Lifeboat Foundation

Materials research organizations in Asia have been targeted by a previously unknown threat actor using a distinct set of tools.

Symantec, by Broadcom Software, is tracking the cluster under the moniker Clasiopa. The origins of the hacking group and its affiliations are currently unknown, but there are hints that suggest the adversary could have ties to India.

This includes references to “SAPTARISHI-ATHARVAN-101” in a custom backdoor and the use of the password “iloveindea1998^_^” for a ZIP archive.

Ben Goertzel in response to some common objections covered in an article on io9 by George Dvorsky ‘You’ll Probably Never Upload Your Mind Into A Computer’: http://io9.com/you-ll-probably-never-upload-your-mind-into-a-computer-474941498

Objections are covered in order as they appear in the article:
1. Brain functions are not computable.
2. We’ll never solve the hard problem of consciousness.
3. We’ll never solve the binding problem.
4. Panpsychism is true.
5. Mind-body dualism is true.
6. It would be unethical to develop.
7. We can never be sure it works.
8. Uploaded minds would be vulnerable to hacking and abuse.

Continue reading “Ben Goertzel — Countering Objections to Mind Uploading” »

Enterprises looking to get ahead of data breaches and data leaks can benefit from using dark web monitoring tools and scan for personally identifiable information and even respond to attacks. Here is a list of 10 such tools.

Protect yourself and your organization from the threat of unknown malware. Check out this guide to detecting suspicious behavior.

CISA has updated its Known Exploited Vulnerabilities catalog with three new vulnerabilities that are currently being exploited.

An open source command-and-control (C2) framework known as Havoc is being adopted by threat actors as an alternative to other well-known legitimate toolkits like Cobalt Strike, Sliver, and Brute Ratel.

Cybersecurity firm Zscaler said it observed a new campaign in the beginning of January 2023 targeting an unnamed government organization that utilized Havoc.

“While C2 frameworks are prolific, the open-source Havoc framework is an advanced post-exploitation command-and-control framework capable of bypassing the most current and updated version of Windows 11 defender due to the implementation of advanced evasion techniques such as indirect syscalls and sleep obfuscation,” researchers Niraj Shivtarkar and Niraj Shivtarkar said.

A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices.

Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different campaigns likely conducted by the same threat actor.

“Once the vulnerable devices are compromised, they will be fully controlled by attackers and become a part of the botnet,” Unit 42 researchers said. “The threat actor has the capability to utilize those devices to conduct further attacks, such as distributed denial-of-service (DDoS) attacks.”

Scientists have taken a key step toward harnessing a form of artificial intelligence known as deep reinforcement learning, or DRL, to protect computer networks.

When faced with sophisticated cyberattacks in a rigorous simulation setting, deep reinforcement learning was effective at stopping adversaries from reaching their goals up to 95 percent of the time. The outcome offers promise for a role for autonomous AI in proactive cyber defense.

Scientists from the Department of Energy’s Pacific Northwest National Laboratory documented their findings in a research paper and presented their work Feb. 14 at a workshop on AI for Cybersecurity during the annual meeting of the Association for the Advancement of Artificial Intelligence in Washington, D.C.

Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service (DDoS) attack that peaked at over 71 million requests per second (RPS).

“The majority of attacks peaked in the ballpark of 50–70 million requests per second (RPS) with the largest exceeding 71 million,” the company said, calling it a “hyper-volumetric” DDoS attack.

It’s also the largest HTTP DDoS attack reported to date, more than 35% higher than the previous 46 million RPS DDoS attack that Google Cloud mitigated in June 2022.