Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 82

A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims’ passwords, and ultimately breach networks for ransomware attacks.

Over the past couple of weeks, cybersecurity researchers MalwareHunterTeam, Germán Fernández, and Will Dormann have illustrated how Google search results have become a hotbed of malicious advertisements pushing malware.

These ads pretend to be websites for popular software programs, like LightShot, Rufus, 7-Zip, FileZilla, LibreOffice, AnyDesk, Awesome Miner, TradingView, WinRAR, and VLC.

Read more | >

Polymorphic malware could be easily made using ChatGPT. With relatively little effort or expenditure on the part of the attacker, this malware’s sophisticated capabilities can readily elude security tools and make mitigation difficult.

Malicious software called ‘Polymorphic Malware’ has the capacity to alter its source code in order to avoid detection by antivirus tools. It is a very potent threat because it may quickly change and propagate before security systems can catch it.

According to researchers, getting around the content filters that prevent the chatbot from developing dangerous software is the first step. The bot was instructed to complete the task while adhering to a number of constraints, and the researchers were given a working code as an outcome.

Read more | >

Sometimes, ChatGPT made “surprising” mistakes in school-level math.

Microsoft-backed OpenAI’s AI chatbot ChatGPT has been making headlines ever since it was released to the public on November 30. It can break down complex scientific concepts, compose poems, write stories, code, and create malware…the list is endless. OpenAI has also released a paid version of the chatbot. Known as ‘ChatGPT Professional’, it is available at $42 per month.

Bauna/iStock.

Students have also been using the chatbot to complete assignments. It turns out it can clear examinations, too, with flying colors. Christian Terwiesch, a professor at the Wharton School School of Business, University of Pennsylvania, tested the performance of ChatGPT in an MBA exam. He questioned the chatbot on Operations Management, a core MBA subject.

Read more | >

In recent years, many computer scientists have been exploring the notion of metaverse, an online space in which users can access different virtual environments and immersive experiences, using VR and AR headsets. While navigating the metaverse, users might also share personal data, whether to purchase goods, connect with other users, or for other purposes.

Past studies have consistently highlighted the limitations of password authentication systems, as there are now many cyber-attacks and strategies for cracking them. To increase the of users navigating the metaverse, therefore, password-based authentication would be far from ideal.

This inspired a team of researchers at VIT-AP University in India to create MetaSecure, a password-less authentication system for the metaverse. This system, introduced in a paper pre-published on arXiv, combines three different authentication techniques, namely device attestation, and physical security keys.

Read more | >

A new privilege escalation vulnerability has been identified in the Linux kernel by researcher Davide Ornaghi. This vulnerability might enable a local attacker to execute code on vulnerable computers with elevated rights if the kernel is installed on those systems. Additionally, Davide published the proof-of-concept and the write-up. The vulnerability, which has been assigned the tracking number CVE-2023–0179, is a stack-based buffer overflow that exists in the Netfilter subsystem. An authorized attacker might exploit this issue to get elevated privileges as root if the attacker executed a program that had been carefully written for the purpose.

The Linux kernel has a framework known as netfilter that enables a variety of networking-related actions to be performed in the form of individualized handlers. This may be accomplished by filtering incoming network packets. Netfilter provides the functionality necessary for directing packets through a network and preventing packets from reaching sensitive locations within a network by offering a variety of functions and operations for packet filtering, network address translation, and port translation. [1] These features allow Netfilter to provide the functionality required for directing packets through a network.

“The vulnerability consists of a stack buffer overflow caused by an integer underflow vulnerability within the nft payload copy vlan function,” which is triggered with nft payload expressions “as long as a VLAN tag is present in the current skb,” according to the description of the flaw.

Read more | >

A group of hackers was able to take control of a decommissioned satellite and use it to stream a hacking conference’s talks and hacker movies.

On Saturday, at the DEF CON hacking conference in Las Vegas, Karl Koscher, one of the members of a hacking enthusiasts group called Shadytel, explained how he and his friends were able to legally stream from a satellite in geostationary orbit—35,786 km or 22,236 miles from the surface of the planet.

The satellite had been decommissioned and was about to be sent to the so-called “graveyard orbit,” a far-away orbit where satellites go to die.

Read more | >