Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 18

Sep 6, 2023

Two world’s biggest telescopes hacked by Ransomware attack

Posted by in categories: cybercrime/malcode, space

Several telescopes are still down weeks after a cybersecurity attack was discovered by US National Science Foundation (NSF) researchers. There is presently no information available on when the Gemini North telescope in Hawaii and the Gemini South telescope in Chile will resume operations. A number of smaller telescopes on the slopes of Cerro Tololo in Chile were also shut down “out of an abundance of caution”.

The IT team at the National Science Foundation’s NOIRLab discovered suspicious behavior in the laboratory’s computer systems early on the morning of August 1. This led to the decision to temporarily halt activities at the huge optical infrared telescopes located on Hawaii’s Maunakea for the sake of safety.

The ‘double’ telescope located in the southern Andes of Chile was already in the process of being prepped for maintenance and required very little more work.

Sep 6, 2023

How FBI remotely deleted QBot malware from 700K computers worldwide

Posted by in categories: biotech/medical, cryptocurrencies, cybercrime/malcode, finance, government, law enforcement

The United States government said today that a multinational law enforcement operation has destroyed Qakbot, also known as QBot, an infamous botnet and malware loader that was responsible for losses that amounted to hundreds of millions of dollars all over the globe, and that they have confiscated more than $8.6 million in illegal cryptocurrencies.

During a news conference held on Tuesday to announce the takedown of the botnet, United States Attorney Martin Estrada referred to the investigation as “the most significant technological and financial operation ever led by the Department of Justice against a botnet.” Duck Hunt was headed by the FBI. For one thing, the federal government developed some software that, when installed on computers that were infected with Qbot, would make the virus useless.

Continue reading “How FBI remotely deleted QBot malware from 700K computers worldwide” »

Sep 6, 2023

Scammers can abuse security flaws in email forwarding to impersonate high-profile domains

Posted by in categories: cybercrime/malcode, finance, government

Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by computer scientists at the University of California San Diego.

The issues researchers uncovered have a broad impact, affecting the integrity of sent from tens of thousands of domains, including those representing organizations in the U.S. government—such as the majority of U.S. cabinet email domains, including state.gov, as well as . Key financial service companies, such as Mastercard, and major news organizations, such as The Washington Post and the Associated Press, are also vulnerable.

It’s called forwarding-based spoofing and researchers found that they can send impersonating these organizations, bypassing the safeguards deployed by email providers such as Gmail and Outlook. Once recipients get the spoofed email, they are more likely to open attachments that deploy malware, or to click on links that install spyware on their machine.

Sep 5, 2023

North Korean hackers have allegedly stolen hundreds of millions in crypto to fund nuclear programs

Posted by in categories: blockchains, business, cryptocurrencies, cybercrime/malcode, existential risks, military

North Korea-linked hackers have stolen hundreds of millions of crypto to fund the regime’s nuclear weapons programs, research shows.

So far this year, from January to Aug. 18, North Korea-affiliated hackers stole $200 million worth of crypto — accounting for over 20% of all stolen crypto this year, according to blockchain intelligence firm TRM Labs.

“In recent years, there has been a marked rise in the size and scale of cyber attacks against cryptocurrency-related businesses by North Korea. This has coincided with an apparent acceleration in the country’s nuclear and ballistic missile programs,” said TRM Labs in a June discussion with North Korea experts.

Sep 5, 2023

What Is Polymorphic Malware?

Posted by in categories: cybercrime/malcode, encryption

O.o!!!


Polymorphic malware leverages an encryption key to alter its shape, signature, and behavioral pattern. Using a mutation engine and a self-propagated code strain, it encrypts its code and changes how physical files are created. Many traditional cybersecurity solutions that rely on signature-based detection—a technique in which security systems identify a malware based on its known characteristics—fail to recognize or detect polymorphic threats.

A polymorphic attack typically involves the following stages.

Continue reading “What Is Polymorphic Malware?” »

Sep 5, 2023

Spies are Using New Malware to Target Mobile Devices in Ukraine

Posted by in categories: cybercrime/malcode, military, robotics/AI

This post is also available in: he עברית (Hebrew)

Ukraine’s security agency claims that the Russian military intelligence service GRU can access compromised Android devices with a new malware called Infamous Chisel, which is associated with the threat actor Sandworm, previously attributed to the Russian GRU’s Main Centre for Special Technologies (GTsST).

Sandworm uses this new malware to target Android devices used by the Ukrainian military, enables unauthorized access to compromised devices, and is designed to scan files, monitor traffic, and steal information.

Sep 5, 2023

Better cybersecurity with quantum random number generation based on a perovskite light emitting diode

Posted by in categories: cybercrime/malcode, encryption, finance, quantum physics

Digital information exchange can be safer, cheaper and more environmentally friendly with the help of a new type of random number generator for encryption developed at Linköping University, Sweden. The researchers behind the study believe that the new technology paves the way for a new type of quantum communication.

In an increasingly connected world, cybersecurity is becoming increasingly important to protect not just the individual, but also, for example, national infrastructure and banking systems. And there is an ongoing race between hackers and those trying to protect information. The most common way to protect information is through encryption. So when we send emails, pay bills and shop online, the information is digitally encrypted.

To encrypt information, a is used, which can either be a computer program or the hardware itself. The random number generator provides keys that are used to both encrypt and unlock the information at the receiving end.

Sep 4, 2023

Artificial Intelligence: Transforming Healthcare, Cybersecurity, and Communications

Posted by in categories: augmented reality, bioengineering, cybercrime/malcode, economics, genetics, information science, robotics/AI, sustainability

Please see my new FORBES article:

Thanks and please follow me on Linkedin for more tech and cybersecurity insights.


More remarkably, the advent of artificial intelligence (AI) and machine learning-based computers in the next century may alter how we relate to ourselves.

Continue reading “Artificial Intelligence: Transforming Healthcare, Cybersecurity, and Communications” »

Sep 4, 2023

Chinese APT Targets Hong Kong in Supply Chain Attack

Posted by in category: cybercrime/malcode

An emerging China-backed advanced persistent threat (APT) group targeted organizations in Hong Kong in a supply chain attack that leveraged a legitimate software to deploy the PlugX/Korplug backdoor, researchers have found.

During the attack, the group leveraged as its PlugX installer malware signed with another legitimate entity, a Microsoft certificate, in an abuse of Microsoft’s Windows Hardware Developer Program, a vulnerability already known to the software vendor.

Sep 4, 2023

North Korean malicious package targets Windows

Posted by in category: cybercrime/malcode

A malicious campaign targeting MacOS, Linux, and Windows systems has been attributed to the North Korean threat group Lazarus. Cybersecurity researchers at ReversingLabs made the disclosure after tracking VMConnect for about a month.

ReversingLabs first spotted the VMConnect campaign in early August. Cybersecurity researcher and blogger Karlo Zanki described it as consisting of two dozen “malicious Python packages” posted on the openly accessible PyPI software repository.

Continue reading “North Korean malicious package targets Windows” »

Page 18 of 198First1516171819202122Last