Lifeboat Foundation

Google’s cybersecurity team warns that this is neither the first nor the last time.

Cryptomining is a very energy-intensive process with analysis by the University of Cambridge showing that Bitcoin consumes more electricity than the entire country of Argentina. Now, Google has released a new report stating that malicious cryptocurrency miners are using hacked Google Cloud accounts for mining purposes.

The report is called “Threat Horizons” and it aims to help organizations keep their cloud environments secure.

Continue reading “Rogue Miners Are Using Google Cloud Servers to Mine Cryptocurrencies” »

To address the growing threat of cyberattacks on industrial control systems, a KAUST team including Fouzi Harrou, Wu Wang and led by Ying Sun has developed an improved method for detecting malicious intrusions.

Internet-based industrial control systems are widely used to monitor and operate factories and critical infrastructure. In the past, these systems relied on expensive dedicated networks; however, moving them online has made them cheaper and easier to access. But it has also made them more vulnerable to attack, a danger that is growing alongside the increasing adoption of internet of things (IoT) technology.

Conventional security solutions such as firewalls and antivirus software are not appropriate for protecting industrial control systems because of their distinct specifications. Their sheer complexity also makes it hard for even the best algorithms to pick out abnormal occurrences that might spell invasion.

In this DNA factory, organism engineers are using robots and automation to build completely new forms of life.
»Subscribe to Seeker! http://bit.ly/subscribeseeker.
»Watch more Focal Point | https://bit.ly/2M3gmbK

Ginkgo Bioworks, a Boston company specializing in “engineering custom organisms,” aims to reinvent manufacturing, agriculture, biodesign, and more.

Continue reading “This Synthetic DNA Factory Is Building New Forms of Life” »

More than 9 million Android phones are infected with malware distributed through Huawei’s AppGallery Store.

Apple has filed a federal lawsuit against Israeli spyware firm NSO Group for illegally targeting users with the Pegasus malware.

Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails.

When threat actors conduct malicious email campaigns, the hardest part is to trick users into trusting the sender enough so that they open up linked to or included malware-distributing attachments.

TrendMicro researchers have discovered an interesting tactic used of distributing malicious email to a company’s internal users using the victim’s compromised Microsoft exchange servers.

Cher sang about manipulating it while Doctor Who dramatized it. This hacker went one better and did it. Here’s how time got hacked.

During a 1961 address to the National Association of Manufacturers in New York City, John F. Kennedy said that “we must use time as a tool, not as a couch.” Fast forward fifty years, and one hacker has demonstrated exactly how to do that: by hacking time.

What is time anyway? What is time? That’s not an easy question to answer definitively.

Continue reading “Can Time Be Hacked? Here’s How One Hacker Demonstrated It Can” »

Researchers at ETH Zurich have discovered major vulnerabilities in DRAM memory devices, which are widely used in computers, tablets and smartphones. The vulnerabilities have now been published together with the National Cyber Security Centre, which for the first time has assigned an identification number for it.

When browsing the internet on a laptop computer or writing messages on a smartphone, we all like to think that we are reasonably safe from hacker attacks as long as we have installed the latest software updates and anti-virus software. But what if the problem lies not with the software, but with the hardware? A team of researchers led by Kaveh Razavi at ETH Zurich, together with colleagues at the Vrije Universiteit Amsterdam and Qualcomm Technologies, have recently discovered fundamental vulnerabilities affecting the memory component called DRAM at the heart of all modern computer systems.

The results of their research have now been accepted for publication at a flagship IT security conference, and the Swiss National Cyber Security Centre (NCSC) has issued a Common Vulnerabilities and Exposures (CVE) number. This is the first time that a CVE identification has been issued by the NCSC in Switzerland (see box below). On a scale of 0 to 10, the severity of the vulnerability has been rated as 9.

Researchers demonstrated new way to catch advanced MITM phishing toolkits in the wild.