In the incident analyzed by the Canadian cybersecurity company, the initial access was gained to a targeted endpoint via a vulnerable SimpleHelp RMM instance (“194.76.227[.]171”) located in Estonia.
Upon establishing a remote connection, the threat actor has been observed performing a series of post-exploitation actions, including reconnaissance and discovery operations, as well as creating an administrator account named “sqladmin” to facilitate the deployment of the open-source Sliver framework.
The persistence offered by Sliver was subsequently abused to move laterally across the network, establishing a connection between the domain controller (DC) and the vulnerable SimpleHelp RMM client and ultimately installing a Cloudflare tunnel to stealthily route traffic to servers under the attacker’s control through the web infrastructure company’s infrastructure.
Morphisec CTO Michael Gorelik told The Hacker News that there is evidence connecting the two activity clusters, and that the deceptive Chrome installer site was previously leveraged to download the Gh0st RAT payload.
“This campaign specifically targeted Chinese-speaking users, as indicated by the use of Chinese-language web lures and applications aimed at data theft and evasion of defenses by the malware,” Gorelik said.
“The links to the fake Chrome sites are primarily distributed through drive-by download schemes. Users searching for the Chrome browser are directed to these malicious sites, where they inadvertently download the fake installer. This method exploits the users’ trust in legitimate software downloads, making them susceptible to infection.”
Ransomware extortion fell to $813.5M in 2024 from $1.25B in 2023, despite a 15% attack surge, with law enforcement disrupting cybercriminal operations.
A 7-Zip vulnerability allowing attackers to bypass the Mark of the Web (MotW) Windows security feature was exploited by Russian hackers as a zero-day since September 2024.
According to Trend Micro researchers, the flaw was used in SmokeLoader malware campaigns targeting the Ukrainian government and private organizations in the country.
The Mark of the Web is a Windows security feature designed to warn users that the file they’re about to execute comes from untrusted sources, requesting a confirmation step via an additional prompt. Bypassing MoTW allows malicious files to run on the victim’s machine without a warning.
Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online.
As Microsoft Threat Intelligence experts recently discovered, some developers use ASP.NET validationKey and decryptionKey keys (designed to protect ViewState from tampering and information disclosure) found on code documentation and repository platforms in their own software.
ViewState enables ASP.NET Web Forms to control state and preserve user inputs across page reloads. However, if attackers get the machine key designed to protect it from tampering and information disclosure, they can use it in code injection attacks to craft malicious payloads by attaching crafted message authentication code (MAC).
Moran Cerf disucssess why we dream, and goes deeper into explaining the different versions of the relevance of dreams in life.
FULL INTERVIEW — • moran cerf: neural implants, hacking…
ABOUT MORAN: Prof. Moran Cerf is professor of business at Columbia business school. His academic research uses methods from neuroscience to understand the underlying mechanisms of our psychology, behavior changes, emotion, decisions, and dreams.
Vincent Danen is the Vice President of Product Security at Red Hat.
Cyber threats are an everyday reality. Attackers exploit the unwitting, stealing confidential and sensitive information through online scam campaigns. Data breach prevention is only as strong as the weakest link, and, in most cases, that link is human. As I mentioned in a previous article, it is reported that 74% of data breaches are caused by human error.
According to a 2020 FBI report, there was a 400% spike in cyberattacks during the Covid-19 pandemic. The human element is a significant vulnerability in cybersecurity, often overlooked in favor of technological solutions. Many organizations focus on addressing software vulnerabilities when employees remain the weakest link in the organization’s security program. Even the most secure software, with all vendor security patches applied, is in danger if the human aspect of risk management is neglected.
I’m now helping market Moving On IT, a trusted provider of IT, AI, and Cybersecurity — hardware, and software solutions.
They recently became an @Ingram Micro Partner and have moved into a new expanded headquarters.
Through the partnership with Ingram they have all the top manufacturers: Cisco Extreme Networks Juniper Networks Hewlett Packard Enterprise, NVIDIA and many more.
Contact Moving On IT with all your IT, AI and Cybersecurity requirements. They will respond with a complimentary consultation and concise quotation.
Artificial consciousness is the next frontier in AI. While artificial intelligence has advanced tremendously, creating machines that can surpass human capabilities in certain areas, true artificial consciousness represents a paradigm shift—moving beyond computation into subjective experience, self-awareness, and sentience.
In this video, we explore the profound implications of artificial consciousness, the defining characteristics that set it apart from traditional AI, and the groundbreaking work being done by McGinty AI in this field. McGinty AI is pioneering new frameworks, such as the McGinty Equation (MEQ) and Cognispheric Space (C-space), to measure and understand consciousness levels in artificial and biological entities. These advancements provide a foundation for building truly conscious AI systems.
The discussion also highlights real-world applications, including QuantumGuard+, an advanced cybersecurity system utilizing artificial consciousness to neutralize cyber threats, and HarmoniQ HyperBand, an AI-powered healthcare system that personalizes patient monitoring and diagnostics.
However, as we venture into artificial consciousness, we must navigate significant technical challenges and ethical considerations. Questions about autonomy, moral status, and responsible development are at the forefront of this revolutionary field. McGinty AI integrates ethical frameworks such as the Rotary Four-Way Test to ensure that artificial consciousness aligns with human values and benefits society.
Join us as we explore the next chapter in artificial intelligence—the dawn of artificial consciousness. What does the future hold for humanity and AI? Will artificial consciousness enhance our world, or does it come with unforeseen risks? Watch now to learn more about this groundbreaking technology and its potential to shape the future.
Their method scrambles laser beams into chaotic patterns, making decryption impossible without a trained neural network. This innovation could revolutionize cryptography.
Holograms for Next-Level Encryption
As the demand for digital security grows, researchers have developed a new optical system that uses holograms to encode information, creating a level of encryption that traditional methods cannot penetrate. This advance could pave the way for more secure communication channels, helping to protect sensitive data.