U.S. authorities have flagged the U.S. financial system, a central pillar in the U.S. sanctions regime, as an attractive target, and officials and security experts have warned for weeks about the possibility of retaliatory cyberattacks from Russia.
A new malware strain that can survive operating system reinstalls was spotted last year secretly hiding on a computer, according to the antivirus provider Kaspersky.
The company discovered the Windows-based malware last spring running on a single computer. How the malicious code infected the system remains unclear. But the malware was designed to operate on the computer’s UEFI firmware, which helps boot up the system.
The malware, dubbed MoonBounce, is especially scary because it installs itself on the motherboard’s SPI flash memory, instead of the computer’s storage drive. Hence, the malware can persist even if you reinstall the computer’s OS or swap out the storage.
“The investigation into the recent cyber event on the KA-SAT European network continues in partnership with law enforcement, government partners and Viasat’s third-party cybersecurity firm,” Viasat said in a statement March 11. “We currently believe this was a deliberate, isolated and external cyber event.”
The ‘Escobar’ malware has so far targeted customers from 190 financial institutions across 18 different countries. Specific details related to the country and institutions have not been revealed.
The NVIDIA hackers have now targeted Samsung. Here’s what Galaxy smartphone owners need to know.
Businesses need to have a complete view of where potential vulnerabilities or misconfigurations exist in the software supply chain.
China captured a spy tool deployed by the US National Security Agency, which is capable of lurking in a victim’s computer to access sensitive information and was found to have controlled global internet equipment and stole large amounts of users’ information, according to a report the Global Times obtained from the National Computer Virus Emergency Response Center exclusively on Monday.
According to the report, the Trojan horse, “NOPEN,” is a remote control tool for Unix/Linux computer systems. It is mainly used for stealing files, accessing systems, redirecting network communication, and viewing a target device’s information.
Through technical analysis, the center believes that the “NOPEN” Trojan horse is characterized by complex technology, comprehensive functions and strong concealment, which can fit a variety of processor architectures and operating systems. It can also collaborate with other cyber weapons and is a typical tool used for cyber espionage.
French video game company Ubisoft on Friday confirmed it was a victim of a “cyber security incident,” causing temporary disruptions to its games, systems, and services.
The Montreuil-headquartered firm said that an investigation into the breach was underway and that it has initiated a company-wide password reset as a precautionary measure.
“Also, we can confirm that all our games and services are functioning normally and that at this time there is no evidence any player personal information was accessed or exposed as a by-product of this incident,” the company said in a statement.
It’s at least the third strain of wiper since the conflict began.
Researchers from cybersecurity firm ESET have discovered a new destructive wiper malware, dubbed CaddyWiper, that is affecting computer networks in Ukraine.
There have been some other high profile hacks recently.
Ubisoft says it experienced a “cyber security incident” last week that temporarily disrupted some games, systems, and services. The company does not believe player personal information was exposed. An entity seemingly representing the hacking group LAPSUS$ is taking responsibility.
