Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 3

Aug 12, 2024

EastWind Attack Deploys PlugY and GrewApacha Backdoors Using Booby-Trapped LNK Files

Posted by in categories: cybercrime/malcode, government

The Russian government and IT organizations are the target of a new campaign that delivers a number of backdoors and trojans as part of a spear-phishing campaign codenamed EastWind.

The attack chains are characterized by the use of RAR archive attachments containing a Windows shortcut (LNK) file that, upon opening, activates the infection sequence, culminating in the deployment of malware such as GrewApacha, an updated version of the CloudSorcerer backdoor, and a previously undocumented implant dubbed PlugY.

PlugY is “downloaded through the CloudSorcerer backdoor, has an extensive set of commands and supports three different protocols for communicating with the command-and-control server,” Russian cybersecurity company Kaspersky said.

Aug 11, 2024

Inside Cybersecurity; Challenges, Emerging Tech, Mitigating Threats

Posted by in categories: cybercrime/malcode, internet, quantum physics, robotics/AI

Link to newsletter:


Dear Subscribers, please see the latest Security & tech Insights newsletter covering emerging issues, trends and potential solutions in the world of cybersecurity. Thanks for reading and stay safe! Best, Chuck Brooks PS checkout my new book on Amazon: Inside Cyber: How AI, 5G, and Quantum Computing Will Transform Privacy and Our Security Amazon.com : Inside Cyber: How AI, 5G, and Quantum Computing Will Transform Privacy and Our Security: 9781394254941: Brooks, Chuck: Books.

Aug 11, 2024

New AMD SinkClose flaw helps install nearly undetectable malware

Posted by in category: cybercrime/malcode

AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring-2 privileges and install malware that becomes nearly undetectable.

Ring-2 is one of the highest privilege levels on a computer, running above Ring-1 (used for hypervisors and CPU virtualization) and Ring 0, which is the privilege level used by an operating system’s Kernel.

The Ring-2 privilege level is associated with modern CPUs’ System Management Mode (SMM) feature. SMM handles power management, hardware control, security, and other low-level operations required for system stability.

Aug 10, 2024

New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions

Posted by in category: cybercrime/malcode

An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software.

“The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data and execute various commands,” the ReasonLabs research team said in an analysis.

“This trojan malware, existing since 2021, originates from imitations of download websites with add-ons to online games and videos.”

Aug 10, 2024

Sonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on Users

Posted by in category: cybercrime/malcode

Cybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on users.

The vulnerabilities “led to an entire break in the security of Sonos’s secure boot process across a wide range of devices and remotely being able to compromise several devices over the air,” NCC Group security researchers Alex Plaskett and Robert Herrera said.

Successful exploitation of one of these flaws could allow a remote attacker to obtain covert audio capture from Sonos devices by means of an over-the-air attack. They impact all versions prior to Sonos S2 release 15.9 and Sonos S1 release 11.12, which were shipped in October and November 2023.

Aug 6, 2024

Our Cyborg Future: Brain-computer interfaces and their privacy challenges

Posted by in categories: cybercrime/malcode, cyborgs, neuroscience

Brain-computer interfaces (BCIs) can translate a person’s brainwaves into action, but these devices are vulnerable to hacking.

Jul 31, 2024

Augmenting Human Capabilities With Artificial Intelligence Agents

Posted by in categories: cybercrime/malcode, education, robotics/AI, transportation

By Chuck Brooks


AI agents represent a great leap forward in technology, offering exponential benefits to society. From enhancing scientific research, healthcare, transportation, education, and cybersecurity. There are a lot of different applications that AI agents could help enable in our new digital world, including, foremost, for humans.

Follow me on Twitter or LinkedIn. Check out my website.

Continue reading “Augmenting Human Capabilities With Artificial Intelligence Agents” »

Jul 31, 2024

New Dual-Target Drug Could Make Antibiotic Resistance 100 Million Times Harder

Posted by in categories: biotech/medical, cybercrime/malcode

It’s easy to think of bacteria as one of the greatest scourges on Earth for the diseases and deaths they cause, and how they repeatedly thwart our best antibiotics, evolving into drug-resistant superbugs.

But really, bacteria are just doing what they’ve always done – finding new ways to survive.

While the search for new antibiotics continues, combination therapies are increasingly being tested to try to clamp down on multiple bacterial escape pathways at once, and limit the chances of microbes developing resistance with successive biological hacks.

Jul 30, 2024

Most cyber ransoms are paid in secret but a new law could change that

Posted by in categories: business, cybercrime/malcode, government, law, mapping

Australian businesses are paying untold amounts of ransom to hackers, but the government is hoping to claw back some visibility with a landmark cybersecurity law.

While major ransomware attacks on companies such as MediSecure, Optus and Latitude have grabbed headlines for breaching the privacy of millions, the practice of quietly paying off cybercriminals has flourished in the dark.

The situation has deteriorated to the point that the government’s original ambition for an outright ban on ransom payments has been nixed, for now, and the focus has shifted to mapping the scale of the problem.

Jul 28, 2024

New microgrids model takes into account a fair design of decentralized energy systems

Posted by in categories: climatology, cybercrime/malcode, sustainability

Local decentralized energy systems, known as microgrids, can make urban infrastructures more resilient and reduce risks for the population, for example, in large-scale power outages due to natural hazards or cyberattacks.

In Nature Sustainability researchers from Karlsruhe Institute of Technology (KIT) present design criteria for microgrids that allow for fair treatment of different social groups alongside technical factors. The study shows how cities can shape the transformation towards a secure and more sustainable and equitable energy supply.

Climate change increases the probability of extreme events, as we have seen during the massive flooding of large parts of southern Germany in June. The question of how cities and municipalities can make more resilient and more secure in the face of such crises is bringing so-called microgrids into focus.

Page 3 of 21212345678Last