BKA identified REvil leaders tied to 130 German attacks causing €35.4M damage, exposing key ransomware figures.
Get the latest international news and world events from around the world.
New GPUBreach attack enables system takeover via GPU rowhammer
A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise.
GPUBreach was developed by a team of researchers at the University of Toronto, and full details will be presented at the upcoming IEEE Symposium on Security & Privacy on April 13 in Oakland.
The researchers demonstrated that Rowhammer-induced bit flips in GDDR6 can corrupt GPU page tables (PTEs) and grant arbitrary GPU memory read/write access to an unprivileged CUDA kernel.
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions.
Dubbed BlueHammer, the vulnerability was published by a security researcher discontent with how Microsoft’s Security Response Center (MSRC) handled the disclosure process.
Since, the security issue has no official patch and there is no update to address it, the flaw is considered a zero-day by Microsoft’s definition.
Microsoft fixes Classic Outlook bug causing email delivery issues
Microsoft has resolved a known issue that was preventing some Classic Outlook users from sending emails via Outlook.com.
As the company explained when it acknowledged the issue last week, affected users were being warned that some of their messages hadn’t reached intended recipients.
Microsoft said that those experiencing this issue would encounter it more often when the Outlook.com account they used to send emails was an Outlook profile linked to another Exchange account.
Microsoft removes Support and Recovery Assistant from Windows
Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support versions of Windows updates starting March 10.
SaRA is a free scriptable tool that helps troubleshoot and resolve common issues with Office, Microsoft 365, Outlook, and Windows by running a series of automated diagnostic tests on Windows 7, Windows 8, Windows 10, and Windows 11 systems.
According to Microsoft, the latest version of the utility should identify the root cause and then either automatically fix the issue, provide step-by-step instructions for a manual fix, or help users contact Microsoft support.
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks.
This cybercrime gang quickly shifts to targeting new security vulnerabilities to gain access to its victims’ networks, weaponizing some of them within a day and, in some cases, exploiting them a week before patches are released.
“Storm-1175 rapidly moves from initial access to data exfiltration and deployment of Medusa ransomware, often within a few days and, in some cases, within 24 hours,” Microsoft said.
New mouse model of virus-driven liver cancer may boost diagnosis and treatments
Liver cancer is one of the world’s deadliest cancers, and most cases are linked to chronic viral hepatitis. Yet scientists have lacked an animal model that faithfully recapitulates how the disease unfolds in people, from initial infection with a virus to liver inflammation, scarring, and cancer. Now, researchers at The Rockefeller University have developed that model, as described in the Journal of Hepatology.
By infecting ordinary laboratory mice with an engineered version of Norway rat hepacivirus (NrHV)—a close relative of hepatitis C virus (HCV)—and tracking the animals over 18 months, the team documented the progression from chronic viral hepatitis to spontaneous liver cancer.
“This model fills a critical gap that has long existed in the field,” says Charles M. Rice, whose Laboratory of Virology and Infectious Disease helmed the study. “For the first time, we have a system in which natural chronic viral infection drives liver cancer in an immunologically healthy animal, opening the door to studies and preclinical trials that simply weren’t possible before.”