БЛОГ

Archive for the ‘cybercrime/malcode’ category

Oct 20, 2021

Bitcoin ETFs should not exist

Posted by in categories: bitcoin, cybercrime/malcode

Grayscale wants to convert the trust to an ETF, one that owns bitcoins rather than futures, to lose the discount. Which raises a question: why has the Securities and Exchange Commission approved a bitcoin futures ETF, and not yet a plain bitcoin ETF? Bitcoin is tricky enough. Adding futures compounds the trickiness.

I’m not sure what the answer to this is, but it seems to be that bitcoin scares the SEC, because God knows where it originates (in a server farm somewhere in China?), who holds most of it (cyberbaddies?), what it is used for (illegal activity?), or what risks it may entail (hacking? Fraud?). Bitcoin futures, by contrast, are created and traded within the confines of the CME, under the watchful eye of the Commodity Futures Trading Commission, in the upstanding American city of Chicago.


And a few more words on margins.

Continue reading “Bitcoin ETFs should not exist” »

Oct 19, 2021

Hacker steals government ID database for Argentina’s entire population

Posted by in categories: cybercrime/malcode, government

A hacker has breached the Argentinian government’s IT network and stolen ID card details for the country’s entire population, data that is now being sold in private circles.

The hack, which took place last month, targeted RENAPER, which stands for Registro Nacional de las Personas, translated as National Registry of Persons.

The agency is a crucial cog inside the Argentinian Interior Ministry, where it is tasked with issuing national ID cards to all citizens, data that it also stores in digital format as a database accessible to other government agencies, acting as a backbone for most government queries for citizen’s personal information.

Continue reading “Hacker steals government ID database for Argentina’s entire population” »

Oct 19, 2021

Covert Cognizance: A Novel Predictive Modeling Paradigm

Posted by in categories: cybercrime/malcode, economics, information science, nuclear energy, robotics/AI

(2021). Nuclear Technology: Vol. 207 No. 8 pp. 1163–1181.


Focusing on nuclear engineering applications, the nation’s leading cybersecurity programs are focused on developing digital solutions to support reactor control for both on-site and remote operation. Many of the advanced reactor technologies currently under development by the nuclear industry, such as small modular reactors, microreactors, etc., require secure architectures for instrumentation, control, modeling, and simulation in order to meet their goals. 1 Thus, there is a strong need to develop communication solutions to enable secure function of advanced control strategies and to allow for an expanded use of data for operational decision making. This is important not only to avoid malicious attack scenarios focused on inflicting physical damage but also covert attacks designed to introduce minor process manipulation for economic gain. 2

These high-level goals necessitate many important functionalities, e.g., developing measures of trustworthiness of the code and simulation results against unauthorized access; developing measures of scientific confidence in the simulation results by carefully propagating and identifying dominant sources of uncertainties and by early detection of software crashes; and developing strategies to minimize the computational resources in terms of memory usage, storage requirements, and CPU time. By introducing these functionalities, the computers are subservient to the programmers. The existing predictive modeling philosophy has generally been reliant on the ability of the programmer to detect intrusion via specific instructions to tell the computer how to detect intrusion, keep log files to track code changes, limit access via perimeter defenses to ensure no unauthorized access, etc.

Continue reading “Covert Cognizance: A Novel Predictive Modeling Paradigm” »

Oct 19, 2021

Google Cloud invests $50 million in cybersecurity startup Cybereason

Posted by in categories: cybercrime/malcode, robotics/AI

Cybereason, a Tel Aviv-and Boston, Massachusetts-based cybersecurity company providing endpoint prevention, detection, and response, has secured a $50 million investment from Google Cloud, VentureBeat has learned. It extends the series F round that Cybereason announced in July from $275 million to $325 million, making Cybereason one of the best-funded startups in the cybersecurity industry with over $713 million in the capital.

We reached out to a Google Cloud spokesperson, but they didn’t respond by press time.

