Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 55

Infamous Chisel is described as a collection of multiple components that’s designed with the intent to enable remote access and exfiltrate information from Android phones.

Besides scanning the devices for information and files matching a predefined set of file extensions, the malware also contains functionality to periodically scan the local network and offer SSH access.

“Infamous Chisel also provides remote access by configuring and executing TOR with a hidden service which forwards to a modified Dropbear binary providing a SSH connection,” the Five Eyes (FVEY) intelligence alliance said.

Read more | >

Artificial intelligence (AI) has been helping humans in IT security operations since the 2010s, analyzing massive amounts of data quickly to detect the signals of malicious behavior. With enterprise cloud environments producing terabytes of data to be analyzed, threat detection at the cloud scale depends on AI. But can that AI be trusted? Or will hidden bias lead to missed threats and data breaches?

Bias can create risks in AI systems used for cloud security. There are steps humans can take to mitigate this hidden threat, but first, it’s helpful to understand what types of bias exist and where they come from.

Read more | >

A pair of breaches have hit media giant Paramount Global and fashion purveyor Forever 21, exposing personally identifiable information for thousands of people in the latter’s case and setting them up for a raft of follow-on attacks.

In Paramount’s case, the Hollywood bigwig disclosed in a data breach notification letter obtained by media that cyberattackers accessed PII for certain individuals for a month, between May and June of this year. The data included names, birthdates, Social Security numbers, driver’s license numbers, passport numbers, and “information related to [the individual’s] relationship with Paramount.”

It’s unclear if the data pertains to website members, employees, customers, or other profiles — or how many are affected. The data breach notification letter, penned by an operations executive at Nickelodeon Animation Studio, did not elaborate.

Read more | >

A New York-based bank says a global cybersecurity incident has exposed sensitive customer data.

In a letter to customers, M&T Bank says the exploit involves the file transfer tool MOVEit, which is used to securely send and receive confidential information.

According to the bank, the attacker was able to access customer data by targeting one of the lender’s third-party vendors.

Read more | >

Every seven minutes a cyber-attack is reported in Australia.

Millions of Australians have had their data stolen in malicious attacks, costing some businesses tens of millions of dollars in ransom. The federal government is warning the country must brace for even more strikes as cyber gangs become more sophisticated and ruthless.

Four Corners investigates the cyber gangs behind these assaults, cracking open their inner operations and speaking to a hacker who says he targets Australians and shows no remorse.

The program travels all the way to Ukraine and discovers we share a common enemy in the battle for cyber security.

Read more | >

For weeks, a cyberattack paralyzed the German district of Anhalt-Bitterfeld in 2021, bringing its whole administration to a standstill. It was a stark illustration of how hackers can knock out entire communities in milliseconds — and how digital technology has become vital for running our societies.

Such “critical digital infrastructure” helps boost efficiency. But it also makes communities ever more vulnerable to hacking. And attacks are on the rise. In this episode of Techtopia, DW Chief Technology Correspondent Janosch Delcker investigates how a criminal industry makes billions by taking computers hostage — and how governments can use similar methods as a political weapon.

Subscribe: https://www.youtube.com/user/deutschewelleenglish?sub_confirmation=1

For more news go to: http://www.dw.com/en/
Follow DW on social media:
►Facebook: https://www.facebook.com/deutschewellenews/
►Twitter: https://twitter.com/dwnews.
►Instagram: https://www.instagram.com/dwnews.
Für Videos in deutscher Sprache besuchen Sie: https://www.youtube.com/dwdeutsch

Read more | >

Mikhail Sosonkin, who works for cybersecurity start-up Synack, showed CNBC firsthand how easy it is to break into a computer.
» Subscribe to CNBC: http://cnb.cx/SubscribeCNBC

About CNBC: From ‘Wall Street’ to ‘Main Street’ to award winning original documentaries and Reality TV series, CNBC has you covered. Experience special sneak peeks of your favorite shows, exclusive video and more.

Connect with CNBC News Online.
Get the latest news: http://www.cnbc.com/
Find CNBC News on Facebook: http://cnb.cx/LikeCNBC
Follow CNBC News on Twitter: http://cnb.cx/FollowCNBC
Follow CNBC News on Google+: http://cnb.cx/PlusCNBC
Follow CNBC News on Instagram: http://cnb.cx/InstagramCNBC

Read more | >

Fake images and misinformation in the age of AI are growing. Even in 2019, a Pew Research Center study found that 61% of Americans said it is too much to ask of the average American to be able to recognize altered videos and images. And that was before generative AI tools became widely available to the public.

AdobeADBE +0.5% shared August 2023 statistics on the number of AI-generated images created with Adobe Firefly reaching one billion, only three months after it launched in March 2023.

In response to the increasing use of AI images, Google Deep Mind announced a beta version of SynthID. The tool will watermark and identify AI-generated images by embedding a digital watermark directly into the pixels of an image that will be imperceptible to the human eye but detectable for identification.

Kris Bondi, CEO and founder of Mimoto, a proactive detection and response cybersecurity company, said that while Google’s SynthID is a starting place, the problem of deep fakes will not be fixed by a single solution.

“People forget that bad actors are also in business. Their tactics and technologies continuously evolve, become available to more bad actors, and the cost of their techniques, such as deep fakes, comes down,” said Bondi.

Read more | >

This post is also available in: he עברית (Hebrew)

The GhostSec cybergang claims to have breached the FANAP Behnama software, exposing 20GB of data including face recognition and motion detection systems it says are used by the Iranian government to monitor and track its people.

Now the group says it intends to make the data public, “in the interests of the Iranian people, but also in the interests of protecting the privacy of each and every one of us.” Cybersecurity analyst Cyberint commented on the group’s statement, saying that while GhostSec’s actions align with hacktivist principles, they also position themselves as advocates for human rights.

Read more | >