Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 80

SparklingGoblin is the name given to a Chinese advanced persistent threat (APT) group with connections to the Winnti umbrella (aka APT41, Barium, Earth Baku, or Wicked Panda). It’s primarily known for its attacks targeting various entities in East and Southeast Asia at least since 2019, with a specific focus on the academic sector.

In August 2021, ESET unearthed a new piece of custom Windows malware codenamed SideWalk (aka ScrambleCross) that was exclusively leveraged by the actor to strike an unnamed computer retail company based in the U.S.

Subsequent findings from Symantec, part of Broadcom software, have linked the use of SideWalk to an espionage attack group it tracks under the moniker Grayfly, while pointing out the malware’s similarities to that of Crosswalk.

Read more | >

The matter is now under investigation and Slack is out of bounds.

San-Franciso-headquartered ride-hailing company Uber, with a presence in over 10,000 cities in 72 countries, is now investigating a breach after an 18-year-old hacked into its network and allegedly has access to its source code, The New York Times.

The incident came to light after the alleged hacker reached out to cybersecurity experts and the NYT and sent them images of the company’s email, cloud storage, and code repositories as proof of their accomplishment.

Read more | >

You won’t be able to blame it on your genetics anymore: with CRISPR, it’s so easy to hacn into your DNA. CRISPR technology is our future, and experiments with DNA hacking are booming. CRISPR biotechnology is not science fiction anymore, it is our very near future. Would you hack and reprogram your own DNA with CRISPR? Breaking the code of life, hacking DNA at home.

Welcome to the world of a new nature. We can now literally cut and paste DNA with the new CRISPR technology. There is a revolutionary development going on that will have major consequences for humans, plants and animals. The new biotechnology is here.

‘Bio is the New Digital’. We are able to accurately reprogram the genetic code of our body cells, embryos, bacteria, viruses and plants. With the CRISPR technology we can adjust the characteristics of each organism to our needs. This allows us to permanently ban diseases, improve our body conditions and adapt plants to our food needs.

The special feature of CRISPR technology is that it is relatively simple. In the past year, the number of experiments and applications has exploded. Around the world, people have been tinkering with CRISPR: experimenting at home with the ‘Do it Yourself CRISPR kits’.

Continue reading “Hack your DNA with CRISPR — VPRO documentary” | >

A set of six high-severity firmware vulnerabilities impacting a broad range of HP devices used in enterprise environments are still waiting to be patched, although some of them were publicly disclosed since July 2021.

Firmware flaws are particularly dangerous because they can lead to malware infections that persist even between OS re-installations or allow long-term compromises that would not trigger standard security tools.

As Binarly highlights in the report, even though it’s been a month since they made some of the flaws public at Black Hat 2022, the vendor hasn’t released security updates for all impacted models, leaving many customers exposed to attacks.

Read more | >

A growing number of ransomware groups are adopting a new tactic that helps them encrypt their victims’ systems faster while reducing the chances of being detected and stopped.

This tactic is called intermittent encryption, and it consists of encrypting only parts of the targeted files’ content, which would still render the data unrecoverable without using a valid decryptor+key.

For example, by skipping every other 16 bytes of a file, the encryption process takes almost half of the time required for full encryption but still locks the contents for good.

Read more | >

Researchers have found a spike in ransomware, banking trojans and other cyber-attacks across the globe including in India and as per recent data from Japanese cybersecurity firm, Trend Micro. The data showed that India ranks third in terms of Emotet attacks, a kind of malware originally designed as a banking Trojan and is aimed at stealing financial data.

Data from Trend Micro shows that Emotet has continued to thrive in 2022. The first half of 2022 saw a whopping 976.7% increase in Emotet detections at 148,700, compared to the first half of 2021 which was pegged at 13811.

Japan leads with 107,669, followed by the US (4,937) in the second spot and India occupying the third place (3,729) number of detection. Italy (3,442) and Brazil (3,006) are the other countries with the highest number of Emotet detections in the first half of 2022. These attacks have globally increased by over 10 times in the first half of 2022 compared to the first half of the previous year, likely because of prolific threat actors using it as part of their operations, the research said.

Read more | >

A lot of hurdles remain before the emerging technology of self-driving personal and commercial vehicles is common, but transportation researchers at The University of Alabama developed a promising, inexpensive system to overcome one challenge: GPS hacking that can send a self-driving vehicle to the wrong destination.

Initial research shows a vehicle can use already installed sensors to detect traveling the wrong route when passengers are unaware of the change, thwarting an attempt to spoof the GPS signal to the vehicle, according to findings outlined in recently published papers in the IEEE Transactions on Intelligent Transportation Systems and Transportation Research Record: Journal of the Transportation Research Board.

Relying on software code and in-vehicle sensors already part of the self-driving system would be cheaper for consumer and to deny the hacked directions used to steer cargo or people away from their intended destination, said Dr. Mizanur Rahman, assistant professor of civil, construction and and affiliate researcher with the Alabama Transportation Institute.

Read more | >