Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog – Page 3

Morphisec CTO Michael Gorelik told The Hacker News that there is evidence connecting the two activity clusters, and that the deceptive Chrome installer site was previously leveraged to download the Gh0st RAT payload.

“This campaign specifically targeted Chinese-speaking users, as indicated by the use of Chinese-language web lures and applications aimed at data theft and evasion of defenses by the malware,” Gorelik said.

“The links to the fake Chrome sites are primarily distributed through drive-by download schemes. Users searching for the Chrome browser are directed to these malicious sites, where they inadvertently download the fake installer. This method exploits the users’ trust in legitimate software downloads, making them susceptible to infection.”

Read more | >

A 7-Zip vulnerability allowing attackers to bypass the Mark of the Web (MotW) Windows security feature was exploited by Russian hackers as a zero-day since September 2024.

According to Trend Micro researchers, the flaw was used in SmokeLoader malware campaigns targeting the Ukrainian government and private organizations in the country.

The Mark of the Web is a Windows security feature designed to warn users that the file they’re about to execute comes from untrusted sources, requesting a confirmation step via an additional prompt. Bypassing MoTW allows malicious files to run on the victim’s machine without a warning.

Read more | >

AMD has released mitigation and firmware updates to address a high-severity vulnerability that can be exploited to load malicious CPU microcode on unpatched devices.

The security flaw (CVE-2024–56161) is caused by an improper signature verification weakness in AMD’s CPU ROM microcode patch loader.

Attackers with local administrator privileges can exploit this weakness, resulting in the loss of confidentiality and integrity of a confidential guest running under AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP).

Read more | >

Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online.

As Microsoft Threat Intelligence experts recently discovered, some developers use ASP.NET validationKey and decryptionKey keys (designed to protect ViewState from tampering and information disclosure) found on code documentation and repository platforms in their own software.

ViewState enables ASP.NET Web Forms to control state and preserve user inputs across page reloads. However, if attackers get the machine key designed to protect it from tampering and information disclosure, they can use it in code injection attacks to craft malicious payloads by attaching crafted message authentication code (MAC).

Read more | >

The FCC has proposed a $4,492,500 fine against VoIP service provider Telnyx for allegedly allowing customers to make robocalls posing as fictitious FCC “Fraud Prevention Team,” by failing to comply with Know Your Customer (KYC) rules. However, Telnyx says the FCC is mistaken and denies the accusations.

The individuals behind these calls registered Telnyx accounts using the “Christian Mitchell” and “Henry Walker” names with the same address in Toronto, Canada, but IP addresses from Scotland and England. They are known as the “MarioCop” accounts because they both used email addresses on the same mariocop123.com domain.

Between February 6 and February 7, 2024, they made 1,797 imposter calls before Telnyx terminated their accounts. Ironically, their calls also reached over a dozen FCC staff and family members on their personal and work phone numbers one year ago.

Read more | >

What types of new plastics can be developed with enhanced recycling capabilities? This is what a recent study published in Nature hopes to address as a team of researchers at Cornell University have developed an enhanced type of thermoset, which is built from a type of polymer that is often difficult to recycle, resulting in it being put back into the atmosphere from burning it or into landfills, which destroy marine ecosystems. This study has the potential to help scientists, engineers, policymakers, and the public better understand new recycling methods that can be used to both help the environment and mitigate the impacts of climate change.

For the study, the researchers used a bio-sourced material known as dihydrofuran (DHF) to design and build a new thermoset polymer that maintains its robustness while ensuring safely being recycled through heat and environmental degradation. When compared to traditional thermosets, the DHF thermosets can still be used for a myriad of commercial applications, including footwear, electronics, and garden hoses, just to name a few.

“We’ve spent 100 years trying to make polymers that last forever, and we’ve realized that’s not actually a good thing,” said Dr. Brett Fors, who is a professor of physical chemistry at Cornell University and a co-author on the study. “Now we’re making polymers that don’t last forever, that can environmentally degrade.”

Read more | >

Computational genes.

Single-cell decisions made in complex environments underlie many bacterial phenomena. Image-based transcriptomics approaches offer an avenue to study such behaviors, yet these approaches have been hindered by the massive density of bacterial messenger RNA. To overcome this challenge, we combined 1000-fold volumetric expansion with multiplexed error-robust fluorescence in situ hybridization (MERFISH) to create bacterial-MERFISH. This method enables high-throughput, spatially resolved profiling of thousands of operons within individual bacteria. Using bacterial-MERFISH, we dissected the response of Escherichia coli to carbon starvation, systematically mapped subcellular RNA organization, and charted the adaptation of a gut commensal Bacteroides thetaiotaomicron to micrometer-scale niches in the mammalian colon.

Read more | >

An interesting paper where Schuette et al. develop a generative diffusion-based AI model for predicting the 3D structure of chromatin. Their model takes chromatin accessibility sequence data as input and outputs a statistical distribution of predicted 3D chromatin structures. Remarkably, their model generalizes across cell types, making it broadly useful! #computationalbiology #ai #generativeai

Computational approaches for predicting chromatin conformations de novo using only sequencing data remain scarce. Compared to existing polymer simulation–based prediction approaches, ChromoGen maintains unique advantages. The generative nature of ChromoGen enables efficient production of statistically independent samples, thus avoiding the inefficient navigation of state space that polymer simulations require to produce a diverse set of conformations. Moreover, ChromoGen’s transformer-based front end provides additional advantages, extracting features from sequencing data and placing the information in low-dimensional embeddings that the diffusion model handles efficiently. This powerful design markedly reduces the computational cost of each diffusion step, providing a practical means to achieve cell type–specific de novo predictions with the full benefit of DNA sequence and chromatin accessibility data. In contrast, incorporating DNA sequence information into polymer models has long been a challenging task that is often indirectly addressed by incorporating various histone marks.

In its current form, ChromoGen can be immediately applied to any cell type with available DNAse-seq data, enabling a vast number of studies into the heterogeneity of genome organization both within and between cell types to proceed. However, several improvements could enhance its utility. Notably, the current model exclusively predicts chromatin conformations in 1.28-Mb regions at 20-kb resolution, the latter restriction primarily stemming from our decision to maximize resolution within the constraints imposed by the available Dip-C data. However, higher-resolution single-cell datasets are becoming available, such as those at 5-kb resolution (50), and we anticipate that ChromoGen will require no modifications to perform well after training on these improved datasets. Similarly, we anticipate that ChromoGen can be directly applied to longer genomic regions if using a lower resolution, e.g.

Read more | >