Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 85

This robot mimics humans, cleans washbasins, completes multiple tasks

By using sensor-embedded sponges and data, Vienna researchers quickly trained robots to clean washbasins.

Thanks to researchers at TU Wein in Vienna, the promise of housecleaning robots is one step closer. The team has developed a self-learning robot to mimic humans to complete simple tasks like cleaning washbasins.

While this might sound mundane, the development is very significant as hard coding a robot to move a sponge over the complex curved edges of a washbasin would be a monumental task. To this end, the research team found a hack by blending observation with tactile data from human teachers to train robots to copy the same task.

Mysterious Mastercard Data Breach Triggers Bank Warning As Customers Urged To ‘Pay Close Attention’ To Money Movements

A US bank is warning customers of a security “intrusion” that may have compromised Mastercard account numbers and other financial data.

Maryland-based Eagle Bank says it has received a notice from Mastercard, stating an unnamed US merchant allowed unauthorized access to account information between August 15th, 2023, and May 25th, 2024.

The bank revealed the breach in a filing with the Massachusetts state government.

US ‘false flag’ operations pollute global cyberspace

Illustration: Liu Rui/GT

China on Monday released its third report on the “Volt Typhoon” investigation. The report not only provides critical new information but also delivers a clearer message to responsible stakeholders concerned with global cyberspace security and governance: A previously underappreciated threat must be taken seriously. This threat originates from US intelligence agencies and security bodies, which, possessing superior technological capabilities, engage in “false flag” operations — activities carried out to deliberately conceal the true origin of cyberattacks while falsely attributing responsibility to someone else, particularly an opponent. To serve their own interests, these organizations openly or tacitly collaborate with high-tech companies.

The Marble Framework mentioned in the latest investigative report was first exposed in 2017 when WikiLeaks claimed to have obtained information from inside the CIA’s Center for Cyber Intelligence. Developed by the CIA as an anti-forensics tool, the primary function of the Marble Framework is to obscure and disguise the true origins of cyberattacks, making it difficult to trace these attacks back to the actual perpetrators. The Marble Framework employs string obfuscation to hide textual information within the malware, as this text often provides forensic experts with clues to identify the developer or country of origin behind the malicious software.

New tool bypasses Google Chrome’s new cookie encryption system

A researcher has released a tool to bypass Google’s new App-Bound encryption cookie-theft defenses and extract saved credentials from the Chrome web browser.

The tool, named ‘Chrome-App-Bound-Encryption-Decryption,’ was released by cybersecurity researcher Alexander Hagenah after he noticed that others were already figuring out similar bypasses.

Although the tool achieves what multiple infostealer operations have already added to their malware, its public availability raises the risk for Chrome users who continue to store sensitive data in their browsers.

DDoS site Dstat.cc seized and two suspects arrested in Germany

The Dstat.cc DDoS review platform has been seized by law enforcement, and two suspects have been arrested after the service helped fuel distributed denial-of-service attacks for years.

The seizure and arrests were conducted as part of “Operation PowerOFF,” an ongoing international law enforcement operation that targets DDoS-for-hire platforms, aka “booters” or “stressers,” to seize infrastructure and arrest the operators.

These platforms are responsible for service disruptions to online services and can cause significant economic damages, as well as impact to the operation of critical services, such as healthcare.

Nokia says hackers leaked third-party app source code

Nokia’s investigation of recent claims of a data breach found that the source code leaked on a hacker forum belongs to a third party and company and customer data has not been impacted.

The statement comes in response to threat actor IntelBroker earlier this week releasing data belonging to Nokia, allegedly stolen after breaching a third-party vendor’s server.

The hacker tried to sell the data, claiming that it includes SSH keys, source code, RSA keys, BitBucket logins, SMTP accounts, webhooks, and hardcoded credentials, but they decided to leak it after Nokia denied the breach.

/* */