Lifeboat News: The Blog – Safeguarding Humanity

DNA Nanorobots Unlock New Frontiers in Targeted Drug Delivery

Posted by Saúl Morales Rodriguéz in bioengineering, biotech/medical, genetics | Leave a Comment on DNA Nanorobots Unlock New Frontiers in Targeted Drug Delivery

Jan 17
2025

Scientists develop DNADNA, or deoxyribonucleic acid, is a molecule composed of two long strands of nucleotides that coil around each other to form a double helix. It is the hereditary material in humans and almost all other organisms that carries genetic instructions for development, functioning, growth, and reproduction. Nearly every cell in a person’s body has the same DNA. Most DNA is located in the cell nucleus (where it is called nuclear DNA), but a small amount of DNA can also be found in the mitochondria (where it is called mitochondrial DNA or mtDNA). tabindex=0 DNA nanorobots capable of modifying artificial cells.

Read more | >

European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China

Posted by Saúl Morales Rodriguéz in government | Leave a Comment on European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China

Jan 17
2025

Noyb files GDPR complaints against TikTok, AliExpress, and others for illegal EU-China data transfers, citing risks of Chinese government access.

Read more | >

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

Posted by Saúl Morales Rodriguéz in cybercrime/malcode | Leave a Comment on New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

Jan 17
2025

“Code executed in this early boot phase can persist on the system, potentially loading malicious kernel extensions that survive both reboots and OS reinstallation,” the CERT Coordination Center (CERT/CC) said. “Additionally, it may evade detection by OS-based and endpoint detection and response (EDR) security measures.”

Malicious actors could further expand the scope of exploitation by bringing their own copy of the vulnerable “reloader.efi” binary to any UEFI system with the Microsoft third-party UEFI certificate enrolled. However, elevated privileges are required to deploy the vulnerable and malicious files to the EFI system partition: local administrator on Windows and root on Linux.

The Slovakian cybersecurity firm said it responsibly disclosed the findings to the CERT/CC in June 2024, following which Howyar Technologies and their partners addressed the issue in the concerned products. On January 14, 2025, Microsoft revoked the old, vulnerable binaries as part of its Patch Tuesday update.

Read more | >

Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Posted by Saúl Morales Rodriguéz in robotics/AI, security | Leave a Comment on Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Jan 17
2025

Reco uncovers shadow AI in SaaS, tackling risks like excessive permissions and data leaks. Real-time security detection ensures protection.

Read more | >

Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer

Posted by Saúl Morales Rodriguéz in cybercrime/malcode | Leave a Comment on Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer

Jan 17
2025

Threat actors embed malware like VIP Keylogger in images via phishing emails and Base64 encoding, leveraging. NET loaders and GenAI-written scripts to.

Read more | >

Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes

Posted by Saúl Morales Rodriguéz in cybercrime/malcode | Leave a Comment on Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes

Jan 17
2025

Malvertising targets Google Ads users, redirecting to phishing sites that steal credentials, budgets, and 2FA codes.

Read more | >

Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99

Posted by Saúl Morales Rodriguéz in cryptocurrencies, cybercrime/malcode, finance | Leave a Comment on Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99

Jan 17
2025

“By compromising developer accounts, attackers not only exfiltrate intellectual property but also gain access to cryptocurrency wallets, enabling direct financial theft,” the company said. “The targeted theft of private and secret keys could lead to millions in stolen digital assets, furthering the Lazarus Group’s financial goals.”

The malware architecture adopts a modular design and is flexible, and capable of working across Windows, macOS, and Linux operating systems. It also serves to highlight the ever-evolving and adaptable nature of nation-state cyber threats.

“For North Korea, hacking is a revenue generating lifeline,” Sherstobitoff said. “The Lazarus Group has consistently funneled stolen cryptocurrency to fuel the regime’s ambitions, amassing staggering sums. With Web3 and cryptocurrency industries booming, Operation 99 zeroes in on these high-growth sectors.”

Read more | >

Over 660,000 Rsync servers exposed to code execution attacks

Posted by Saúl Morales Rodriguéz in futurism | Leave a Comment on Over 660,000 Rsync servers exposed to code execution attacks

Jan 17
2025

Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers.

Rsync is an open-source file synchronization and data transferring tool valued for its ability to perform incremental transfers, reducing data transfer times and bandwidth usage.

It supports local file systems transfers, remote transfers over secure protocols like SSH, and direct file syncing via its own daemon.

Read more | >

W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks

Posted by Saúl Morales Rodriguéz in futurism | Leave a Comment on W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks

Jan 17
2025

A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps.

The W3 Total Cache plugin uses multiple caching techniques to optimize a website’s speed, reduce load times, and generally improve its SEO ranking.

The flaw is tracked as CVE-2024–12365 despite the developer releasing a fix in the latest version of the product, hundreds of thousands of websites have still to install the patched variant.

Read more | >

The Year Ahead: Promise For Quantum Growth

Posted by Shubham Ghosh Roy in computing, quantum physics | Leave a Comment on The Year Ahead: Promise For Quantum Growth

Jan 17
2025

IonQ fired the first shot in the M&A opportunities for quantum startups back in 2021, becoming the first publicly traded pure-play quantum computing company. In late 2024, IonQ filed to acquire Qubitekk as part of its strategy to apply distributed computer development as a means to progress toward a CRQC computer in data centers.

I predict that IonQ, among others in the space, has just begun its M&A program.

Expect to see acquisitions, mergers and joint ventures across geographies in the coming year, with several interesting possibilities in Europe.

Read more | >