Lifeboat Foundation

The malware establishes initial access on targeted machines, then waits for additional code to execute.

A brand-new multiplatform malware, likely distributed via malicious npm packages, is spreading under the radar with Linux and Mac versions going fully undetected in VirusTotal, researchers warned.

The Windows version, according to a Tuesday writeup from Intezer, has only six detections as of this writing. These were uploaded to VirusTotal with the suffix “.ts,” which is used for TypeScript files.

Researchers take antivirus support to the next level with the Raspberry Pi.

A team from the Research Institute of Computer Science and Random Systems uses a Raspberry Pi to detect malware with electromagnetic waves.

Chief information security officers’ (CISOs) greatest challenge going into 2022 is countering the speed and severity of cyberattacks. The latest real-time monitoring and detection technologies improve the odds of thwarting an attack but aren’t foolproof. CISOs tell VentureBeat that bad actors avoid detection with first-line monitoring systems by modifying attacks on the fly. That’s cause for concern, especially with CISOs in financial services and health care.

Enterprises are in react mode

Enterprises fail to get the most value from threat monitoring, detection, and response cybersecurity strategies because they’re too focused on data collection and security monitoring alone. CISOs tell VentureBeat they’re capturing more telemetry (i.e., remote) data than ever, yet are short-staffed when it comes to deciphering it, which means they’re often in react mode.

Such is the promise and peril of NFTs.

NFTs, or non-fungible tokens, offer many potential benefits to creators. They apply the mechanisms of scarcity to digital assets by allowing artists to render them as one-of-a-kind collectibles, like a painting or a baseball card. This means artists — especially digital artists — who have struggled to make their streamable, screenshot-able or reprintable work hold value — can price their items at rates appropriate for something in short supply.

However, the digital trading mechanism is still in nascent stages, and rife with scams, hacks and copyright issues. Beeple was hit by an organized hack, for example. While artists can sometimes find financial solvency with NFTs, other times, they lose millions.

Hackers used a cloud video hosting service to perform a supply chain attack on over one hundred real estate sites that injected malicious scripts to steal information inputted in website forms.

These scripts are known as skimmers or formjackers and are commonly injected into hacked websites to steal sensitive information entered into forms. Skimmers are commonly used on checkout pages for online stores to steal payment information.

In a new supply chain attack discovered by Palo Alto Networks Unit42, threat actors abused a cloud video hosting feature to inject skimmer code into a video player. When a website embeds that player, it embeds the malicious script, causing the site to become infected.

North Korea has hacked USD 1.7B of crypto and views the loot as a ‘long-term investment’. Experts say that Pyongyang is going long on its take of tokens, rather than quickly trading them for cash.

North Korea’s crypto exchange attacks

According to Newsis and Chosun, the US federal government prosecutor issued statements saying that North Korean hackers have been “conspiring with other money-laundering criminals” to “steal crypto-assets” from at least “three digital asset exchanges” before “laundering the proceeds.”

Computer maintenance workers at Kyoto University have announced that due to an apparent bug in software used to back up research data, researchers using the University’s Hewlett-Packard Cray computing system, called Lustre, have lost approximately 77 terabytes of data. The team at the University’s Institute for Information Management and Communication posted a Failure Information page detailing what is known so far about the data loss.

The team, with the University’s Information Department Information Infrastructure Division, Supercomputing, reported that files in the /LARGEO (on the DataDirect ExaScaler storage system) were lost during a system backup procedure. Some in the press have suggested that the problem arose from a faulty script that was supposed to delete only old, unneeded log files. The team noted that it was originally thought that approximately 100TB of files had been lost, but that number has since been pared down to 77TB. They note also that the failure occurred on December 16 between the hours of 5:50 and 7pm. Affected users were immediately notified via emails. The team further notes that approximately 34 million files were lost and that the files lost belonged to 14 known research groups. The team did not release information related to the names of the research groups or what sort of research they were conducting. They did note data from another four groups appears to be restorable.

Trojanized installers of the Telegram messaging application are being used to distribute the Windows-based Purple Fox backdoor on compromised systems.

That’s according to new research published by Minerva Labs, describing the attack as different from intrusions that typically take advantage of legitimate software for dropping malicious payloads.

“This threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had very low detection rates by [antivirus] engines, with the final stage leading to Purple Fox rootkit infection,” researcher Natalie Zargarov said.

Researchers demonstrate that electromagnetic signals emanating from IoT devices can be used as a side channel to detect various forms of malware.