Archive for the ‘cybercrime/malcode’ category: Page 8

Mar 11, 2023

AT&T data breach compromises roughly nine million accounts, here’s what you need to know

Posted by in category: cybercrime/malcode

It looks like AT&T experienced a data breach, leaving roughly 9 million customers data exposed. The data breach didn’t come directly from the wireless carrier, but occurred with one of its vendors.

The news originates from the AT&T forums, where customers were curious about an email that has apparently been going out to affected customers since last week. The email discusses the breach the wireless carrier experienced, sharing that it occurred with one of its vendor’s systems, which gave access to the wireless carrier’s “Customer Proprietary Network Information” (CPNI) system.

Mar 8, 2023

New malware variant has “radio silence” mode to evade detection

Posted by in categories: cybercrime/malcode, government

The Sharp Panda cyber-espionage hacking group is targeting high-profile government entities in Vietnam, Thailand, and Indonesia with a new version of the ‘Soul’ malware framework.

The particular malware was previously seen in espionage campaigns targeting critical Southeast Asian organizations, attributed to various Chinese APTs.

Check Point identified a new campaign using the malware that started in late 2022 and continues through 2023, employing spear-phishing attacks for initial compromise.

Mar 7, 2023

A new inference attack that could enable access to sensitive user data

Posted by in categories: cybercrime/malcode, information science, robotics/AI

As the use of machine learning (ML) algorithms continues to grow, computer scientists worldwide are constantly trying to identify and address ways in which these algorithms could be used maliciously or inappropriately. Due to their advanced data analysis capabilities, in fact, ML approaches have the potential to enable third parties to access private data or carry out cyberattacks quickly and effectively.

Morteza Varasteh, a researcher at the University of Essex in the U.K., has recently identified new type of inference attack that could potentially compromise confidential user data and share it with other parties. This attack, which is detailed in a paper pre-published on arXiv, exploits vertical federated learning (VFL), a distributed ML scenario in which two different parties possess different information about the same individuals (clients).

“This work is based on my previous collaboration with a colleague at Nokia Bell Labs, where we introduced an approach for extracting private user information in a data center, referred to as the passive party (e.g., an ),” Varasteh told Tech Xplore. “The passive party collaborates with another , referred to as the active party (e.g., a bank), to build an ML algorithm (e.g., a credit approval algorithm for the bank).”

Mar 6, 2023

Get Quote

Posted by in categories: business, cybercrime/malcode, education

Get a real time quote from over 300 cutting edge providers worldwide while maintaining contact with FreedomFire Communications only. Our suppliers offer best-in-class business ethernet/fiber networks, network security solutions and cybersecurity educational programs, digital transformation tools and resources, IoT network ecosystems (sensor technology, network connectivity, data analytics), and more… at the most competitive price available with industry leading customer service and support.

Mar 3, 2023

Billions of Android and iPhone users told to search texts over ‘bank blitzkrieg’

Posted by in categories: cybercrime/malcode, mobile phones

WHETHER you’re an Android fan or an iPhone lover, you should be wary of a common text message scam.

It’s called “smishing” and has been flagged by the experts at Security Intelligence as a growing problem.

Smishing is essentially the same as phishing, the common email scam technique that tries to get you to give away personal data.

Mar 2, 2023

Hackers could try to take over a military aircraft; can a cyber shuffle stop them?

Posted by in categories: cybercrime/malcode, information science, military, space travel

A cybersecurity technique that shuffles network addresses like a blackjack dealer shuffles playing cards could effectively befuddle hackers gambling for control of a military jet, commercial airliner or spacecraft, according to new research. However, the research also shows these defenses must be designed to counter increasingly sophisticated algorithms used to break them.

Many aircraft, spacecraft and weapons systems have an onboard computer network known as military standard 1,553, commonly referred to as MIL-STD-1553, or even just 1553. The network is a tried-and-true protocol for letting systems like radar, flight controls and the heads-up display talk to each other.

Securing these networks against a is a national security imperative, said Chris Jenkins, a Sandia cybersecurity scientist. If a hacker were to take over 1,553 midflight, he said, the pilot could lose control of critical aircraft systems, and the impact could be devastating.

Feb 28, 2023

US Marshals Service hit with ransomware attack

Posted by in category: cybercrime/malcode

The United States Marshals Service (USMS) was hit with a ransomware attack the agency said in a statement. The incident occurred on February 17, and “officials determined that it constitutes a major incident,” according to an agency spokesperson.

Ransomware is a type of malware that locks up computer systems until a “ransom” is paid to unlock the system.

Feb 28, 2023

LastPass says employee’s home computer was hacked and corporate vault taken

Posted by in categories: cybercrime/malcode, encryption

Already smarting from a breach that put partially encrypted login data into a threat actor’s hands, LastPass on Monday said that the same attacker hacked an employee’s home computer and obtained a decrypted vault available to only a handful of company developers.

Although an initial intrusion into LastPass ended on August 12, officials with the leading password manager said the threat actor “was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activity” from August 12 to August 26. In the process, the unknown threat actor was able to steal valid credentials from a senior DevOps engineer and access the contents of a LastPass data vault. Among other things, the vault gave access to a shared cloud-storage environment that contained the encryption keys for customer vault backups stored in Amazon S3 buckets.

Feb 28, 2023

A simple DIY hoodie can fool security cameras

Posted by in categories: cybercrime/malcode, surveillance

Pierce, an artist whose work critically engages with weaponized emerging technologies, recently unveiled their latest ingenious project—an everyday hoodie retrofitted to include an array of infrared (IR) LEDs that, when activated, blinds any nearby night vision security cameras. Using mostly off-the-shelf components like LumiLED lights, an Adafruit microcontroller, and silicone wire, as well as we software Pierce that made open-source for interested DIYers, the privacy-boosting “Camera Shy Hoodie” is designed to enable citizens to safely engage in civic protests and demonstrations. Or, wearers can just simply opt-out of being tracked by unknown third-parties while walking down the street.

A DIY hack for hoodies emits infrared LEDs to obscure wearers’ faces from invasive surveillance camera tracking.

Feb 27, 2023

ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks

Posted by in category: cybercrime/malcode

A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk (VHD) files, marking a deviation from the ISO optical disc image format.

“These VHD files are being distributed with filenames that make them appear like either hacks or cracks for Nintendo and Steam games,” AhnLab Security Emergency response Center (ASEC) said in a report last week.

ChromeLoader (aka Choziosi Loader or ChromeBack) originally surfaced in January 2022 as a browser-hijacking credential stealer but has since evolved into a more potent, multifaceted threat capable of stealing sensitive data, deploying ransomware, and even dropping decompression bombs.

Page 8 of 172First56789101112Last