Microsoft warns of “cryware” malware that steals information and exfiltrate data directly from non-custodial cryptocurrency wallets.
Microsoft is warning of an emerging threat targeting internet-connected cryptocurrency wallets, signaling a departure in the use of digital coins in cyberattacks.
The tech giant dubbed the new threat “cryware,” with the attacks resulting in the irreversible theft of virtual currencies by means of fraudulent transfers to an adversary-controlled wallet.
“Cryware are information stealers that collect and exfiltrate data directly from non-custodial cryptocurrency wallets, also known as hot wallets,” Berman Enconado and Laurie Kirk of the Microsoft 365 Defender Research Team said in a new report.
Teslas are among the most susceptible vehicles to be hacked due to their Bluetooth locks, cybersecurity firm NCC Group said. The cars can be remotely unlocked and controlled by hackers that can exploit a vulnerability in the Bluetooth system’s security, the group said.
NCC Group researcher Sultan Qasim Khan was shown in a video opening, then driving a Tesla using a small relay device attached to a laptop. The device bridged a large gap between the Tesla and the Tesla owner’s phone, Reuters said.
“This proves that any product relying on a trusted BLE connection is vulnerable to attacks even from the other side of the world,” NCC said in a statement. BLE means Bluetooth Low Energy, and is a technology utilized in vehicles and Bluetooth locks that will automatically unlock or unlatch when an authorized device is nearby. While it is a convenience feature, it is not immune to attacks, which was the point of NCC’s experiment.
(Texas Tribune/KXAN) — A massive security breach at the Texas Department of Insurance leaked the personal information of almost 2 million Texans for nearly three years, according to a state audit released last week.
The department said the personal information of 1.8 million workers who have filed compensation claims — including Social Security numbers, addresses, dates of birth, phone numbers and information about workers’ injuries — was accessible online to members of the public from March 2019 to January 2022.
Though personal information was compromised – the agency now says there’s no reason to believe the data was used.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has removed a Windows security flaw from its catalog of known exploited vulnerabilities due to Active Directory (AD) authentication issues caused by the May 2022 updates that patch it.
Unauthenticated attackers abuse CVE-2022–26925 to force domain controllers to authenticate them remotely via the Windows NT LAN Manager (NTLM) security protocol and, likely, gain control over the entire Windows domain.
Crafty hackers can make a tool to eavesdrop on some 6G wireless signals in as little as five minutes using office paper, an inkjet printer, a metallic foil transfer and a laminator.
The wireless security hack was discovered by engineering researchers from Rice University and Brown University, who will present their findings and demonstrate the attack this week in San Antonio at ACM WiSec 2022, the Association for Computing Machinery’s annual conference on security and privacy in wireless and mobile networks.
“Awareness of a future threat is the first step to counter that threat,” said study co-author Edward Knightly, Rice’s Sheafor-Lindsay Professor of Electrical and Computer Engineering. “The frequencies that are vulnerable to this attack aren’t in use yet, but they are coming and we need to be prepared.”
As the world rapidly shifts to EV transport, the automotive industry is experiencing some major teething issues. The global charging network is having to keep pace with more and more EVs on the road, and as manufacturers expand their networks, cracks are starting to appear in their grand schemes. We recently reported that a long string of EV chargers outside of Moscow were hacked by Ukrainian programmers to display anti-war and anti-Putin messaging, and there have even been cases in the UK where charging station displays showed graphic images. Hacking EV infrastructure is becoming more commonplace, and it could be a bigger issue than many might think.
R&D & Innovation For U.S. Security & Resilience — Kathryn Coulter Mitchell, Acting Under Secretary for Science and Technology, DHS Science and Technology Directorate, Department of Homeland Security.
Kathryn Coulter Mitchell (https://www.dhs.gov/person/kathryn-coulter-mitchell), is Acting Under Secretary for Science and Technology (S&T), at the U.S. Department of Homeland Security, where as the science advisor to the Homeland Security Secretary, she heads the research, development, innovation and testing and evaluation activities in support of the Department of Homeland Security’s (DHS) operational Components and first responders across the nation.
The Science and Technology Directorate is responsible for identifying operational gaps, conceptualizing art-of-the-possible solutions, and delivering operational results that improve the security and resilience of the nation.
In her former role as the Chief of Staff, Ms. Coulter Mitchell oversaw the operational and organizational needs of the $1 billion, 500-career-employee Directorate. A member of the Senior Executive Service, she was responsible for strategy, policy, organizational development, communications, and planning and she guided the creation of a DHS strategic vision and roadmap for research and development (R&D), the reestablishment of Integrated Product Teams to prioritize and manage DHS R&D investments, and the crafting of strategies for organizational effectiveness. Ms. Mitchell previously served S&T as Deputy Chief of Staff and Senior Communications Advisor for the Under Secretary and Deputy Under Secretary.
Ms. Coulter Mitchell came to DHS after a 15-year career in the private sector and on Capitol Hill. In industry, she provided organizational strategy and communications support to the S&T directorate and the Federal Emergency Management Agency where she authored the communications strategy for the multi-million dollar, multi-agency rollout of Presidential Policy Directive 8 (This directive is aimed at strengthening the security and resilience of the United States through systematic preparation for the threats that pose the greatest risk to the security of the Nation, including acts of terrorism, cyber attacks, pandemics, and catastrophic natural disasters.)
A recently discovered backdoor malware called BPFdoor has been stealthily targeting Linux and Solaris systems without being noticed for more than five years.
BPFdoor is a Linux/Unix backdoor that allows threat actors to remotely connect to a Linux shell to gain complete access to a compromised device.
The malware does not need to open ports, it can’t be stopped by firewalls, and can respond to commands from any IP address on the web, making it the ideal tool for corporate espionage and persistent attacks.
