May 2023 – Lifeboat News: The Blog https://lifeboat.com/blog Safeguarding Humanity Thu, 01 Jun 2023 03:27:46 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.1 Signs of a Critical Imbalance in Physics Seen in The Arrangements of Galaxies https://russian.lifeboat.com/blog/2023/05/signs-of-a-critical-imbalance-in-physics-seen-in-the-arrangements-of-galaxies Thu, 01 Jun 2023 03:27:46 +0000 https://lifeboat.com/blog/2023/05/signs-of-a-critical-imbalance-in-physics-seen-in-the-arrangements-of-galaxies

Physicists have long puzzled over why there is more matter in the Universe than its flipped twin, antimatter. Without this imbalance, the two types of material would have canceled out, leaving nothing but a boring glow in the vast emptiness of space.

Somehow, at some point, something changed in the way the Universe works on a fundamental level, favoring the mirrored state – or parity – of one kind of ‘stuff’ over the other.

Scientists have sought clues to this critical moment in the remnants of the Big Bang, including the cosmic microwave background and gravitational waves, without much luck.

]]>
NASA’s Webb Telescope spots a water plume twice the length of the US, spewing from a Saturn moon that could host alien life https://russian.lifeboat.com/blog/2023/05/nasas-webb-telescope-spots-a-water-plume-twice-the-length-of-the-us-spewing-from-a-saturn-moon-that-could-host-alien-life Thu, 01 Jun 2023 03:27:36 +0000 https://lifeboat.com/blog/2023/05/nasas-webb-telescope-spots-a-water-plume-twice-the-length-of-the-us-spewing-from-a-saturn-moon-that-could-host-alien-life

Gigantic plumes of ocean water are spraying out of Enceladus at a rate of 79 gallons a second, creating a water “donut” around Saturn.

]]>
This Woman Feels No Pain. Decoding Her DNA Could Bring Relief to Millions https://russian.lifeboat.com/blog/2023/05/this-woman-feels-no-pain-decoding-her-dna-could-bring-relief-to-millions Thu, 01 Jun 2023 03:27:24 +0000 https://lifeboat.com/blog/2023/05/this-woman-feels-no-pain-decoding-her-dna-could-bring-relief-to-millions

Jo Cameron is a 75-year-old Scottish woman who has gone through life without experiencing significant pain of any kind. Even major surgery and childbirth failed to deliver the discomfort most of us would experience.

According to an interview with the BBC in 2019, Cameron only knows her skin is burning if she smells or sees it. To her, suffering is nothing more than an abstract concept.

The quirk that Cameron was born with is shared with just a few other people in th e world. Called congenital analgesia, it is a one-in-a-million condition with multiple genetic causes that may come with other symptoms, such as sweating more or having no sense of smell.

]]>
The Laboratory of the Future: How New Technologies Reform Research https://russian.lifeboat.com/blog/2023/05/the-laboratory-of-the-future-how-new-technologies-reform-research Thu, 01 Jun 2023 03:26:54 +0000 https://lifeboat.com/blog/2023/05/the-laboratory-of-the-future-how-new-technologies-reform-research

New advancements in automation, AI, connectivity, sustainability, and more propel research forward.

]]>
If your Laptop or PC has Gigabyte motherboard then it has backdoor for hackers https://russian.lifeboat.com/blog/2023/05/if-your-laptop-or-pc-has-gigabyte-motherboard-then-it-has-backdoor-for-hackers Thu, 01 Jun 2023 03:26:19 +0000 https://lifeboat.com/blog/2023/05/if-your-laptop-or-pc-has-gigabyte-motherboard-then-it-has-backdoor-for-hackers

Researchers at the cybersecurity firm Eclypsium, which focuses on firmware, reported today that they have found a secret backdoor in the firmware of motherboards manufactured by the Taiwanese manufacturer Gigabyte’s components are often used in gaming PCs and other high-performance systems. Eclypsium discovered that whenever a computer with the affected Gigabyte motherboard restarts, code inside the motherboard’s firmware silently triggers the launch of an updater application, which then downloads and runs another piece of software on the machine. Researchers discovered that the hidden code was built in an unsafe manner, making it possible for the mechanism to be hijacked and used to install malware rather than Gigabyte’s intended software.

Despite the fact that Eclypsium claims the hidden code is intended to be a harmless utility to keep the motherboard’s firmware updated, researchers determined that the implementation was vulnerable. And since the updater application is activated from the computer’s firmware rather than the operating system, it is difficult for users to either delete it or even detect it on their own. In the blog post, the company details the 271 different versions of Gigabyte motherboards that the researchers think are vulnerable. According to experts, individuals who are interested in discovering the motherboard that is used by their computer may do so by selecting “Start” in Windows and then selecting “System Information.”

