Lifeboat Foundation

Vulnerabilities — information security newspaper | hacking news.

A Sentinel One investigation revealed threat actors (TA) have been abusing the Windows Defender command line tool to decrypt and load Cobalt Strike payloads.

The cybersecurity experts detailed their findings in an advisory last week, in which they said the TA managed to carry out the attacks after obtaining initial access via the Log4Shell vulnerability against an unpatched VMware Horizon Server.

The attackers reportedly modified the Blast Secure Gateway component of the application by installing a web shell using PowerShell code.

The findings reportedly uncovered 475 web pages of elaborate ransomware products and services, alongside many high-profile groups aggressively marketing ransomware-as-a-service (RAAS).

Forensic Pathways also identified 30 different “brands” of ransomware, with some known names such as BlackCat, Egregor, Hidden Tear and WannaCry having been successfully used in high-profile attacks.

The research also suggested Ransomware strains used in high-profile attacks command a higher price for associated services.

This post is also available in: עברית (Hebrew)

A recent report has shown that many social media databases are currently being sold on Breach Forums, a popular hacking forum on the Dark Web. According to cyber security researchers HackerOne, the database allegedly consisted of 5.4 million users, and included the datasets for celebrities, politicians and businesses. The owner of Breach Forums reportedly verified the authenticity of the leaked data.

This nefarious collection of information was due to an already known Twitter vulnerability that could possibly allow an attacker to acquire the phone number and/or email address associated with user accounts even if the user had hidden those fields in the platform’s privacy settings. This should worry many social media users, as it seems that privacy and anonymity are merely a veil that hides the many dangers we are exposed to on the internet.

The ubiquity of electronic devices makes it essential to use encryption and anti-counterfeiting tools to protect the privacy and security of users. With the growing expansion of the Internet of Things, protection against attacks that violate the authenticity of products is increasingly necessary. Traditionally, message protection has been based on different systems: passwords, digital signatures or encryption. This cryptography is based on unknown keys to a possible attacker, but unfortunately these systems are becoming obsolete as new more invasive attacks appear: malware, API attacks or physical hardware attacks.

While quantum computing slowly progresses towards the cryptographic paradigm, the so-called physically unclonable functions (PUFs) are presented as the choice to ensure unique and effective identification. A PUF is a device that has unique and non-repeatable physical properties that can be translated into usable bits of information. The idea of applying random physical characteristics to identify systems or people is not new: for example, the identification of individuals using the fingerprint dates from the 19th century. More recently, the identity of electronic devices has been established using PUFs, which are “electronic fingerprints” of an integrated circuit.

Authentication based on PUFs comprises a chip manufactured by intrinsically random processes that make cloning almost impossible, even though all the details of the manufacturing process are known. The measurements of the various physical properties of the PUF depend on the properties of the chip at the nanoscale, thus constitute a very powerful anti-fraud and anti-counterfeiting technology. To be implementable at an industrial level, this chip must be low cost, scalable and its properties must be easily measurable by means of an identifiable function.

“In the nearly 22 years that I’ve served in Congress, we have come a long way in cyberspace,” said Rep. Jim Langevin, D-R.I.

Cryptocurrency hacks are increasing. Here’s how the government tries to track, freeze, and seize the stolen money before it disappears out of reach.

A database containing 5.4m Twitter users’ data is reportedly for sale on a popular criminal forum. Twitter is investigating the issue, which the seller said exploited a vulnerability in its systems reported in January.

The seller, using the nickname ‘devil,’ advertised the data on the Breached Forums site and demanded at least $30,000 for it. They said that the database contains the phone numbers and email addresses of users, including celebrities and companies.

The hack reportedly exploits a vulnerability first reported by a HackerOne user known as ‘zhirinovskiy.’ That bug enabled “an attacker with a basic knowledge of scripting/coding” to find a Twitter user’s phone number and email address, even if the user has hidden them in privacy settings. The attacker explained how to exploit the bug in their HackerOne report. Twitter acknowledged the bug and fixed it five days later.

A research team led by Rice University neuroengineers has created wireless technology to remotely activate specific brain circuits in fruit flies in under one second.

The team – an assemblage of experts in genetic engineering, nanotechnology, and electrical engineering – used magnetic signals to activate targeted neurons that controlled the body position of freely moving fruit flies in an enclosure.

Continue reading “Neuroengineers hack fruit fly brain and remotely control its movements” »