Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 72

Oct 13, 2022

TypoSwype: An image recognition tool to detect typosquatting attacks

Posted by in category: cybercrime/malcode

In recent decades, cyberattacks have become increasingly varied, introducing various strategies to lure users onto malicious websites or prompt them to share sensitive data. As a result, computer scientists are continuously trying to develop more advanced tools to detect and neutralize these attacks.

Typosquatting, one of the most common attacks carried out online, exploits the human tendency to misspell words when typing quickly or to misread words when they have small topographical errors. Typosquatting essentially consists in the creation of malicious websites with URLs that resemble established sites, but with slight typos (e.g., “fqcebook” instead of “facebook” or “yuube” instead of “youtube”). When a user mistakenly visits these websites, they might unwillingly download malware or end up sharing personal information with the attackers.

Most existing techniques for detecting these are based on spell-checking tools. While these tools can work in some instances, they do not generalize well, as their performance typically depends on the vocabulary of words used to train them.

Oct 13, 2022

New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems

Posted by in category: cybercrime/malcode

Researchers have identified a new Chinese malware attack framework that includes a C2 framework called “Alchimist” and malware called “Insekt.”

Oct 13, 2022

What You Need for a Strong Security Posture

Posted by in category: cybercrime/malcode

Cybersecurity has been compared to a never-ending game of whack-a-mole, with an ever-changing cast of threats and threat actors. While the attacks that make headlines may change from year to year, the basic fact remains: Any network, no matter how obscure the organization it supports, most likely will come under attack at some point. Thus, attaining and maintaining a strong security posture is of critical importance for organizations of any size.

An organization’s security posture, however, is constantly changing. Employees join or leave the company; endpoints are added and discarded; and network and security technologies are deployed, decommissioned, configured, and updated. Each change in network elements can represent a potential attack vector for malware and other threats.

That’s why security teams should review their security processes periodically and keep aligned with new developments in defensive and offensive testing and modeling. Doing so can help move the needle on security maturity from the most basic to an advanced, much stronger security posture, and from a reactive to a proactive model.

Oct 12, 2022

Emulating impossible ‘unipolar’ laser pulses paves the way for processing quantum information

Posted by in categories: cybercrime/malcode, encryption, quantum physics

A laser pulse that sidesteps the inherent symmetry of light waves could manipulate quantum information, potentially bringing us closer to room temperature quantum computing.

The study, led by researchers at the University of Regensburg and the University of Michigan, could also accelerate conventional computing.

Quantum computing has the potential to accelerate solutions to problems that need to explore many variables at the same time, including drug discovery, weather prediction and encryption for cybersecurity. Conventional computer bits encode either a 1 or 0, but quantum bits, or qubits, can encode both at the same time. This essentially enables quantum computers to work through multiple scenarios simultaneously, rather than exploring them one after the other. However, these mixed states don’t last long, so the must be faster than electronic circuits can muster.

Oct 8, 2022

Facebook warns against data breach: Here’s how to avoid it

Posted by in categories: cybercrime/malcode, internet, robotics/AI

The social media platform announced on Friday that it identified more than 400 malicious Android and iOS apps this year which target internet users in order to steal their login credentials.

Meta Platforms Inc. reveals that it would notify one million Facebook users that their account credentials may have been compromised due to security issues with apps downloaded from Alphabet Inc. and Apple Inc.’s software store.

https://www.livemint.com/technology/apps/facebook-warns-agai…5206859852.

Oct 8, 2022

The world’s biggest crypto exchange Binance lost $100 million in hack

Posted by in categories: cryptocurrencies, cybercrime/malcode

The hackers have not yet been identified.

Binance, the world’s largest cryptocurrency exchange, was hacked, and around $100 million of Binance Coins (BNB) were stolen, the CEO of Binance, Changpeng “CZ” Zhao, tweeted Friday morning.


The CEO of Binance, Changpeng “CZ” Zhao, took to Twitter on Friday morning to announce that his platform had been hacked and that $100 million in Binance Coins had been stolen. The hackers have yet to be identified.

Oct 8, 2022

Team demonstrates that basic mechanism for internet security can be broken

Posted by in categories: cybercrime/malcode, government, internet

The National research center for Cybersecurity ATHENE has found a way to break one of the basic mechanisms used to secure internet traffic. The mechanism, called RPKI, is actually designed to prevent cybercriminals or government attackers from diverting traffic on the internet.

Such redirections are surprisingly common on the internet, for example, for espionage or through misconfigurations. The ATHENE scientist team of Prof. Dr. Haya Shulman showed that attackers can completely bypass the security mechanism without the affected network operators being able to detect this. According to analyses by the ATHENE team, popular implementations of RPKI worldwide were vulnerable by early 2021.

The team informed the manufacturers, and now presented the findings to the international expert public.

Oct 7, 2022

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

Posted by in category: cybercrime/malcode

As part of another BYOVD attack, BlackByte ransomware exploits a flaw in a legitimate Windows driver to bypass security software.

Oct 7, 2022

Malware Apps May Have Stolen The Passwords Of 1 Million Facebook Users, Meta Says

Posted by in category: cybercrime/malcode

Rudimentary malware hidden inside fake photo editors, VPNs and even horoscope and flashlight apps has affected a large number of Facebook users, says a new report released by Meta.

Oct 5, 2022

Experts Warn of New RatMilad Android Spyware Targeting Enterprise Devices

Posted by in categories: cybercrime/malcode, robotics/AI

A new Android malware dubbed “RatMilad” has been observed targeting Middle Eastern enterprise mobile devices by posing as VPNs and spoofing apps.

Page 72 of 222First6970717273747576Last