Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 14

Cancer cells ‘hacked’ to expose themselves to immune attack

When your social media account starts spewing out nonsensical or threatening status updates, it’s safe to assume that it has been hacked and must be shut down.

The cells in our body also update their “status” by presenting to their environment small proteins that are constantly being produced inside the cell. Our monitors these statuses and destroys cells that produce unusual proteins. A classic example of this is when a cell is infected by a virus and presents parts of the viral proteins on its surface, which allows the immune system to recognize them and destroy the cell.

In contrast, cancer cells often evade detection by displaying very few suspicious proteins that the immune system can identify and target. A new approach to cancer treatment, developed by researchers from Prof. Yardena Samuels’s lab at the Weizmann Institute of Science, increases the number of the immune system’s targets by disrupting production in .

Retail giant Sam’s Club investigates Clop ransomware breach claims

Sam’s Club, an American warehouse supermarket chain owned by U.S. retail giant Walmart, is investigating claims of a Clop ransomware breach.

The Walmart division operates over 600 warehouse clubs with millions of members across the United States and Puerto Rico and almost 200 additional locations in Mexico and China.

Sam’s Club has over 2.3 million employees and reported a total revenue of $84.3 billion for the fiscal year ending January 31, 2023.

Phishing platform ‘Lucid’ behind wave of iOS, Android SMS attacks

A phishing-as-a-service (PhaaS) platform named ‘Lucid’ has been targeting 169 entities in 88 countries using well-crafted messages sent on iMessage (iOS) and RCS (Android).

Lucid, which has been operated by Chinese cybercriminals known as the ‘XinXin group’ since mid-2023, is sold to other threat actors via a subscription-based model that gives them access to over 1,000 phishing domains, tailored auto-generated phishing sites, and pro-grade spamming tools.

Prodaft researchers note that XinXin has also been using the Darcula v3 platform for its operations, which indicates a potential connection between the two PhaaS platforms.

Quantum Computer Generates Truly Random Number in Scientific First

A quantum machine has used entangled qubits to generate a number certified as truly random for the first time, demonstrating a handy function that’s physically beyond even the most powerful supercomputer.

Researchers from the US and UK repurposed existing quantum supremacy experiments on Quantinuum’s 56-qubit computer to roll God’s dice. The result was a number so random, no amount of physics could have predicted it.

Quantum technology is becoming critical for secure electronic communication as cybersecurity threats increase.

494,000 Americans Affected As Massive Data Breach Exposes Names, Financial Records, Medical Data, Social Security Numbers and More: Report

A cybersecurity incident affecting nearly half a million people has exposed personal, financial and medical information.

The mobility and assistive solutions provider Numotion says 494,000 customers are affected by a data breach witnessed between September 2nd, 2024, and November 18th, 2024, reports Security Week.

Numotion says an unknown entity managed to access the email accounts of the firm’s employees without authorization several times.

Cracking the code of private AI: The role of entropy in secure language models

Large Language Models (LLMs) have rapidly become an integral part of our digital landscape, powering everything from chatbots to code generators. However, as these AI systems increasingly rely on proprietary, cloud-hosted models, concerns over user privacy and data security have escalated. How can we harness the power of AI without exposing sensitive data?

A recent study, “Entropy-Guided Attention for Private LLMs,” by Nandan Kumar Jha, a Ph.D. candidate at the NYU Center for Cybersecurity (CCS), and Brandon Reagen, Assistant Professor in the Department of Electrical and Computer Engineering and a member of CCS, introduces a novel approach to making AI more secure.

The paper was presented at the AAAI Workshop on Privacy-Preserving Artificial Intelligence (PPAI 25) in early March and is available on the arXiv preprint server.

Giving verification more logic and more scale: New method enhances processor security against side-channel attacks

More than seven years ago, cybersecurity researchers were thoroughly rattled by the discovery of Meltdown and Spectre, two major security vulnerabilities uncovered in the microprocessors found in virtually every computer on the planet.

Perhaps the scariest thing about these vulnerabilities is that they didn’t stem from typical software bugs or physical CPU problems, but from the actual processor architecture. These attacks changed our understanding of what can be trusted in a system, forcing to fundamentally reexamine where they put resources.

These attacks emerged from an optimization technique called “speculative execution” that essentially gives the processor the ability to execute multiple instructions while it waits for memory, before discarding the instructions that aren’t needed.