Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 79

Dec 4, 2021

Pegasus maker probes reports its spyware targeted US diplomats

Posted by in categories: cybercrime/malcode, government, mobile phones, surveillance

The Israeli spyware maker in the Pegasus surveillance scandal said Friday it was investigating reports the firm’s technology was used to target iPhones of some US diplomats in Africa.

Apple has begun alerting people whose phones were hacked by NSO’s spyware, which essentially turns handsets into pocket spying devices and sparked controversy this year after reportedly being used on activists, journalists and politicians.

“On top of the independent investigation, NSO will cooperate with any relevant government authority and present the full information we will have,” the firm said in a statement.

Dec 2, 2021

Hackers Increasingly Using RTF Template Injection Technique in Phishing Attacks

Posted by in category: cybercrime/malcode

Hackers have been increasingly using RTF Template Injection method in widespread phishing attacks.

Nov 28, 2021

Rogue Miners Are Using Google Cloud Servers to Mine Cryptocurrencies

Posted by in categories: bitcoin, cryptocurrencies, cybercrime/malcode, energy

Google’s cybersecurity team warns that this is neither the first nor the last time.

Cryptomining is a very energy-intensive process with analysis by the University of Cambridge showing that Bitcoin consumes more electricity than the entire country of Argentina. Now, Google has released a new report stating that malicious cryptocurrency miners are using hacked Google Cloud accounts for mining purposes.

The report is called “Threat Horizons” and it aims to help organizations keep their cloud environments secure.

Continue reading “Rogue Miners Are Using Google Cloud Servers to Mine Cryptocurrencies” »

Nov 26, 2021

Creating deeper defense against cyber attacks

Posted by in categories: cybercrime/malcode, information science, internet

To address the growing threat of cyberattacks on industrial control systems, a KAUST team including Fouzi Harrou, Wu Wang and led by Ying Sun has developed an improved method for detecting malicious intrusions.

Internet-based are widely used to monitor and operate factories and critical infrastructure. In the past, these systems relied on expensive dedicated networks; however, moving them online has made them cheaper and easier to access. But it has also made them more vulnerable to attack, a danger that is growing alongside the increasing adoption of internet of things (IoT) technology.

Conventional security solutions such as firewalls and are not appropriate for protecting industrial control systems because of their distinct specifications. Their sheer complexity also makes it hard for even the best algorithms to pick out abnormal occurrences that might spell invasion.

Nov 25, 2021

This Synthetic DNA Factory Is Building New Forms of Life

Posted by in categories: bioengineering, biotech/medical, cybercrime/malcode, food, robotics/AI

In this DNA factory, organism engineers are using robots and automation to build completely new forms of life.
»Subscribe to Seeker! http://bit.ly/subscribeseeker.
»Watch more Focal Point | https://bit.ly/2M3gmbK

Ginkgo Bioworks, a Boston company specializing in “engineering custom organisms,” aims to reinvent manufacturing, agriculture, biodesign, and more.

Continue reading “This Synthetic DNA Factory Is Building New Forms of Life” »

Nov 24, 2021

Over 9 Million Android Phones Running Malware Apps from Huawei’s AppGallery

Posted by in categories: cybercrime/malcode, mobile phones

More than 9 million Android phones are infected with malware distributed through Huawei’s AppGallery Store.

Nov 24, 2021

Apple Sues Israel’s NSO Group for Spying on iPhone Users With Pegasus Spyware

Posted by in categories: cybercrime/malcode, mobile phones

Apple has filed a federal lawsuit against Israeli spyware firm NSO Group for illegally targeting users with the Pegasus malware.

Nov 21, 2021

Microsoft Exchange servers hacked in internal reply-chain attacks

Posted by in category: cybercrime/malcode

Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails.

When threat actors conduct malicious email campaigns, the hardest part is to trick users into trusting the sender enough so that they open up linked to or included malware-distributing attachments.

TrendMicro researchers have discovered an interesting tactic used of distributing malicious email to a company’s internal users using the victim’s compromised Microsoft exchange servers.

Nov 20, 2021

Can Time Be Hacked? Here’s How One Hacker Demonstrated It Can

Posted by in category: cybercrime/malcode

Cher sang about manipulating it while Doctor Who dramatized it. This hacker went one better and did it. Here’s how time got hacked.

During a 1961 address to the National Association of Manufacturers in New York City, John F. Kennedy said that “we must use time as a tool, not as a couch.” Fast forward fifty years, and one hacker has demonstrated exactly how to do that: by hacking time.

What is time anyway? What is time? That’s not an easy question to answer definitively.

Continue reading “Can Time Be Hacked? Here’s How One Hacker Demonstrated It Can” »

Nov 19, 2021

Serious security vulnerabilities in DRAM memory devices

Posted by in categories: cybercrime/malcode, mobile phones

Researchers at ETH Zurich have discovered major vulnerabilities in DRAM memory devices, which are widely used in computers, tablets and smartphones. The vulnerabilities have now been published together with the National Cyber Security Centre, which for the first time has assigned an identification number for it.

When browsing the internet on a laptop computer or writing messages on a smartphone, we all like to think that we are reasonably safe from as long as we have installed the latest software updates and anti-virus software. But what if the problem lies not with the software, but with the hardware? A team of researchers led by Kaveh Razavi at ETH Zurich, together with colleagues at the Vrije Universiteit Amsterdam and Qualcomm Technologies, have recently discovered fundamental vulnerabilities affecting the memory component called DRAM at the heart of all modern computer systems.

The results of their research have now been accepted for publication at a flagship IT security conference, and the Swiss National Cyber Security Centre (NCSC) has issued a Common Vulnerabilities and Exposures (CVE) number. This is the first time that a CVE identification has been issued by the NCSC in Switzerland (see box below). On a scale of 0 to 10, the severity of the vulnerability has been rated as 9.

Page 79 of 193First7677787980818283Last