Cybercrime/malcode – Lifeboat News: The Blog

Mar 4
2022

I’ve Dealt With Foreign Cyberattacks. America Isn’t Ready for What’s Coming

Yet the United States lacks an organized response. The weekly reports of ransomware attacks and data breaches make it clear that we’re losing this battle. That’s why America’s leaders must rethink the current cyberdefense system and rally around a centralized regulator to defend both citizens and the private sector against current and future attacks.

The decentralized nature of the American government does not lend itself to fighting foreign cyberthreats. Government agencies handle cyberregulation and threats in the sectors they oversee — an inefficient and ineffective way to address an issue that cuts across our entire economy. In just the past few months, the D.H.S.’s Transportation Security Agency announced new cybersecurity requirements for pipelines and railroads; the Federal Communications Commission put out its own proposal for telecommunication companies; the Securities and Exchange Commission voted on rules for investment advisers and funds; and the Federal Trade Commission threatened to legally pursue companies that fail to fix a newly detected software vulnerability found in many business applications. And on Capitol Hill, there are approximately 80 committees and subcommittees that claim jurisdiction over various aspects of cyberregulation.

These scattered efforts are unlikely to reduce, let alone stop, cybercrime.

Mar 3
2022

Log4Shell flaw: Still being used for crypto mining, botnet building… and Rickrolls

Log4Shell is still a threat but it’s mostly being used for crypto mining and knocking out websites.

Mar 3
2022

The Growing Threat of Ransomware

Guest contributor, Brian Wallace writes about the rising threat from cyber attackers who in 2021 have cost organizations over $20 billion.

Mar 2
2022

NATO cybersecurity center finishes tests of quantum-proof network

The trial started in March 2021 and was completed in early 2022.

Mar 2
2022

Nvidia Hack Continues with Release of DLSS Source Code

The hackers who struck Nvidia last week have released source code related to DLSS into the wild.

Mar 2
2022

Nvidia hack reportedly leaks six next-gen GeForce GPU names

But no other genuine details have so far made it out of the stolen data folder.

The reported Nvidia hack has allegedly thrown up the codenames of a bunch of next-gen GPUs, which have now been leaked out to the press. The most pertinent ones for us would be the Lovelace GeForce GPUs, of which there are six listed, but here are also listings for the server-based Hopper and Blackwell GPUs. This looks to have come from an initial leak of some of the stolen documents, supplied to Videocardz.

The green team is allegedly being held to ransom over the Ethereum hash rate limiter attached to its most recent graphics card release after hacking group, Lapsus$, made off with around 1TB of sensitive data.

Mar 2
2022

Second New ‘IsaacWiper’ Data Wiper Targets Ukraine After Russian Invasion

A new, third, data wiper malware — dubbed “IsaacWiper” — is now targeting Ukrainian governmental systems.

Teabot android banking malware spreads again through google play store apps.

Mar 2
2022

TeaBot Android Banking Malware Spreads Again Through Google Play Store Apps

An Android banking trojan designed to steal credentials and SMS messages has been observed once again sneaking past Google Play Store protections to target users of more than 400 banking and financial apps, including those from Russia, China, and the U.S.

Mar 1
2022

Nvidia Hackers Threaten to Release Mining-Limiter Killer

But they also request that Nvidia remove the mining performance limiter itself.

Following last week’s purported hack conducted by South-America-based Lapsus$ group, the hackers have now started to release data obtained from the 1 TB-worth of stolen information — and threaten to release a mining performance unlocker should Nvidia not do it first.

Feb 28
2022

Hackers attack train network to stop Putin’s troops moving to Ukraine

The hackers claimed that the attack was to “slow down the transfer” of troops moving from Belarus to northern Ukraine, saying that they had put the trains in “manual control” mode which would “significantly slow down the movement of trains, but will not create emergency situations.”

An ideological aversion to high-stakes situations has been expressed by other hacking groups. Anonymous, which has claimed a number of attacks on Russia’s banks and services, the websites of the President of the Russian Federation and Russia’s Ministry of Defence, has said that critical infrastructure is a “no-go” due to the risk of exacerbating the already tumultuous situation in eastern Europe.

Sergei Voitehowich, a former employee of Belarus’s state-owned Belarus Railway company, said that the Cyber Partisans had damaged the train traffic control system and that while it has been restored, other systems were experiencing issues and making it “impossible to buy tickets”, according to Bloomberg.