Cybercrime/malcode – Lifeboat News: The Blog

Better cybersecurity with quantum random number generation based on a perovskite light emitting diode

Posted by Shailesh Prasad in cybercrime/malcode, encryption, finance, quantum physics

Sep 5
2023

Digital information exchange can be safer, cheaper and more environmentally friendly with the help of a new type of random number generator for encryption developed at Linköping University, Sweden. The researchers behind the study believe that the new technology paves the way for a new type of quantum communication.

In an increasingly connected world, cybersecurity is becoming increasingly important to protect not just the individual, but also, for example, national infrastructure and banking systems. And there is an ongoing race between hackers and those trying to protect information. The most common way to protect information is through encryption. So when we send emails, pay bills and shop online, the information is digitally encrypted.

To encrypt information, a random number generator is used, which can either be a computer program or the hardware itself. The random number generator provides keys that are used to both encrypt and unlock the information at the receiving end.

Read more | >

Artificial Intelligence: Transforming Healthcare, Cybersecurity, and Communications

Posted by Chuck Brooks in augmented reality, bioengineering, cybercrime/malcode, economics, genetics, information science, robotics/AI, sustainability

Sep 4
2023

Please see my new FORBES article:

Thanks and please follow me on Linkedin for more tech and cybersecurity insights.

More remarkably, the advent of artificial intelligence (AI) and machine learning-based computers in the next century may alter how we relate to ourselves.

The digital ecosystem’s networked computer components, which are made possible by machine learning and artificial intelligence, will have a significant impact on practically every sector of the economy. These integrated AI and computing capabilities could pave the way for new frontiers in fields as diverse as genetic engineering, augmented reality, robotics, renewable energy, big data, and more.

Three important verticals in this digital transformation are already being impacted by AI: 1) Healthcare, 2) Cybersecurity, and 3) Communications.

Read more | >

Chinese APT Targets Hong Kong in Supply Chain Attack

Posted by Shubham Ghosh Roy in cybercrime/malcode

Sep 4
2023

An emerging China-backed advanced persistent threat (APT) group targeted organizations in Hong Kong in a supply chain attack that leveraged a legitimate software to deploy the PlugX/Korplug backdoor, researchers have found.

During the attack, the group leveraged as its PlugX installer malware signed with another legitimate entity, a Microsoft certificate, in an abuse of Microsoft’s Windows Hardware Developer Program, a vulnerability already known to the software vendor.

Read more | >

North Korean malicious package targets Windows

Posted by Shubham Ghosh Roy in cybercrime/malcode

Sep 4
2023

A malicious campaign targeting MacOS, Linux, and Windows systems has been attributed to the North Korean threat group Lazarus. Cybersecurity researchers at ReversingLabs made the disclosure after tracking VMConnect for about a month.

ReversingLabs first spotted the VMConnect campaign in early August. Cybersecurity researcher and blogger Karlo Zanki described it as consisting of two dozen “malicious Python packages” posted on the openly accessible PyPI software repository.

After keeping beady eyes on PyPI for a few weeks, ReversingLabs reckons it has detected three more packages — tableditor, request-plus, and requestspro — that belong to the VMConnect family.

Read more | >

Russian State-Backed ‘Infamous Chisel’ Android Malware Targets Ukrainian Military

Posted by Shubham Ghosh Roy in cybercrime/malcode, military, mobile phones

Sep 4
2023

Infamous Chisel is described as a collection of multiple components that’s designed with the intent to enable remote access and exfiltrate information from Android phones.

Besides scanning the devices for information and files matching a predefined set of file extensions, the malware also contains functionality to periodically scan the local network and offer SSH access.

“Infamous Chisel also provides remote access by configuring and executing TOR with a hidden service which forwards to a modified Dropbear binary providing a SSH connection,” the Five Eyes (FVEY) intelligence alliance said.

Read more | >

Is Bias in AI Algorithms a Threat to Cloud Security?

Posted by Shubham Ghosh Roy in cybercrime/malcode, information science, robotics/AI

Sep 4
2023

Artificial intelligence (AI) has been helping humans in IT security operations since the 2010s, analyzing massive amounts of data quickly to detect the signals of malicious behavior. With enterprise cloud environments producing terabytes of data to be analyzed, threat detection at the cloud scale depends on AI. But can that AI be trusted? Or will hidden bias lead to missed threats and data breaches?

Bias can create risks in AI systems used for cloud security. There are steps humans can take to mitigate this hidden threat, but first, it’s helpful to understand what types of bias exist and where they come from.

Read more | >

Paramount, Forever 21 Data Breaches Set Stage for Follow-on Attacks

Posted by Shubham Ghosh Roy in cybercrime/malcode

Sep 3
2023

A pair of breaches have hit media giant Paramount Global and fashion purveyor Forever 21, exposing personally identifiable information for thousands of people in the latter’s case and setting them up for a raft of follow-on attacks.

In Paramount’s case, the Hollywood bigwig disclosed in a data breach notification letter obtained by media that cyberattackers accessed PII for certain individuals for a month, between May and June of this year. The data included names, birthdates, Social Security numbers, driver’s license numbers, passport numbers, and “information related to [the individual’s] relationship with Paramount.”

It’s unclear if the data pertains to website members, employees, customers, or other profiles — or how many are affected. The data breach notification letter, penned by an operations executive at Nickelodeon Animation Studio, did not elaborate.

Read more | >

A US Bank Says Sensitive Customer Data Has Been Compromised in Global Cybersecurity Breach

Posted by Genevieve Klien in cybercrime/malcode

Sep 3
2023

A New York-based bank says a global cybersecurity incident has exposed sensitive customer data.

In a letter to customers, M&T Bank says the exploit involves the file transfer tool MOVEit, which is used to securely send and receive confidential information.

According to the bank, the attacker was able to access customer data by targeting one of the lender’s third-party vendors.

Read more | >

Ethical hacker shows us how easily smart devices can be hacked and give access to your personal info

Posted by Shubham Ghosh Roy in cybercrime/malcode, mobile phones

Sep 3
2023

Smart devices will be hot items this holiday season. They hook up to the internet and can be controlled by your phone. However, we have a demonstration that shows how easy it is to hack your home.

Read more | >

How cyber-crime has become organised warfare | Four Corners

Posted by Shubham Ghosh Roy in business, cybercrime/malcode, government, military

Sep 3
2023

Every seven minutes a cyber-attack is reported in Australia.

Millions of Australians have had their data stolen in malicious attacks, costing some businesses tens of millions of dollars in ransom. The federal government is warning the country must brace for even more strikes as cyber gangs become more sophisticated and ruthless.

Four Corners investigates the cyber gangs behind these assaults, cracking open their inner operations and speaking to a hacker who says he targets Australians and shows no remorse.

The program travels all the way to Ukraine and discovers we share a common enemy in the battle for cyber security.

Read more | >