Archive for the ‘cybercrime/malcode’ category: Page 7

Jun 30, 2021

Hackers are investing in each other’s operations—just like VCs invest in startups

Posted by in category: cybercrime/malcode

Ransomware continues to grow more sophisticated and lucrative, and now security firm LIFARS says operators have built a Silicon Valley-like VC ecosystem.

Jun 29, 2021

Microsoft approved a Windows driver booby-trapped with rootkit malware

Posted by in category: cybercrime/malcode

Redmond’s legendary QA strikes again.

Jun 26, 2021

Microsoft says new breach discovered in probe of suspected SolarWinds hackers

Posted by in category: cybercrime/malcode

SAN FRANCISCO, June 25 (Reuters) — Microsoft (MSFT.O) said on Friday an attacker had won access to one of its customer-service agents and then used information from that to launch hacking attempts against customers.

The company said it had found the compromise during its response to hacks by a team it identifies as responsible for earlier major breaches at SolarWinds (SWI.N) and Microsoft.

Microsoft said it had warned the affected customers. A copy of one warning seen by Reuters said the attacker belonged to the group Microsoft calls Nobelium and that it had access during the second half of May.

Continue reading “Microsoft says new breach discovered in probe of suspected SolarWinds hackers” »

Jun 25, 2021

How AI is driving a future of autonomous warfare | DW Analysis

Posted by in categories: cybercrime/malcode, information science, mapping, military, nuclear energy, robotics/AI

The artificial intelligence revolution is just getting started. But it is already transforming conflict. Militaries all the way from the superpowers to tiny states are seizing on autonomous weapons as essential to surviving the wars of the future. But this mounting arms-race dynamic could lead the world to dangerous places, with algorithms interacting so fast that they are beyond human control. Uncontrolled escalation, even wars that erupt without any human input at all.

DW maps out the future of autonomous warfare, based on conflicts we have already seen – and predictions from experts of what will come next.

Continue reading “How AI is driving a future of autonomous warfare | DW Analysis” »

Jun 25, 2021

‘Oddball’ Malware Blocks Access to Pirated Software

Posted by in categories: cybercrime/malcode, finance

Rather than steal credentials or hold data for ransom, a recent campaign observed by Sophos prevents people from visiting sites that offer illegal downloads.

The objective of most malware is some kind of gain — financial or otherwise — for the attackers who use it. However, researchers recently observed a unique malware with a single intent: Blocking the infected computers from visiting websites dedicated to software piracy.

The malware (which SophosLabs principal researcher Andrew Brandt called “one of the strangest cases I’ve seen in a while”) works by modifying the HOSTS file on the infected system, in a “a crude but effective method to prevent a computer from being able to reach a web address,” he wrote in a report published Thursday.

Jun 25, 2021

Crackonosh virus mined $2 million of Monero from 222,000 hacked computers

Posted by in categories: biotech/medical, cryptocurrencies, cybercrime/malcode

A malware called Crackonosh infected 222000 PCs in order to mine $2 million worth of Monero cryptocurrency.

Jun 25, 2021

Vulnerabilities in Dell laptops’ software allow hackers to execute code remotely in millions of devices

Posted by in category: cybercrime/malcode

Cybersecurity experts reported the detection of at least four flaws in Dell SupportAsist’s BIOSConnect feature, the exploitation of which would allow threat actors to deploy remote code to affected devices. It should be noted that this software is preinstalled by default on most Dell computers running Windows systems, and BIOSConnect allows remote firmware update and some operating system recovery features.

This set of flaws received a score of 8.3÷10 on the Common Vulnerability Scoring System (CVSS) scale, and its exploitation would allow privileged remote hackers on the target system to impersonate an official Dell service in order to take control of the operating system boot process and thus break any security controls enabled. So far no active exploitation attempts or a functional attack have been detected for the abuse of these flaws.

Continue reading “Vulnerabilities in Dell laptops’ software allow hackers to execute code remotely in millions of devices” »

Jun 24, 2021

NFC Flaws Let Researchers Hack ATMs

Posted by in category: cybercrime/malcode

Flaws in card reader technology let a security firm consultant wreak havoc with point-of-sale systems and more.

Jun 24, 2021

Microsoft issues warning about a malware campaign involving a call center

Posted by in category: cybercrime/malcode

Microsoft, via its Security Intelligence account on Twitter, has issued a warning to Windows users of a new type of phishing scam that involves emails requesting users to dial a call center. They warn users to not dial the call center because following the instructions given by a human operator can lead to malware infections. The malware scam only works with Windows computers that have Microsoft Excel.

The new threat involves BazarLoader, a type of malware that allows backdoor access to infected computers. BazarLoader works by allowing to sneak in through a hidden backdoor on a user’s computer, which allows them to install viruses or other types of malware. Over the past several years, criminals have used different methods to trick users into carrying out instructions that allow BazarLoader to infect their computer. In this new campaign, Microsoft reports that such criminals are using an email/ approach.

Continue reading “Microsoft issues warning about a malware campaign involving a call center” »

Jun 24, 2021

Ransomware: Now gangs are using virtual machines to disguise their attacks

Posted by in categories: cybercrime/malcode, encryption, virtual reality

Cyber criminals are increasingly using virtual machines to compromise networks with ransomware.

By using virtual machines as part of the process, ransomware attackers are able to conduct their activity with additional subtlety, because running the payload within a virtual environment reduces the chances of the activity being discovered – until it’s too late and the ransomware has encrypted files on the host machine.

During a recent investigation into an attempted ransomware attack, cybersecurity researchers at Symantec found the ransomware operations had been using VirtualBox – a legitimate form of open-source virtual machine software – to run instances of Windows 7 to aid the installation of ransomware.

Continue reading “Ransomware: Now gangs are using virtual machines to disguise their attacks” »

Page 7 of 108First4567891011Last