Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 142

“This can be hugely damaging in the event of ransomware attacks, where high privileges can enable the attackers to stop or destroy backups and other security tools,” Breen explained. “The ‘exploit detected’ tag means attackers are actively using them, so for me, it’s the most important piece of information we need to prioritize the patches.”

If you need any further incentive to update, these seven zero day exploits are part of 50 security vulnerabilities (including another five labelled ‘Critical’) which June’s Patch Tuesday will address. Google has also issued a similar warning for Chrome users.

If you are blocking Windows 10 system updates (a popular pastime for many users), now would be a very good time to stop doing so. Go to Start Settings Update & Security and in the Windows Update Window look to see if the update has already been downloaded. If not, click Check for Updates.

Read more | >

An emerging ransomware strain in the threat landscape claims to have breached 30 organizations in just four months since it went operational, riding on the coattails of a notorious ransomware syndicate.

First observed in February 2021, “Prometheus” is an offshoot of another well-known ransomware variant called Thanos, which was previously deployed against state-run organizations in the Middle East and North Africa last year.

The affected entities are believed to be government, financial services, manufacturing, logistics, consulting, agriculture, healthcare services, insurance agencies, energy and law firms in the U.S., U.K., and a dozen more countries in Asia, Europe, the Middle East, and South America, according to new research published by Palo Alto Networks’ Unit 42 threat intelligence team.

Read more | >

Stefan Thomas really could have used a quantum computer this year.

The German-born programmer and crypto trader forgot the password to unlock his digital wallet, which contains 7002 bitcoin, now worth $265 million. Quantum computers, which will be several million times faster than traditional computers, could have easily helped him crack the code.

Though quantum computing is still very much in its infancy, governments and private-sector companies such as Microsoft and Google are working to make it a reality. Within a decade, quantum computers could be powerful enough to break the cryptographic security that protects cell phones, bank accounts, email addresses and — yes — bitcoin wallets.

Read more | >

“Siloscape”, the first malware to target Windows containers, breaks out of Kubernetes clusters to plant backdoors and raid nodes for credentials.

Windows containers have been victimized for over a year by the first known malware to target Windows containers. The ongoing campaign pierces Kubernetes clusters so as to plant backdoors, allowing attackers to steal data and user credentials, or even hijack an entire databases hosted in a cluster.

The malware was discovered by Unit 42 security researcher Daniel Prizmant. He dubbed it Siloscape, which he pronounces “Silo escape.” The malware pries open known vulnerabilities in web servers and databases so as to compromise Kubernetes nodes and to backdoor clusters.

Read more | >

U.S. investigators have recovered millions of dollars in cryptocurrency that Colonial Pipeline paid hackers last month to end a ransomware attack on its systems.

Deputy Attorney General Lisa Monaco announced Monday afternoon that the Department of Justice “found and recaptured the majority of the ransom” paid to the DarkSide network, the group responsible for the attack.

Paul Abbate, the deputy director of the FBI, said the bureau successfully seized the ransom funds from a bitcoin wallet that DarkSide used to collect Colonial Pipeline’s payment.

Read more | >

The world is one step closer to ultimately secure conference calls, thanks to a collaboration between Quantum Communications Hub researchers and their German colleagues, enabling a quantum-secure conversation to take place between four parties simultaneously.

The demonstration, led by Hub researchers based at Heriot-Watt University and published in Science Advances, is a timely advance, given the global reliance on remote collaborative working, including calls, since the start of the C19 pandemic.

There have been reports of significant escalation of cyber-attacks on popular teleconferencing platforms in the last year. This advance in quantum secured communications could lead to conference calls with inherent unhackable security measures, underpinned by the principles of quantum physics.

Read more | >