The infusion of cash comes after Cybereason and Google Cloud entered into a strategic partnership to bring to market a platform — Cybereason XDR, powered by Chronicle — that can ingest and analyze “petabyte-scale” telemetry from endpoints, networks, containers, apps, profiles, and cloud infrastructure. Combining technology from Cybereason, Google Cloud, and Chronicle, the platform scans more than 23 trillion security-related events per week and applies AI to help reveal, mitigate, and predict cyberattacks correlated across devices, users, apps, and cloud deployments.

Oct 18, 2021

Hackers Keep Targeting the US Water Supply

Posted by in category: cybercrime/malcode

Plus: The biggest Twitch hack, an iOS zero day, and more of the week’s top security news.

Oct 18, 2021

CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems

Posted by in category: cybercrime/malcode

The U.S. Cybersecurity Infrastructure and Security Agency (CISA) issues a warning about cyber threats targeting wastewater and water systems.

Oct 18, 2021

VirusTotal Releases Ransomware Report Based on Analysis of 80 Million Samples

Posted by in category: cybercrime/malcode

As many as 130 different ransomware families have been found to be active in 2020 and the first half of 2,021 with Israel, South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran, and the U.K. emerging as the most affected territories, a comprehensive analysis of 80 million ransomware-related samples has revealed.

Google’s cybersecurity arm VirusTotal attributed a significant chunk of the activity to the GandCrab ransomware-as-a-service (RaaS) group (78.5%), followed by Babuk (7.61%), Cerber (3.11%), Matsnu (2.63%), Wannacry (2.41%), Congur (1.52%), Locky (1.29%), Teslacrypt (1.12%), Rkor (1.11%), and Reveon (0.70%).

Oct 15, 2021

US links $5.2 billion worth of Bitcoin transactions to ransomware

Posted by in categories: bitcoin, cybercrime/malcode, finance

The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has identified roughly $5.2 billion worth of outgoing Bitcoin transactions likely tied to the top 10 most commonly reported ransomware variants.

FinCEN identified 177 CVC (convertible virtual currency) wallet addresses used for ransomware-related payments after analyzing 2,184 SARs (Suspicious Activity Reports) filed between January 1 2011, and June 30 2021, and reflecting $1.56 billion in suspicious activity.

Based on blockchain analysis of transactions tied to the 177 CVC wallets, FinCEN identified roughly $5.2 billion in outgoing BTC transactions potentially tied to ransomware payments.

Continue reading “US links $5.2 billion worth of Bitcoin transactions to ransomware” »

Oct 14, 2021

Homeland Security Warns of Cyberattacks Intended to Kill People

Posted by in category: cybercrime/malcode

More hackers are out “purely to do harm.”

Oct 8, 2021

Researchers create ‘self-aware’ algorithm to ward off hacking attempts

Posted by in categories: biotech/medical, cybercrime/malcode, information science, nuclear energy, robotics/AI

It sounds like a scene from a spy thriller. An attacker gets through the IT defenses of a nuclear power plant and feeds it fake, realistic data, tricking its computer systems and personnel into thinking operations are normal. The attacker then disrupts the function of key plant machinery, causing it to misperform or break down. By the time system operators realize they’ve been duped, it’s too late, with catastrophic results.

The scenario isn’t fictional; it happened in 2,010 when the Stuxnet virus was used to damage nuclear centrifuges in Iran. And as ransomware and other cyberattacks around the world increase, system operators worry more about these sophisticated “false data injection” strikes. In the wrong hands, the computer models and data analytics—based on artificial intelligence—that ensure smooth operation of today’s electric grids, manufacturing facilities, and power plants could be turned against themselves.

Purdue University’s Hany Abdel-Khalik has come up with a powerful response: To make the computer models that run these cyberphysical systems both self-aware and self-healing. Using the background noise within these systems’ data streams, Abdel-Khalik and his students embed invisible, ever-changing, one-time-use signals that turn passive components into active watchers. Even if an is armed with a perfect duplicate of a system’s model, any attempt to introduce falsified data will be immediately detected and rejected by the system itself, requiring no human response.

Page 1 of 11212345678Last