Menu

Blog

Page 5

May 31, 2023

The Laboratory of the Future: How New Technologies Reform Research

Posted by in categories: robotics/AI, sustainability

New advancements in automation, AI, connectivity, sustainability, and more propel research forward.

May 31, 2023

If your Laptop or PC has Gigabyte motherboard then it has backdoor for hackers

Posted by in categories: cybercrime/malcode, internet

Researchers at the cybersecurity firm Eclypsium, which focuses on firmware, reported today that they have found a secret backdoor in the firmware of motherboards manufactured by the Taiwanese manufacturer Gigabyte’s components are often used in gaming PCs and other high-performance systems. Eclypsium discovered that whenever a computer with the affected Gigabyte motherboard restarts, code inside the motherboard’s firmware silently triggers the launch of an updater application, which then downloads and runs another piece of software on the machine. Researchers discovered that the hidden code was built in an unsafe manner, making it possible for the mechanism to be hijacked and used to install malware rather than Gigabyte’s intended software.

Despite the fact that Eclypsium claims the hidden code is intended to be a harmless utility to keep the motherboard’s firmware updated, researchers determined that the implementation was vulnerable. And since the updater application is activated from the computer’s firmware rather than the operating system, it is difficult for users to either delete it or even detect it on their own. In the blog post, the company details the 271 different versions of Gigabyte motherboards that the researchers think are vulnerable. According to experts, individuals who are interested in discovering the motherboard that is used by their computer may do so by selecting “Start” in Windows and then selecting “System Information.”

Users who don’t trust Gigabyte to silently install code on their machine with a nearly invisible tool may have been concerned by Gigabyte’s updater alone. Other users may have been concerned that Gigabyte’s mechanism could be exploited by hackers who compromise the motherboard manufacturer to exploit its hidden access in a software supply chain attack. The update process was designed and built with obvious flaws that left it susceptible to being exploited in the following ways: It downloads code to the user’s workstation without properly authenticating it, and in certain cases, it even does it through an unsecured HTTP connection rather than an HTTPS one. This would make it possible for a man-in-the-middle attack to be carried out by anybody who is able to intercept the user’s internet connection, such as a malicious Wi-Fi network. The attack would enable the installation source to be faked.

May 31, 2023

New phishing technique to allows hacking someone using.zip &.mov domains

Posted by in category: cybercrime/malcode

When a victim visits a website ending in. ZIP, a recently developed phishing method known as “file archiver in the browser” may be used to “emulate” file-archiving software in the target’s web browser.

According to information published by a security researcher named mr.d0x last week, “with this phishing attack, you simulate a file archiver software (e.g., WinRAR) in the browser and use a.zip domain to make it appear more legitimate,”

In a nutshell, threat actors could develop a realistic-looking phishing landing page using HTML and CSS that replicates genuine file archiving software. They could then host the website on a.zip domain, which would elevate social engineering tactics to a higher level.

May 31, 2023

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

Posted by in categories: computing, internet

Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT.

“Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT,” the JPCERT Coordination Center (JPCERT/CC) said in a report published today.

The compromise of an internet-exposed router is followed by the deployment of a loader script that acts as a conduit for delivering GobRAT, which, when launched, masquerades as the Apache daemon process (apached) to evade detection.

May 31, 2023

CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security

Posted by in categories: cybercrime/malcode, food, robotics/AI

Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish legitimate users from bot traffic.

“Because cybercriminals are keen on breaking CAPTCHAs accurately, several services that are primarily geared toward this market demand have been created,” Trend Micro said in a report published last week.

“These CAPTCHA-solving services don’t use [optical character recognition] techniques or advanced machine learning methods; instead, they break CAPTCHAs by farming out CAPTCHA-breaking tasks to actual human solvers.”

May 31, 2023

Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining

Posted by in categories: cryptocurrencies, internet

A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement.

The findings come from the SANS Internet Storm Center (ISC), which detected a spike in HTTP requests for “/nifi” on May 19, 2023.

“Persistence is achieved via timed processors or entries to cron,” said Dr. Johannes Ullrich, dean of research for SANS Technology Institute. “The attack script is not saved to the system. The attack scripts are kept in memory only.”

May 31, 2023

Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices

Posted by in category: cybercrime/malcode

Cybersecurity researchers have found “backdoor-like behavior” within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format.

Firmware security firm Eclypsium said it first detected the anomaly in April 2023. Gigabyte has since acknowledged and addressed the issue.

“Most Gigabyte firmware includes a Windows Native Binary executable embedded inside of the UEFI firmware,” John Loucaides, senior vice president of strategy at Eclypsium, told The Hacker News.

May 31, 2023

Scientists’ report world’s first X-ray of a single atom

Posted by in categories: particle physics, quantum physics

“” This achievement connects synchrotron X-rays with quantum tunneling process to detect X-ray signature of an individual atom and opens many exciting research directions including the research on quantum and spin (magnetic) properties of just one atom using synchrotron X-rays,” Hla said.”


A team of scientists from Ohio University, Argonne National Laboratory, the University of Illinois-Chicago, and others, led by Ohio University Professor of Physics, and Argonne National Laboratory scientist, Saw Wai Hla, have taken the world’s first X-ray SIGNAL (or SIGNATURE) of just one atom. This groundbreaking achievement could revolutionize the way scientists detect the materials.

May 31, 2023

A Cosmic Conundrum: The Black Hole That Creates Stars, Defying Conventional Wisdom

Posted by in category: cosmology

A recent discovery made by astronomers operating the Hubble Space Telescope has revealed the presence of a black hole at the center of a dwarf galaxy that actually creates stars instead of consuming them. This revelation has challenged the common perception that black holes only destroy matter.

The method by which stars are formed in this particular dwarf galaxy, named Henize 2–10, is fundamentally different from how stars are formed in larger galaxies. Astronomers have observed that gas moves around the black hole before merging with a core of dense gas present in the galaxy.

The Hubble spectroscopy revealed that the outflow of this gas was traveling at a rate of a million miles per hour, which eventually collided with the dense gas present in the galaxy. The outflow created clusters of newly born stars on its path.

May 31, 2023

Examining a nanocrystal that shines on and off indefinitely

Posted by in categories: engineering, nanotechnology

In 2021, lanthanide-doped nanoparticles made waves—or rather, an avalanche—when Changwan Lee, then a Ph.D. student in Jim Schuck’s lab at Columbia Engineering, set off an extreme light-producing chain reaction from ultrasmall crystals developed at the Molecular Foundry at Berkeley Lab. Those same crystals are back again with a blink that can now be deliberately and indefinitely controlled.

“We’ve found the first fully photostable, fully photoswitchable nanoparticle—a holy grail of nanoprobe design,” said Schuck, associate professor of mechanical engineering.

This unique material was synthesized in the laboratories of Emory Chan and Bruce Cohen at the Molecular Foundry, Lawrence Berkeley National Laboratory as well as in a national lab in South Korea. The research team also included Yung Doug Suh’s lab at Ulsan National Institute of Science and Technology (UNIST).

Page 5 of 9,175First23456789Last