Lifeboat Foundation

Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers’ machines with a malware called W4SP Stealer.

“The main attack seems to have started around October 12, 2022, slowly picking up steam to a concentrated effort around October 22,” software supply chain security company Phylum said in a report published this week.

The list of offending packages is as follows: typesutil, typestring, sutiltype, duonet, fatnoob, strinfer, pydprotect, incrivelsim, twyne, pyptext, installpy, faq, colorwin, requests-httpx, colorsama, shaasigma, stringe, felpesviadinho, cypress, pystyte, pyslyte, pystyle, pyurllib, algorithmic, oiu, iao, curlapi, type-color, and pyhints.

Researchers detail a new malware campaign by Pakistani hackers targeting Indian government organizations, revealing their new tools and techniques.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation.

Prominent among them is a set of three flaws affecting ETIC Telecom’s Remote Access Server (RAS), which “could allow an attacker to obtain sensitive information and compromise the vulnerable device and other connected machines,” CISA said.

Bias in AI systems is proving to be a major stumbling block in efforts to more broadly integrate the technology into our society.

A new initiative that will reward researchers for finding any prejudices in AI systems could help solve the problem.

The effort is modeled on the bug bounties that software companies pay to cybersecurity experts who alert them of any potential security flaws in their products.

Google’s cybersecurity arm says activity shows a new interest in sowing discord in American politics, though the impact has been minimal.

Gallery QI — Becoming: An Interactive Music Journey in VR — Opening Night.
November 3rd, 2022 — Atkinson Hall auditorium.
UC San Diego — La Jolla, CA

By Shahrokh Yadegari, John Burnett, Eito Murakami and Louis Pisha.

Continue reading “LIVE — BECOMING: AN INTERACTIVE JOURNEY IN VR” »

Chinese hackers are abusing antivirus software to sideload LODEINFO.

UK and Russia are once again at loggerheads, this is after a report emerged that former Prime Minister Liz Truss cell phone was hacked when se was the Foreign Minister. UK Opposition politicians are now calling for an investigation after Daily Mail reported that suspected Kremlin agents were behind the hawk.

#UK #Russia #liztruss.

Continue reading “Russian spies hacked former UK Prime Minister Liz Truss’ mobile phone | Latest News | WION” »

A recently discovered hacking group known for targeting employees dealing with corporate transactions has been linked to a new backdoor called Danfuan.

This hitherto undocumented malware is delivered via another dropper called Geppei, researchers from Symantec, by Broadcom Software, said in a report shared with The Hacker News.

The dropper “is being used to install a new backdoor and other tools using the novel technique of reading commands from seemingly innocuous Internet Information Services (IIS) logs,” the researchers said.