Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 13

Aug 15, 2024

Ransomware gang deploys new malware to kill security software

Posted by in category: cybercrime/malcode

RansomHub ransomware operators are now deploying new malware to disable Endpoint Detection and Response (EDR) security software in Bring Your Own Vulnerable Driver (BYOVD) attacks.

Named EDRKillShifter by Sophos security researchers who discovered it during a May 2024 ransomware investigation, the malware deploys a legitimate, vulnerable driver on targeted devices to escalate privileges, disable security solutions, and take control of the system.

This technique is very popular among various threat actors, ranging from financially motivated ransomware gangs to state-backed hacking groups.

Aug 14, 2024

Hackers May Have Leaked Every American’s Social Security Information

Posted by in category: cybercrime/malcode

Security experts are warning that a background check site may have been breached, resulting in the potential exposure of billions of Social Security and address records that could cover everyone in the United States.

As BleepingComputer reports, a hacking forum lit up when a user claimed to have access to a huge cache of documents gleaned from data brokerage National Public Data.

Though it doesn’t share its methodology on its website, NPD is believed to scrape its data from publicly available records to create individual user profiles generally used by private investigators or in background or criminal records checks.

Aug 14, 2024

DDoS Attacks Surge 46% in First Half of 2024, Gcore Report Reveals

Posted by in category: cybercrime/malcode

Monitoring evolving DDoS trends is essential for anticipating threats and adapting defensive strategies. The comprehensive Gcore Radar Report for the first half of 2024 provides detailed insights into DDoS attack data, showcasing changes in attack patterns and the broader landscape of cyber threats. Here, we share a selection of findings from the full report.

Key Takeaways

The number of DDoS attacks in H1 2024 has increased by 46% compared to the same period last year, reaching 445K in Q2 2024. Compared to data for the previous six months (Q3–4 2023), it increased by 34%.

Aug 13, 2024

Hackers leak 2.7 billion data records with Social Security numbers

Posted by in category: cybercrime/malcode

Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and possible aliases.

The data allegedly comes from National Public Data, a company that collects and sells access to personal data for use in background checks, to obtain criminal records, and for private investigators.

National Public Data is believed to scrape this information from public sources to compile individual user profiles for people in the US and other countries.

Aug 13, 2024

NIST Finalizes Post-Quantum Encryption Standards

Posted by in categories: cybercrime/malcode, encryption, information science, quantum physics

Three new encryption algorithms to bolster global cybersecurity efforts against future attacks using quantum technologies were published today by the National Institute of Standards and Technology (NIST), a division of the U.S. Department of Commerce. The new standards are designed for two tasks: general encryption and digital signatures.

These new standards are the culmination of an eight-year effort from the agency to tap the best minds in cybersecurity to devise the next generation of cryptography strong enough to withstand quantum computers. Experts expect quantum computers capable of breaking current current cryptographic algorithms within a decade. The new standards, the first released by NIST’s post-quantum cryptography (PQC) standardization project, are published on the department’s website. The documents contain the algorithms’ computer code, instructions for how to implement them in products and in encryption systems, and use cases for each.

Aug 13, 2024

FBI Shuts Down Dispossessor Ransomware Group’s Servers Across U.S., U.K., and Germany

Posted by in category: cybercrime/malcode

FBI disrupts Dispossessor ransomware group, dismantling servers across multiple countries. Learn about their tactics and the evolving ransomware lands.

Aug 13, 2024

New U.N. Cybercrime Treaty Could Threaten Human Rights

Posted by in categories: cybercrime/malcode, geopolitics, surveillance, treaties

A recently adopted United Nations treaty could lead to invasive digital surveillance, human rights experts warn.

By Kate Graham-Shaw

NEW YORK CITY —The United Nations approved its first international cybercrime treaty yesterday. The effort succeeded despite opposition from tech companies and human rights groups, who warn that the agreement will permit countries to expand invasive electronic surveillance in the name of criminal investigations. Experts from these organizations say that the treaty undermines the global human rights of freedom of speech and expression because it contains clauses that countries could interpret to internationally prosecute any perceived crime that takes place on a computer system.

Aug 12, 2024

EastWind Attack Deploys PlugY and GrewApacha Backdoors Using Booby-Trapped LNK Files

Posted by in categories: cybercrime/malcode, government

The Russian government and IT organizations are the target of a new campaign that delivers a number of backdoors and trojans as part of a spear-phishing campaign codenamed EastWind.

The attack chains are characterized by the use of RAR archive attachments containing a Windows shortcut (LNK) file that, upon opening, activates the infection sequence, culminating in the deployment of malware such as GrewApacha, an updated version of the CloudSorcerer backdoor, and a previously undocumented implant dubbed PlugY.

PlugY is “downloaded through the CloudSorcerer backdoor, has an extensive set of commands and supports three different protocols for communicating with the command-and-control server,” Russian cybersecurity company Kaspersky said.

Aug 11, 2024

Inside Cybersecurity; Challenges, Emerging Tech, Mitigating Threats

Posted by in categories: cybercrime/malcode, internet, quantum physics, robotics/AI

Link to newsletter:


Dear Subscribers, please see the latest Security & tech Insights newsletter covering emerging issues, trends and potential solutions in the world of cybersecurity. Thanks for reading and stay safe! Best, Chuck Brooks PS checkout my new book on Amazon: Inside Cyber: How AI, 5G, and Quantum Computing Will Transform Privacy and Our Security Amazon.com : Inside Cyber: How AI, 5G, and Quantum Computing Will Transform Privacy and Our Security: 9781394254941: Brooks, Chuck: Books.

Aug 11, 2024

New AMD SinkClose flaw helps install nearly undetectable malware

Posted by in category: cybercrime/malcode

AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring-2 privileges and install malware that becomes nearly undetectable.

Ring-2 is one of the highest privilege levels on a computer, running above Ring-1 (used for hypervisors and CPU virtualization) and Ring 0, which is the privilege level used by an operating system’s Kernel.

The Ring-2 privilege level is associated with modern CPUs’ System Management Mode (SMM) feature. SMM handles power management, hardware control, security, and other low-level operations required for system stability.

Page 13 of 222First1011121314151617Last