Lifeboat Foundation

Researchers demonstrate that electromagnetic signals emanating from IoT devices can be used as a side channel to detect various forms of malware.

Automating repetitive tasks with loops and functions.

Many R users get into R programming from a statistics background rather than a programming/software engineering background, having previously used software such as SPSS, Excel etc. As such they may not have an understanding of some of the programming techniques that can be leveraged to improve code. This can include making the code more modular which in turn makes it easier to find and resolve bugs, but also can be used to automate repetitive tasks, such as producing tables and plots etc.

This short post in c ludes some of the basic programming techniques that can be used to improve the quality and maintainability of R scripts. This will also save you a whole lot of time if you are carrying out repetitive tasks that are only marginally different. We assume that you have a basic understanding of writing simple scripts in R.

Continue reading “Harnessing programming techniques to improve R scripts” »

The transit authority (RIPTA) was hacked. Now the ACLU is questioning why thousands of people with no relationship to RIPTA had their personal information leaked.

An almost perfect way to stealthily store malware.

Korean researchers have detected a vulnerability in SSDs that allows malware to plant itself directly in an SSD’s empty over-provisioning partition. As reported by BleepingComputer, this allows the malware to be nearly invincible to security countermeasures.

Over-provisioning is a feature included in all modern SSDs that improves the lifespan and performance of the SSD’s built-in NAND storage. Over-provisioning in essentially just empty storage space. But, it gives the SSD a chance to ensure that data is evenly distributed between all the NAND cells by shuffling data to the over-provisioning pool when needed.

Continue reading “New Malware Uses SSD Over-Provisioning to Bypass Security Measures” »

OpenCTI-An Open Source Cyber Threat Intelligence Platform. OpenCTI allowing organizations to manage their Cybe Threat Intelligence observables.

OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats.

The structuralist of the data is performed using a knowledge schema based on the STIX2 standards. It has been designed as a modern web application including a GraphQL API and an UX oriented frontend. Also, OpenCTI can be integrated with other resources and applications such as MISP, TheHive, MITRE ATTACK, etc.

Continue reading “OpenCTI Cyber Threat Intelligence Platform” »

If anything, the development is yet another indication of the threat actor’s capacity to continually “innovate and identify new techniques and tradecraft to maintain persistent access to victim environments, hinder detection, and confuse attribution efforts,” while also highlighting the “effectiveness of leveraging third parties and trusted vendor relationships to carry out nefarious operations.”

Microsoft had previously dubbed Nobelium as “skillful and methodic operators who follow operations security (OpSec) best practices.”

Ever since the SolarWinds incident came to light, the APT group has been connected to a string of attacks aimed at think tanks, businesses, and government entities around the globe, even as an ever-expanding malware toolbox has been put to use with the goal of establishing a foothold in the attacked system and downloading other malicious components.

Security researchers have uncovered a malicious campaign that relies on a valid code-signing certificate to disguise malicious code as legitimate executables.

One of the payloads that the researchers called Blister, acts as a loader for other malware and appears to be a novel threat that enjoys a low detection rate.

The threat actor behind Blister has been relying on multiple techniques to keep their attacks under the radar, the use of code-signing certificates being only one of their tricks.

The idea of a tritium power cell is pretty straightforward: stick enough of the tiny glowing tubes to a photovoltaic panel and your DIY “nuclear battery” will generate energy for the next decade or so. Only problem is that the power produced, measured in a few microwatts, isn’t enough to do much with. But as [Ian Charnas] demonstrates in his latest video, you can eke some real-world use out of such a cell by storing up its power over a long enough period.

As with previous projects we’ve seen, [Ian] builds his cell by sandwiching an array of keychain-sized tritium tubes between two solar panels. Isolated from any outside light, power produced by the panels is the result of the weak green glow given off by the tube’s phosphorus coating as it gets bombarded with electrons. The panels are then used to charge a bank of thin-film solid state batteries, which are notable for their exceptionally low self-discharge rate.

Continue reading “Tetris Handheld Powered By Tritium Cell, Eventually” »

Less than a week before the Christmas holiday, French IT services company Inetum Group was hit by a ransomware attack that had a limited impact on the business and its customers.

Inetum is active in more than 26 countries, providing digital services to companies in various sectors: aerospace and defense, banking, automotive, energy and utilities, healthcare, insurance, retail, public sector, transportation, telecom and media.