctic Wolf’s VP of Labs, Threat Research and Intelligence, discusses their work on "BlueNoroff Uses ClickFix, Fileless PowerShell, and AI-Generated Fake Zoom Meetings to Target Web...

6 Juni 21min

The NSA gets an AI upgrade.

The NSA gets an AI upgrade.

Anthropic brings Mythos to the NSA. A Palantir executive emerges as a possible CISA pick. A Linux flaw is under active attack. Minecraft malware goes commercial. An npm package gets caught in the Mias...

5 Juni 31min

Populärt inom Politik & nyheter

aftonbladet-krim
svenska-fall
motiv
tv4-nyheterna-story
p3-krim
aftonbladet-daily
flashback-forever
spar
rss-expressen-dok
rss-sanning-konsekvens
rss-aftonbladet-krim
rss-vad-fan-hande
politiken
kungligt
rss-krimreportrarna
svd-ledarredaktionen
krimmagasinet
olyckan-inifran
grans
rss-frandfors-horna