Lifeboat Foundation

A new malware strain is being distributed by threat actors via exploit kits like Fallout and RIG to hide malicious network traffic with the help of SOCKS5 proxies set up on compromised computers.

The malware, provisionally named SystemBC by the Proofpoint Threat Insight Team researchers who found it, uses secure HTTP connections to encrypt the information sent to command-and-control servers by other strains dropped on the infected machines.

“SystemBC is written in C++ and primarily sets up SOCKS5 proxies on victim computers that can then be used by threat actors to tunnel/hide the malicious traffic associated with other malware,” says Proofpoint.

Warnings about connected vehicle vulnerabilities have been a steady drumbeat for years. Now a consumer-advocacy group is putting it in starker terms, suggesting a mass cyberattack against such vehicles could lead to Sept. 11-level casualties.

California-based Consumer Watchdog has issued a 49-page report that paints the dire picture and urges automakers to install 50-cent “kill switches” to allow vehicles to be disconnected from the Internet. The report highlights numerous widely reported instances of remote vehicle hacking, such as a 2015 demonstration involving a Jeep Cherokee left crawling along a St. Louis-area freeway.

“Millions of cars on the internet running the same software means a single exploit can affect millions of vehicles simultaneously. A hacker with only modest resources could launch a massive attack against our automotive infrastructure, potentially causing thousands of fatalities and disrupting our most critical form of transportation,” the group warns.

A new ransomware family targeting Android devices spreads to other victims by sending text messages containing malicious links to the entire contact list found on already infected targets.

The malware dubbed Android/Filecoder. C (FileCoder) by the ESET research team which discovered it is currently targeting devices running Android 5.1 or later.

“Due to narrow targeting and flaws in both execution of the campaign and implementation of its encryption, the impact of this new ransomware is limited,” ESET’s researchers found.

MILWAUKEE (AP) — A British cybersecurity expert credited with helping stop a worldwide computer virus in May 2017 won’t serve any additional time behind bars for creating malware years before he won international acclaim.

U.S. District Judge J.P. Stadtmueller sentenced 25-year-old Marcus Hutchins on Friday in Milwaukee to time served, with a year of supervised release. Stadtmueller said the virus Hutchins helped stop was far more damaging than the malware he wrote.

Hutchins pleaded guilty in May to developing and conspiring to distribute malware called Kronos from 2012 to 2015. Prosecutors dismissed eight charges in exchange for his plea.

GitHub Bluekeep explainer significantly lowers the bar for writing malware similar to NotPetya and WannaCry, Threats and Risks, Github, WannaCry, NotPetya, ransomware, BlueKeep”

Credit card info and autofill data is up for grabs as browser-based attacks surge.

60 percent increase in users hit by password stealers in the last year.

Cyber-espionage campaign is thought to be the work of Ke3chang, an ATP hacking group which has been active for ten years.

U.S. Army game-theory research using artificial intelligence may help treat cancer and other diseases, improve cybersecurity, deploy Soldiers and assets more efficiently and even win a poker game.

New research, published in Science, and conducted by scientists at Carnegie Mellon University, developed an artificial intelligence program called Pluribus that defeated leading professionals in six-player no-limit Texas hold’em poker.

The Army and National Science Foundation funded the mathematics modeling portion of the research, while funding from Facebook was specific to the poker.