Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 121

Centre starts drive to prevent cyber threats to state entities

The central government has started a drive to upgrade its IT equipment and infrastructure so that all electronic, data storage and communication devices used in government departments and agencies remain within the life span specified by the manufacturer and remain immune to cyber threats.

The move comes in the wake of a large number of cyber security incidents reported by Cert-In, a nodal agency for responding to such incidents and a recent ransomware attack at country’s top medical institute All India Institute of Medical Sciences (AIIMS), New Delhi on 23 November.

The ministry of electronics and information technology (Meity) has directed all secretaries of central ministries to actively take actions with regards to cyber security. Use of out-of-date operating systems and IT equipment must be discontinued, Meity said in a communication reviewed by Mint.

Acer fixes UEFI bugs that can be used to disable Secure Boot

Acer has fixed a high-severity vulnerability affecting multiple laptop models that could enable local attackers to deactivate UEFI Secure Boot on targeted systems.

The Secure Boot security feature blocks untrusted operating systems bootloaders on computers with a Trusted Platform Module (TPM) chip and Unified Extensible Firmware Interface (UEFI) firmware to prevent malicious code like rootkits and bootkits from loading during the startup process.

Reported by ESET malware researcher Martin Smolar, the security flaw (CVE-2022–4020) was discovered in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices.

Hackers attacking energy sector using decades-old software, says Microsoft

Boa, an open-source web server suitable for embedded applications that was discontinued since 2005 is now becoming a security threat because of the complex nature of how it was built into the internet of things (IoT) device supply chain. A recent report by tech major Microsoft said that hackers are exploiting vulnerabilities in the software to target organizations in the energy sector.

Microsoft researchers revealed in an analysis that a vulnerable open-source component in the Boa web server, is used widely in a range of routers and security cameras as well as popular software development kits (SDKs), a set of tools that allow developers to write or use an existing framework to develop applications for a given platform.

Despite the software being discontinued a nearly two decades ago, Microsoft reports that attackers are continuing their attempts to exploit the flaws of the Boa web servers which include a high-severity information disclosure bug (CVE-2021–33558) and another arbitrary file access flaw (CVE-2017–9833). An unauthenticated attacker could exploit these vulnerabilities to obtain user credentials and leverage them for remote code execution.

A Boiling Cauldron: Cybersecurity Trends, Threats, And Predictions For 2023

By Chuck Brooks

There are many other interesting trends to look out for in 2023. These trends will include the expansion of use of a Software Bill of Materials (SBOM), the integration of more 5G networks to bring down latency of data delivery, more Deep Fakes being used for fraud, low code for citizen coding, more computing at the edge, and the development of initial stages of the implementation of quantum technologies and algorithms.

When all is said and done, 2023 will face a boiling concoction of new and old cyber-threats. It will be an especially challenging year for all those involved trying to protect their data and for geopolitical stability.

How to fix insecure operational tech that threatens the global economy

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

Today, with the rampant spread of cybercrime, there is a tremendous amount of work being done to protect our computer networks — to secure our bits and bytes. At the same time, however, there is not nearly enough work being done to secure our atoms — namely, the hard physical infrastructure that runs the world economy.

Nations are now teeming with operational technology (OT) platforms that have essentially computerized their entire physical infrastructures, whether it’s buildings and bridges, trains and automobiles or the industrial equipment and assembly lines that keep economies humming. But the notion that a hospital bed can be hacked — or a plane or a bridge — is still a very new concept. We need to start taking such threats very seriously because they can cause catastrophic damage.

Cybersecurity incidents cost organizations $1,197 per employee, per year

Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

Cybersecurity is an expensive business. To prepare to address sophisticated threat actors, an enterprise needs to maintain a complete security operations center (SOC) filled with state-of-the-art technologies and experienced professionals who know how to identify and mitigate threats.

All of these factors add up. According to a new report released by threat prevention provider Perception Point and Osterman Research, organizations pay $1,197 per employee yearly to address cyber incidents across email services, cloud collaboration apps or services, and web browsers.

Hackers breach energy orgs via bugs in discontinued web server

Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector.

As cybersecurity company Recorded Future revealed in a report published in April, state-backed Chinese hacking groups (including one traced as RedEcho) targeted multiple Indian electrical grid operators, compromising an Indian national emergency response system and the subsidiary of a multinational logistics company.

The attackers gained access to the internal networks of the hacked entities via Internet-exposed cameras on their networks as command-and-control servers.

/* */