Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog – Page 6766

Attackers are exploiting the ProxyLogon Microsoft Exchange Server flaws to co-opt vulnerable machines to a cryptocurrency botnet named Prometei, according to new research.

“Prometei exploits the recently disclosed Microsoft Exchange vulnerabilities associated with the HAFNIUM attacks to penetrate the network for malware deployment, credential harvesting and more,” Boston-based cybersecurity firm Cybereason said in an analysis summarizing its findings.

First documented by Cisco Talos in July 2020, Prometei is a multi-modular botnet, with the actor behind the operation employing a wide range of specially-crafted tools and known exploits such as EternalBlue and BlueKeep to harvest credentials, laterally propagate across the network and “increase the amount of systems participating in its Monero-mining pool.”

Read more | >

An unprecedented event occurred a few hours ago when, by mistake, thousands of users received an email from Twitter requesting users to confirm their accounts, giving the impression of being a massive phishing attack. This incident, which began around 10:00 PM on Thursday, impacted individual and business accounts alike.

The subject line of these messages only mentioned the phrase “Confirm your Twitter account”, and included a button to complete the action. While these messages seemed legitimate, the cybersecurity community soon began to question their provenance and intentions, as this clearly seemed like a simple but effective phishing attack.

During the minutes following the sending of this message, users began posting their doubts on Twitter and other social media platforms.

Read more | >

A new phishing campaign targets specific targets by trying to distribute various remote access Trojan (RAT) variants. According to Cisco Talos Intelligence researchers, this hacking campaign was identified as “Fajan” and could be being operated from an Arabic-speaking country.

Experts believe this campaign would have started in early March, starting with a commitment to “low-profile” targets to determine whether malware samples were properly distributed or some debugging process was needed.

Attacks begin in the form of emails specifically addressed to Bloomberg Industry Group customers. This company adds news content on platforms for various industries, such as law, taxes and accounting, and government, and sells them to its various customers.

Read more | >

Human Security cybersecurity specialists reveal the finding of a massive botnet made up of compromised Android devices. This malicious operation, identified as Pareto, would aim to conduct advertising fraud related to payment connected television (CTV) services and would so far be made up of about one million infected devices.

As you will recall, the term botnet refers to a network of computer systems committed to a specific malware variant, executed autonomously and automatically and under remote control by attack operators.

Experts say hackers have used dozens of mobile apps to mimic the image of over 6000 CTV apps, equivalent to around 650 million ad requests per day. This botnet was first identified in 2020 and since then companies such as Google and Roku have tried to mitigate their progress, although operators have managed to grow inordinately.

Read more | >

A recent security report mentions that a dark web leak containing access keys has been published to more than 1.3 million Windows Remote Desktop servers. This is a clear indication of the scope of cybercrime and could even be binding on other incidents of which cybersecurity community knows little.

It’s not all bad news, as network administrators will also benefit from a new service launched by advanced cybersecurity firm Advanced Intel called RDPwned that allows you to verify whether an organization’s RDP credentials have been sold on the hacking black market.

As users may remember, Remote Desktop Protocol (RDP) is a Microsoft remote access solution that allows users to remotely access applications and the desktop of a Windows device. Due to their frequent use in corporate networks, malicious hackers develop an important market around the theft and sale of stolen access credentials to multiple public and private organizations.

Read more | >

There is no putting the genie back in the bottle. The AI arms race is well underway and leading militaries worldwide do not want to be in second place or worse. Where this will lead is subject to conjecture. Clearly, however, the wars of the future will be fought and determined by AI more than traditional “military might.” The ethical use of AI in these applications remains an open-ended issue. It was within the mandate of the NSCAI report to recommend restrictions on how the technology should be used, but this was unfortunately deferred to a later date.

The AI arms race is speeding ahead in militaries around the world.

Read more | >

In celebration of the 31st anniversary of the launching of NASA’s Hubble Space Telescope, astronomers aimed the renowned observatory at a brilliant “celebrity star,” one of the brightest stars seen in our galaxy, surrounded by a glowing halo of gas and dust. Credit: NASA, ESA, STScI

The mighty blue giant AG Carinae is not your normal star. One of the brightest stars in our Milky Way galaxy, AG Carinae is sizzling hot, shining with the brilliance of 1 million suns. You would need super sunscreen if you lived in the star’s vicinity. The star is up to 70 times heftier than our Sun and burning fuel at a ferocious rate.

Its opulence means that the mammoth star is living life in the fast lane. Pouring out so much energy takes a toll on the stellar behemoth. It is prone to convulsive fits, expanding in size like a hot air balloon and shedding its outer layers of material into space. One or more giant eruptions 10000 years ago created the beautiful, expanding shell of dust and gas seen here. Stars like this one are rare: less than 50 reside in our local group of neighboring galaxies.

Read more | >

AI squad mates. Called this a few years ago. It’s too annoying getting strangers to join up on some online task for a game.

Who wouldn’t want an A.I.to sit there and play backseat gamer? That’s exactly what looks to be happening thanks to a recently revealed Sony patent. The patent is for an automated Artificial Intelligence (A.I.) control mode specifically designed to perform certain tasks, including playing a game while the player is away.

In the patent, as spotted by SegmentNext, it’s detailed that this A.I. will involve assigning a default gameplay profile to the user. This profile will include a compendium of information detailing the player’s gaming habits, play styles, and decision-making processes while sitting down for a new adventure. This knowledge can then be harnessed to simulate the player’s gaming habits, even when said gamer is away from their platform of choice.

“The method includes monitoring a plurality of game plays of the user playing a plurality of gaming applications,” reads the patent itself. “The method includes generating a user gameplay profile of the user by adjusting the default gameplay style based on the plurality of game plays, wherein the user gameplay profile incudes a user gameplay style customized to the user. The method includes controlling an instance of a first gaming application based on the user gameplay style of the user gameplay profile.”

Continue reading “Sony Files A Patent For An A.I. That Will Play Your Games And Judge You” | >