Blog

Archive for the ‘cybercrime/malcode’ category: Page 100

Jan 14, 2022

Ukraine hit by ‘massive’ cyber-attack on government websites

Posted by in categories: cybercrime/malcode, government

Suspected Russian hackers left a message on the foreign ministry website, according to reports. It said: “Ukrainians! … All information about you has become public. Be afraid and expect worse. It’s your past, present and future.”

The message reproduced the Ukrainian flag and map crossed out. It mentioned the Ukrainian insurgent army, or UPA, which fought against the Soviet Union during the second world war. There was also a reference to “historical land”.

In a message to the Guardian, the foreign ministry’s spokesperson, Oleg Nikolenko, said: “As a result of a massive cyber-attack, the website of the ministry of foreign affairs and other government agencies are temporarily down.”

Jan 13, 2022

Third-Party Software for Teslas Can Be Hacked, German Teen Says

Posted by in categories: cybercrime/malcode, transportation

A 19-year-old said he’s found flaws in a piece of third-party software that appears to be used by a relatively small number of owners of Tesla Inc. cars that could allow hackers to remotely control some of the vehicles’ functions.

Jan 11, 2022

‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS

Posted by in category: cybercrime/malcode

The malware establishes initial access on targeted machines, then waits for additional code to execute.

A brand-new multiplatform malware, likely distributed via malicious npm packages, is spreading under the radar with Linux and Mac versions going fully undetected in VirusTotal, researchers warned.

The Windows version, according to a Tuesday writeup from Intezer, has only six detections as of this writing. These were uploaded to VirusTotal with the suffix “.ts,” which is used for TypeScript files.

Jan 10, 2022

Raspberry Pi Detects Malware Using Electromagnetic Waves

Posted by in category: cybercrime/malcode

Researchers take antivirus support to the next level with the Raspberry Pi.


A team from the Research Institute of Computer Science and Random Systems uses a Raspberry Pi to detect malware with electromagnetic waves.

Jan 8, 2022

How combining human expertise and AI can stop cyberattacks

Posted by in categories: cybercrime/malcode, finance, health, robotics/AI

Chief information security officers’ (CISOs) greatest challenge going into 2022 is countering the speed and severity of cyberattacks. The latest real-time monitoring and detection technologies improve the odds of thwarting an attack but aren’t foolproof. CISOs tell VentureBeat that bad actors avoid detection with first-line monitoring systems by modifying attacks on the fly. That’s cause for concern, especially with CISOs in financial services and health care.

Enterprises are in react mode

Enterprises fail to get the most value from threat monitoring, detection, and response cybersecurity strategies because they’re too focused on data collection and security monitoring alone. CISOs tell VentureBeat they’re capturing more telemetry (i.e., remote) data than ever, yet are short-staffed when it comes to deciphering it, which means they’re often in react mode.

Jan 8, 2022

‘We don’t need to work anymore’: Local artists crack the code of NFTs

Posted by in categories: blockchains, cybercrime/malcode, employment, finance

Such is the promise and peril of NFTs.

NFTs, or non-fungible tokens, offer many potential benefits to creators. They apply the mechanisms of scarcity to digital assets by allowing artists to render them as one-of-a-kind collectibles, like a painting or a baseball card. This means artists — especially digital artists — who have struggled to make their streamable, screenshot-able or reprintable work hold value — can price their items at rates appropriate for something in short supply.

However, the digital trading mechanism is still in nascent stages, and rife with scams, hacks and copyright issues. Beeple was hit by an organized hack, for example. While artists can sometimes find financial solvency with NFTs, other times, they lose millions.

Jan 5, 2022

Hackers use video player to steal credit cards from over 100 sites

Posted by in category: cybercrime/malcode

Hackers used a cloud video hosting service to perform a supply chain attack on over one hundred real estate sites that injected malicious scripts to steal information inputted in website forms.

These scripts are known as skimmers or formjackers and are commonly injected into hacked websites to steal sensitive information entered into forms. Skimmers are commonly used on checkout pages for online stores to steal payment information.

In a new supply chain attack discovered by Palo Alto Networks Unit42, threat actors abused a cloud video hosting feature to inject skimmer code into a video player. When a website embeds that player, it embeds the malicious script, causing the site to become infected.

Jan 5, 2022

North Korea has hacked $1.7 billion worth of cryptocurrency from exchanges, considers it a long-term investment

Posted by in categories: cryptocurrencies, cybercrime/malcode, government

North Korea has hacked USD 1.7B of crypto and views the loot as a ‘long-term investment’. Experts say that Pyongyang is going long on its take of tokens, rather than quickly trading them for cash.

North Korea’s crypto exchange attacks

According to Newsis and Chosun, the US federal government prosecutor issued statements saying that North Korean hackers have been “conspiring with other money-laundering criminals” to “steal crypto-assets” from at least “three digital asset exchanges” before “laundering the proceeds.”

Jan 5, 2022

Bug in backup software results in loss of 77 terabytes of research data at Kyoto University

Posted by in categories: cybercrime/malcode, supercomputing

Computer maintenance workers at Kyoto University have announced that due to an apparent bug in software used to back up research data, researchers using the University’s Hewlett-Packard Cray computing system, called Lustre, have lost approximately 77 terabytes of data. The team at the University’s Institute for Information Management and Communication posted a Failure Information page detailing what is known so far about the data loss.

The team, with the University’s Information Department Information Infrastructure Division, Supercomputing, reported that files in the /LARGEO (on the DataDirect ExaScaler storage system) were lost during a system backup procedure. Some in the press have suggested that the problem arose from a faulty script that was supposed to delete only old, unneeded log files. The team noted that it was originally thought that approximately 100TB of files had been lost, but that number has since been pared down to 77TB. They note also that the failure occurred on December 16 between the hours of 5:50 and 7pm. Affected users were immediately notified via emails. The team further notes that approximately 34 million files were lost and that the files lost belonged to 14 known research groups. The team did not release information related to the names of the research groups or what sort of research they were conducting. They did note data from another four groups appears to be restorable.

Jan 4, 2022

Beware of Fake Telegram Messenger App Hacking PCs with Purple Fox Malware

Posted by in category: cybercrime/malcode

Trojanized installers of the Telegram messaging application are being used to distribute the Windows-based Purple Fox backdoor on compromised systems.

That’s according to new research published by Minerva Labs, describing the attack as different from intrusions that typically take advantage of legitimate software for dropping malicious payloads.

“This threat actor was able to leave most parts of the attack under the radar by separating the attack into several small files, most of which had very low detection rates by [antivirus] engines, with the final stage leading to Purple Fox rootkit infection,” researcher Natalie Zargarov said.

Page 100 of 219First979899100101102103104Last