Lifeboat Foundation

Researchers at the cybersecurity firm Eclypsium, which focuses on firmware, reported today that they have found a secret backdoor in the firmware of motherboards manufactured by the Taiwanese manufacturer Gigabyte’s components are often used in gaming PCs and other high-performance systems. Eclypsium discovered that whenever a computer with the affected Gigabyte motherboard restarts, code inside the motherboard’s firmware silently triggers the launch of an updater application, which then downloads and runs another piece of software on the machine. Researchers discovered that the hidden code was built in an unsafe manner, making it possible for the mechanism to be hijacked and used to install malware rather than Gigabyte’s intended software.

Despite the fact that Eclypsium claims the hidden code is intended to be a harmless utility to keep the motherboard’s firmware updated, researchers determined that the implementation was vulnerable. And since the updater application is activated from the computer’s firmware rather than the operating system, it is difficult for users to either delete it or even detect it on their own. In the blog post, the company details the 271 different versions of Gigabyte motherboards that the researchers think are vulnerable. According to experts, individuals who are interested in discovering the motherboard that is used by their computer may do so by selecting “Start” in Windows and then selecting “System Information.”

Users who don’t trust Gigabyte to silently install code on their machine with a nearly invisible tool may have been concerned by Gigabyte’s updater alone. Other users may have been concerned that Gigabyte’s mechanism could be exploited by hackers who compromise the motherboard manufacturer to exploit its hidden access in a software supply chain attack. The update process was designed and built with obvious flaws that left it susceptible to being exploited in the following ways: It downloads code to the user’s workstation without properly authenticating it, and in certain cases, it even does it through an unsecured HTTP connection rather than an HTTPS one. This would make it possible for a man-in-the-middle attack to be carried out by anybody who is able to intercept the user’s internet connection, such as a malicious Wi-Fi network. The attack would enable the installation source to be faked.

Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT.

“Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT,” the JPCERT Coordination Center (JPCERT/CC) said in a report published today.

The compromise of an internet-exposed router is followed by the deployment of a loader script that acts as a conduit for delivering GobRAT, which, when launched, masquerades as the Apache daemon process (apached) to evade detection.

A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement.

The findings come from the SANS Internet Storm Center (ISC), which detected a spike in HTTP requests for “/nifi” on May 19, 2023.

“Persistence is achieved via timed processors or entries to cron,” said Dr. Johannes Ullrich, dean of research for SANS Technology Institute. “The attack script is not saved to the system. The attack scripts are kept in memory only.”

Baidu Inc. is investing 1 billion yuan ($140 million) to nurture Chinese startups that explore generative AI, leveraging its Ernie AI model to help drive innovation.

Baidu Inc., China’s internet search leader, is investing 1 billion yuan ($140 million) to incubate Chinese startups that focus on generative AI. As reported in Bloomberg, the move makes Baidu a part of the global investment wave centering on ChatGPT-like services.

Baidu’s $140 Million Venture into Generative AI Startups

Continue reading “Baidu invests $140 million to foster generative AI startups” »

From AI discovering a new antibiotic to IBM’s planned 100,000-qubit quantum computer, check out this week’s awesome tech stories from around the web.

Google, the internet-spanning librarian of all of digital time and space, is expanding access to its new generative AI experience for Search — and you could be among the lucky few to try out this new feature in just a few clicks.

The generative AI experience for Search was unveiled at Google I/O and seeks to provide Googlers with a speedier, more natural approach to finding the information they want online — similar to the offerings of Microsoft’s Bing Chat. One key difference between the two being people actually use Google Search.

Program & apply to join: https://foresight.org/existential-hope/
Foresight Existential Hope Group.

Kevin kelly, wired magazine | pioneering visions of a high-tech future.

Continue reading “Kevin Kelly, Wired Magazine | Pioneering Visions of a High-Tech Future” »

Enabled by a constellation of low Earth orbit satellites, Starlink will provide fast, reliable internet to populations with little or no connectivity, including those in rural communities and places where existing services are too expensive or unreliable.

Engineers in Japan just shattered the world record for the fastest internet speed, achieving a data transmission rate of 319 Terabits per second (Tb/s), according to a paper presented at the International Conference on Optical Fiber Communications in June. The new record was made on a line of fibers more than 1,864 miles (3,000 km) long. And, crucially, it is compatible with modern-day cable infrastructure.