Users who don’t trust Gigabyte to silently install code on their machine with a nearly invisible tool may have been concerned by Gigabyte’s updater alone. Other users may have been concerned that Gigabyte’s mechanism could be exploited by hackers who compromise the motherboard manufacturer to exploit its hidden access in a software supply chain attack. The update process was designed and built with obvious flaws that left it susceptible to being exploited in the following ways: It downloads code to the user’s workstation without properly authenticating it, and in certain cases, it even does it through an unsecured HTTP connection rather than an HTTPS one. This would make it possible for a man-in-the-middle attack to be carried out by anybody who is able to intercept the user’s internet connection, such as a malicious Wi-Fi network. The attack would enable the installation source to be faked.

]]>
New phishing technique to allows hacking someone using.zip &.mov domains https://russian.lifeboat.com/blog/2023/05/new-phishing-technique-to-allows-hacking-someone-using-zip-mov-domains Thu, 01 Jun 2023 03:26:05 +0000 https://lifeboat.com/blog/2023/05/new-phishing-technique-to-allows-hacking-someone-using-zip-mov-domains

When a victim visits a website ending in. ZIP, a recently developed phishing method known as “file archiver in the browser” may be used to “emulate” file-archiving software in the target’s web browser.

According to information published by a security researcher named mr.d0x last week, “with this phishing attack, you simulate a file archiver software (e.g., WinRAR) in the browser and use a.zip domain to make it appear more legitimate,”

In a nutshell, threat actors could develop a realistic-looking phishing landing page using HTML and CSS that replicates genuine file archiving software. They could then host the website on a.zip domain, which would elevate social engineering tactics to a higher level.

]]>
New GobRAT Remote Access Trojan Targeting Linux Routers in Japan https://russian.lifeboat.com/blog/2023/05/new-gobrat-remote-access-trojan-targeting-linux-routers-in-japan Thu, 01 Jun 2023 03:25:49 +0000 https://lifeboat.com/blog/2023/05/new-gobrat-remote-access-trojan-targeting-linux-routers-in-japan

Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT.

“Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT,” the JPCERT Coordination Center (JPCERT/CC) said in a report published today.

The compromise of an internet-exposed router is followed by the deployment of a loader script that acts as a conduit for delivering GobRAT, which, when launched, masquerades as the Apache daemon process (apached) to evade detection.

]]>
CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security https://russian.lifeboat.com/blog/2023/05/captcha-breaking-services-with-human-solvers-helping-cybercriminals-defeat-security Thu, 01 Jun 2023 03:25:37 +0000 https://lifeboat.com/blog/2023/05/captcha-breaking-services-with-human-solvers-helping-cybercriminals-defeat-security

Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish legitimate users from bot traffic.

“Because cybercriminals are keen on breaking CAPTCHAs accurately, several services that are primarily geared toward this market demand have been created,” Trend Micro said in a report published last week.

“These CAPTCHA-solving services don’t use [optical character recognition] techniques or advanced machine learning methods; instead, they break CAPTCHAs by farming out CAPTCHA-breaking tasks to actual human solvers.”

]]>
Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining https://russian.lifeboat.com/blog/2023/05/cybercriminals-targeting-apache-nifi-instances-for-cryptocurrency-mining Thu, 01 Jun 2023 03:25:28 +0000 https://lifeboat.com/blog/2023/05/cybercriminals-targeting-apache-nifi-instances-for-cryptocurrency-mining

A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement.

The findings come from the SANS Internet Storm Center (ISC), which detected a spike in HTTP requests for “/nifi” on May 19, 2023.

“Persistence is achieved via timed processors or entries to cron,” said Dr. Johannes Ullrich, dean of research for SANS Technology Institute. “The attack script is not saved to the system. The attack scripts are kept in memory only.”

]]>
Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices https://russian.lifeboat.com/blog/2023/05/critical-firmware-vulnerability-in-gigabyte-systems-exposes-7-million-devices Thu, 01 Jun 2023 03:25:16 +0000 https://lifeboat.com/blog/2023/05/critical-firmware-vulnerability-in-gigabyte-systems-exposes-7-million-devices

Cybersecurity researchers have found “backdoor-like behavior” within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format.

Firmware security firm Eclypsium said it first detected the anomaly in April 2023. Gigabyte has since acknowledged and addressed the issue.

“Most Gigabyte firmware includes a Windows Native Binary executable embedded inside of the UEFI firmware,” John Loucaides, senior vice president of strategy at Eclypsium, told The Hacker News.

]]>