đ”ïžââïž Beware of Quasar RAT: A sneaky malware exploiting DLL side-loading to hide its tracks on compromised Windows systems.
Category: cybercrime/malcode – Page 54
To improve communication security and effectiveness, Edith Cowan University (ECU), observation data provider QL Space, and University of South Wales (UK) have formed a new collaboration that focuses on free space optics (FSO).
In early 2024, the agreement will see the construction of a satellite ground station close to ECUâs Joondalup campus in Perthâs north to empower FSO. It will eventually be one of numerous stations in the worldwide network built in collaboration with the University of South Wales (USW).
Using light to send data
FSO, commonly referred to as optical wireless communication or laser communication, uses light to send data across the air without the usage of physical cables or fibre optics. FSO systems transfer modulated data as optical signals using lasers or light-emitting diodes (LEDs).
Knowing how to dispose of a printer could mean the difference between protecting personal data and letting it fall into the wrong hands.
A threat actor who claimed responsibility for the compromise of the 23AndMe site earlier this month has released a new dataset, including the records of more than 4 million peopleâs genetic ancestry.
The cybercriminal, known by the handle Golem, alleges in a cybercrime Dark Web forum the stolen data includes information on, âthe wealthiest people living in the US and Western Europe,â according to reports.
23andMe spokesperson Andy Kill said in a statement the organization is still trying to confirm whether the most recently leaked data is genuine.
If you wanted to, you could access an âevilâ version of OpenAIâs ChatGPT todayâthough itâs going to cost you. It also might not necessarily be legal depending on where you live.
However, getting access is a bit tricky. Youâll have to find the right web forums with the right users. One of those users might have a post marketing a private and powerful large language model (LLM). Youâll connect with them on an encrypted messaging service like Telegram where theyâll ask you for a few hundred dollars in cryptocurrency in exchange for the LLM.
Once you have access to it, though, youâll be able to use it for all the things that ChatGPT or Googleâs Bard prohibits you from doing: have conversations about any illicit or ethically dubious topic under the sun, learn how to cook meth or create pipe bombs, or even use it to fuel a cybercriminal enterprise by way of phishing schemes.
State-sponsored threat actors from Russia and China continue to throttle the remote code execution (RCE) WinRAR vulnerability in unpatched systems to deliver malware to targets.
Researchers at Googleâs Threat Analysis Group (TAG) have been tracking attacks in recent weeks that exploit CVE-2023â38831 to deliver infostealers and backdoor malware, particularly to organizations in Ukraine and Papua New Guinea. The flaw is a known and patched vulnerability in RarLabâs popular WinRAR file archiver tool for Windows, but systems that havenât been updated remain vulnerable.
âTAG has observed government-backed actors from a number of countries exploiting the WinRAR vulnerability as part of their operations,â Kate Morgan from Google TAG wrote in a blog post.
đ”ïžââïž Nation-state hackers are turning to Discord. Discover how theyâre using this social platform for potential cyber-espionage and target critical infrastructure.
Read:
In whatâs the latest evolution of threat actors abusing legitimate infrastructure for nefarious ends, new findings show that nation-state hacking groups have entered the fray in leveraging the social platform for targeting critical infrastructure.
Discord, in recent years, has become a lucrative target, acting as a fertile ground for hosting malware using its content delivery network (CDN) as well as allowing information stealers to siphon sensitive data off the app and facilitating data exfiltration by means of webhooks.
âThe usage of Discord is largely limited to information stealers and grabbers that anyone can buy or download from the Internet,â Trellix researchers Ernesto FernĂĄndez Provecho and David Pastor Sanz said in a Monday report.
A vulnerability in Synologyâs DSM has been revealed, allowing attackers to remotely hijack admin accounts.
Learn how to safeguard your data:
Zero-day alert: 10K cisco IOS XE systems now compromised:
Just a day after Cisco disclosed CVE-2023â20198, it remains unpatched, and one vendor says a Shodan scan shows at least 10,000 Cisco devices with an implant for arbitrary code execution on them. The vendor meanwhile has updated the advisory with more mitigation steps.
đš Korean hacking group Lazarus Group targets defense industry and nuclear engineers with fake job interviews, using trojanized VNC apps to steal data and execute commands.