Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 60

Feb 27, 2023

ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks

Posted by in category: cybercrime/malcode

A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk (VHD) files, marking a deviation from the ISO optical disc image format.

“These VHD files are being distributed with filenames that make them appear like either hacks or cracks for Nintendo and Steam games,” AhnLab Security Emergency response Center (ASEC) said in a report last week.

ChromeLoader (aka Choziosi Loader or ChromeBack) originally surfaced in January 2022 as a browser-hijacking credential stealer but has since evolved into a more potent, multifaceted threat capable of stealing sensitive data, deploying ransomware, and even dropping decompression bombs.

Feb 23, 2023

New Hacking Cluster ‘Clasiopa’ Targeting Materials Research Organizations in Asia

Posted by in category: cybercrime/malcode

Materials research organizations in Asia have been targeted by a previously unknown threat actor using a distinct set of tools.

Symantec, by Broadcom Software, is tracking the cluster under the moniker Clasiopa. The origins of the hacking group and its affiliations are currently unknown, but there are hints that suggest the adversary could have ties to India.

This includes references to “SAPTARISHI-ATHARVAN-101” in a custom backdoor and the use of the password “iloveindea1998^_^” for a ZIP archive.

Feb 23, 2023

Ben Goertzel — Countering Objections to Mind Uploading

Posted by in categories: cybercrime/malcode, neuroscience

Ben Goertzel in response to some common objections covered in an article on io9 by George Dvorsky ‘You’ll Probably Never Upload Your Mind Into A Computer’: http://io9.com/you-ll-probably-never-upload-your-mind-into-a-computer-474941498

Objections are covered in order as they appear in the article:
1. Brain functions are not computable.
2. We’ll never solve the hard problem of consciousness.
3. We’ll never solve the binding problem.
4. Panpsychism is true.
5. Mind-body dualism is true.
6. It would be unethical to develop.
7. We can never be sure it works.
8. Uploaded minds would be vulnerable to hacking and abuse.

Continue reading “Ben Goertzel — Countering Objections to Mind Uploading” »

Feb 22, 2023

10 Dark Web Monitoring Tools

Posted by in category: cybercrime/malcode

Enterprises looking to get ahead of data breaches and data leaks can benefit from using dark web monitoring tools and scan for personally identifiable information and even respond to attacks. Here is a list of 10 such tools.

Feb 22, 2023

How to Detect New Threats via Suspicious Activities

Posted by in category: cybercrime/malcode

Protect yourself and your organization from the threat of unknown malware. Check out this guide to detecting suspicious behavior.

Feb 22, 2023

U.S. Cybersecurity Agency CISA Adds Three New Vulnerabilities in KEV Catalog

Posted by in category: cybercrime/malcode

CISA has updated its Known Exploited Vulnerabilities catalog with three new vulnerabilities that are currently being exploited.

Feb 22, 2023

Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks

Posted by in categories: cybercrime/malcode, government

An open source command-and-control (C2) framework known as Havoc is being adopted by threat actors as an alternative to other well-known legitimate toolkits like Cobalt Strike, Sliver, and Brute Ratel.

Cybersecurity firm Zscaler said it observed a new campaign in the beginning of January 2023 targeting an unnamed government organization that utilized Havoc.

“While C2 frameworks are prolific, the open-source Havoc framework is an advanced post-exploitation command-and-control framework capable of bypassing the most current and updated version of Windows 11 defender due to the implementation of advanced evasion techniques such as indirect syscalls and sleep obfuscation,” researchers Niraj Shivtarkar and Niraj Shivtarkar said.

Feb 17, 2023

New Mirai Botnet Variant ‘V3G4’ Exploiting 13 Flaws to Target Linux and IoT Devices

Posted by in category: cybercrime/malcode

A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices.

Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different campaigns likely conducted by the same threat actor.

“Once the vulnerable devices are compromised, they will be fully controlled by attackers and become a part of the botnet,” Unit 42 researchers said. “The threat actor has the capability to utilize those devices to conduct further attacks, such as distributed denial-of-service (DDoS) attacks.”

Feb 16, 2023

Cybersecurity defenders are expanding their AI toolbox

Posted by in categories: cybercrime/malcode, robotics/AI

Scientists have taken a key step toward harnessing a form of artificial intelligence known as deep reinforcement learning, or DRL, to protect computer networks.

When faced with sophisticated cyberattacks in a rigorous simulation setting, was effective at stopping adversaries from reaching their goals up to 95 percent of the time. The outcome offers promise for a role for autonomous AI in proactive cyber defense.

Scientists from the Department of Energy’s Pacific Northwest National Laboratory documented their findings in a research paper and presented their work Feb. 14 at a workshop on AI for Cybersecurity during the annual meeting of the Association for the Advancement of Artificial Intelligence in Washington, D.C.

Feb 15, 2023

Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second

Posted by in category: cybercrime/malcode

Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service (DDoS) attack that peaked at over 71 million requests per second (RPS).

“The majority of attacks peaked in the ballpark of 50–70 million requests per second (RPS) with the largest exceeding 71 million,” the company said, calling it a “hyper-volumetric” DDoS attack.

It’s also the largest HTTP DDoS attack reported to date, more than 35% higher than the previous 46 million RPS DDoS attack that Google Cloud mitigated in June 2022.

Page 60 of 223First5758596061626364Last