Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 114

Aug 24, 2021

Microsoft data breach exposes 38M records including Social Security numbers

Posted by in categories: biotech/medical, cybercrime/malcode, internet

THE personal records of 38million people were accidentally leaked on the open internet due to a flaw in more than a thousand Microsoft web apps, according to reports.

American Airlines, Ford, J.B. Hunt, the Maryland Department of Health, the New York City Municipal Transportation Authority, and New York City public schools were among the companies and organizations affected by the mistake.

The data mistakenly shared online included information from a number of Covid-19 contact tracing platforms, vaccination sign-ups, job application portals, and employee databases, according to Wired.

Aug 22, 2021

Razer bug lets you become a Windows 10 admin by plugging in a mouse

Posted by in category: cybercrime/malcode

A Razer Synapse zero-day vulnerability has been disclosed on Twitter, allowing you to gain Windows admin privileges simply by plugging in a Razer mouse or keyboard.

Razer is a very popular computer peripherals manufacturer known for its gaming mouses and keyboards.

When plugging in a Razer device into Windows 10 or Windows 11 the operating system will automatically download and begin installing the Razer Synapse software on the computer. Razer Synapse is software that allows users to configure their hardware devices, set up macros, or map buttons.

Aug 22, 2021

Microsoft Exchange servers being hacked by new LockFile ransomware

Posted by in category: cybercrime/malcode

A new ransomware gang known as LockFile encrypts Windows domains after hacking into Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities.

ProxyShell is the name of an attack consisting of three chained Microsoft Exchange vulnerabilities that result in unauthenticated, remote code execution.

The three vulnerabilities were discovered by Devcore Principal Security Researcher Orange Tsai, who chained them together to take over a Microsoft Exchange server in April’s Pwn2Own2021hacking contest.

Aug 22, 2021

Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps

Posted by in categories: cybercrime/malcode, finance

Web infrastructure and website security company Cloudflare on Thursday disclosed that it mitigated the largest ever volumetric distributed denial of service (DDoS) attack recorded to date.

The attack, launched via a Mirai botnet, is said to have targeted an unnamed customer in the financial industry last month. “Within seconds, the botnet bombarded the Cloudflare edge with over 330 million attack requests,” the company noted, at one point reaching a record high of 17.2 million requests-per-second (rps), making it three times bigger than previously reported HTTP DDoS attacks.

Aug 14, 2021

Cryptomining Botnet Alters CPU Settings to Boost Mining Performance

Posted by in categories: cryptocurrencies, cybercrime/malcode

Uptycs Threat Research Team has discovered malware that not only hijacks vulnerable *nix-based servers and uses them to mine cryptocurrency but actually modifies their CPU configurations in a bid to increase mining performance at the cost of performance in other applications.

Perpetrators use a Golang-based worm to exploit known vulnerabilities like CVE-2020–14882 (Oracle WebLogic) and CVE-2017–11610 (Supervisord) to gain access to Linux systems, reports The Record. Once they hijack a machine, they use model-specific registers (MSR) to disable the hardware prefetcher, a unit that fetches data and instructions from the memory into the L2 cache before they are needed.

Aug 14, 2021

Data breach alert: Info on millions of seniors leaked online

Posted by in category: cybercrime/malcode

In another instance of a misconfigured data server, the personal details of over 3 million senior citizens have been exposed.

Aug 12, 2021

Should we be worried about technology? | The Economist

Posted by in categories: biotech/medical, cybercrime/malcode

The covid-19 pandemic has reinforced humanity’s dependence on modern tech, but the same tools that enable remote working are also being used to spread disinformation and perpetuate cybercrime. Ambivalence towards technology is nothing new.

Read more of our coverage of Science & technology: https://econ.st/3CdkVa5

Continue reading “Should we be worried about technology? | The Economist” »

Aug 12, 2021

Attacks against industrial networks will become a bigger problem. We need to fix security now

Posted by in category: cybercrime/malcode

There’s very few opportunities in cybersecurity where you get the benefit of foresight. This could be one.

Aug 11, 2021

Researchers Develop RISC-V Chip for Quantum-Resistant Encryption

Posted by in categories: cybercrime/malcode, encryption, quantum physics

The goal is to pre-empt the fall of traditional cryptography likely to follow the quantum revolution.


A research team with the Technical University of Munich (TUM) have designed a quantum cryptography chip aimed at the security demands of the quantum computing revolution. The RISC-V chip, which was already sent to manufacturing according to the researchers’ design, aims to be a working proof of concept for protecting systems against quantum computing-based attacks, which are generally considered to be one of the most important security frontiers of the future. Alongside the RISC-V based hardware implementation (which includes ASIC and FPGA structures), the researchers also developed 29 additional instructions for the architecture that enable the required workloads to be correctly processed on-chip.

Traditional cryptography is generally based on both the sender and receiver holding the same “unlock” key for any given encrypted data. These keys (which may include letters, digits, and special characters) have increased in length as time passes, accompanying increases in hardware performance available in the general computing sphere. The idea is to thwart brute-force attacks that would simply try out enough character combinations that would allow them to eventually reach the correct answer that unlocks the encrypted messages’ contents. Given a big enough size of the security key (and also depending on the encryption protocol used), it’s virtually impossible for current hardware — even with the extreme parallelization enabled by the most recent GPUs — to try out enough combinations in a short enough timeframe to make the effort worthwhile.

Continue reading “Researchers Develop RISC-V Chip for Quantum-Resistant Encryption” »

Aug 11, 2021

Norton and Avast are merging into an $8 billion antivirus empire

Posted by in category: cybercrime/malcode

The deal combines decades of cyber security experience.


Norton and Avast are merging in a big anti-virus deal. The combined companies will focus on consumer offerings for cyber security, just as ransomware is becoming a big issue.