Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 73

In recent years, many computer scientists have been exploring the notion of metaverse, an online space in which users can access different virtual environments and immersive experiences, using VR and AR headsets. While navigating the metaverse, users might also share personal data, whether to purchase goods, connect with other users, or for other purposes.

Past studies have consistently highlighted the limitations of password authentication systems, as there are now many cyber-attacks and strategies for cracking them. To increase the of users navigating the metaverse, therefore, password-based authentication would be far from ideal.

This inspired a team of researchers at VIT-AP University in India to create MetaSecure, a password-less authentication system for the metaverse. This system, introduced in a paper pre-published on arXiv, combines three different authentication techniques, namely device attestation, and physical security keys.

Read more | >

A new privilege escalation vulnerability has been identified in the Linux kernel by researcher Davide Ornaghi. This vulnerability might enable a local attacker to execute code on vulnerable computers with elevated rights if the kernel is installed on those systems. Additionally, Davide published the proof-of-concept and the write-up. The vulnerability, which has been assigned the tracking number CVE-2023–0179, is a stack-based buffer overflow that exists in the Netfilter subsystem. An authorized attacker might exploit this issue to get elevated privileges as root if the attacker executed a program that had been carefully written for the purpose.

The Linux kernel has a framework known as netfilter that enables a variety of networking-related actions to be performed in the form of individualized handlers. This may be accomplished by filtering incoming network packets. Netfilter provides the functionality necessary for directing packets through a network and preventing packets from reaching sensitive locations within a network by offering a variety of functions and operations for packet filtering, network address translation, and port translation. [1] These features allow Netfilter to provide the functionality required for directing packets through a network.

“The vulnerability consists of a stack buffer overflow caused by an integer underflow vulnerability within the nft payload copy vlan function,” which is triggered with nft payload expressions “as long as a VLAN tag is present in the current skb,” according to the description of the flaw.

Read more | >

A group of hackers was able to take control of a decommissioned satellite and use it to stream a hacking conference’s talks and hacker movies.

On Saturday, at the DEF CON hacking conference in Las Vegas, Karl Koscher, one of the members of a hacking enthusiasts group called Shadytel, explained how he and his friends were able to legally stream from a satellite in geostationary orbit—35,786 km or 22,236 miles from the surface of the planet.

The satellite had been decommissioned and was about to be sent to the so-called “graveyard orbit,” a far-away orbit where satellites go to die.

Read more | >

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.

With the explosive growth of technology, businesses are more vulnerable than ever to malicious cyber attacks. And as cybercriminals become more sophisticated, new methods of attack are popping up left and right.

To add fuel to the fire, the average cost of a data breach increased from $3.86 million to $4.24 million in 2021. That’s costly enough to put most SMBs into the red. Not to mention the reputational damage it can cause for your brand.

Read more | >

Making predictions is never easy, but it is agreed that cryptography will be altered by the advent of quantum computers.

Thirteen, 53, and 433. That’s the size of quantum computers.

Hh5800/iStock.

In fact, the problems used for cryptography are so complex for our present algorithms and computers that the information exchange remains secure for any practical purposes – solving the problem and then hacking the protocol would take a ridiculous number of years. The most paradigmatic example of this approach is the RSA protocol (for its inventors Ron Rivest, Adi Shamir, and Leonard Adleman), which today secures our information transmissions.

Continue reading “Quantum computers: How scientists can shield against cyber attacks” | >

The Guardian dice que un incidente cibernético a fines de diciembre de 2022 que provocó que el periódico británico cerrara sus oficinas durante semanas fue causado por ransomware e informó al personal el miércoles que los hackers habían accedido a sus datos.

Un correo electrónico enviado a su personal por la directora ejecutiva de Guardian Media Group Anna Bateson y la editora en jefe Katharine Viner dijeron que el ataque probablemente fue provocado por un correo electrónico de phishing.

El diario no entregó detalles de los datos expuestos aunque aclaró que no se ha visto afectado ningún dato personal de sus lectores o del personal en sus oficinas de EE.UU. o Australia.

Read more | >