Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog – Page 43

At the core of the operation is a previously undocumented NFC relay technique that enables threat actors to fraudulently authorize point-of-sale (PoS) payments and Automated Teller Machine (ATM) withdrawals by intercepting and relaying NFC communications from infected devices.

To do this, the attackers urge the victims to bring their debit or credit card in close physical proximity to their mobile device, which then allows the SuperCard X malware to stealthily capture the transmitted card details and relay them to an external server. The harvested card information is then utilized on a threat actor-controlled device to conduct unauthorized transactions.

The application that’s distributed to victims for capturing NFC card data is called a Reader. A similar app known as Tapper is installed on the threat actor’s device to receive the card information. Communication between the Reader and Tapper is carried out using HTTP for command-and-control (C2) and requires cybercriminals to be logged in.

Read more | >

Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that were mistakenly logged into internal systems.

On Saturday morning, numerous organizations reported that they began receiving Microsoft Entra alerts that accounts had leaked credentials, causing the accounts to be locked out automatically.

Impacted customers initially thought the account lockouts were tied to the rollout of a new enterprise application called “MACE Credential Revocation,” installed minutes before the alerts were issued.

Read more | >

A large-scale ad fraud operation called ‘Scallywag’ is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that generate billions of daily fraudulent requests.

Scallywag was uncovered by bot and fraud detection firm HUMAN, which mapped a network of 407 domains supporting the operation that peaked at 1.4 billion fraudulent ad requests per day.

HUMAN’s efforts to block and report Scallywag traffic have resulted in its shrinking by 95%, although the threat actors have shown resilience by rotating domains and moving to other monetization models.

Read more | >

In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google’s systems, passing all verifications but pointing to a fraudulent page that collected logins.

The attacker leveraged Google’s infrastructure to trick recipients into accessing a legitimate-looking “support portal” that asks for Google account credentials.

The fraudulent message appeared to come from “[email protected]” and passed the DomainKeys Identified Mail (DKIM) authentication method but the real sender was different.

Read more | >

A proposed protocol allows for the teleportation of collective spin-coherent states, as well as entangled spin-squeezed and Dicke states, between nuclear spin degrees of freedom in a two-dimensional trapped-ion crystal. Beyond teleportation, generalizations of the protocol could be used for retroactive squeezing generation and enhanced displacement sensing in a Penning trap, as well as in other systems featuring collective spin-spin interactions within synthetic dimensions or spatially separated arrays.

Read more | >

Tuberculosis (TB) is an infectious disease that kills more than a million people worldwide every year. The pathogen that causes the disease, Mycobacterium tuberculosis, is deadly in part because of its complex outer envelope, which helps it evade immune responses of infected hosts.

In an ACS Infectious Diseases paper, researchers developed a chemical probe to study a key component of this envelope. Their results provide a step toward finding new ways of inactivating the bacterium.

Because curing TB requires taking drugs for months, which can result in TB resistance to some antibiotics, scientists are working to develop new treatments. One possible target is the bacterium’s outermost layer, called the mycomembrane, which protects the bacteria from stressors. When M. is attacked by a host’s macrophage , the mycomembrane produces compounds that suppress the infected host’s immune response.

Read more | >