БЛОГ

Archive for the ‘cybercrime/malcode’ category: Page 114

Jul 5, 2021

Google cloud VMs servers can be hacked via DHCP using this vulnerability in a specific scenario

Posted by in category: cybercrime/malcode

A recent security report states that it is possible to hijack sessions on Google Compute Engine virtual machines to gain root access through a DHCP attack. While deploying this attack is impractical, an exploit attempt can be highly functional.

The report, published on GitHub, mentions that a threat actor could allow threat actors to take control of virtual machines because these deployments rely on ISC DHCP software, which employs a very weak random number generator. A successful attack clutters these virtual machines with DHCP traffic, forcing the use of a fake metadata server controlled by an attacker.

If the attack is successful, the virtual machine uses the unauthorized server for its configuration instead of an official Google one, which would allow cybercriminals to log in to the affected device with root access.

Jul 4, 2021

Fourth of July weekend ransomware attack hits thousands of companies in 17 countries

Posted by in categories: business, cybercrime/malcode

In some cases, chain reactions fed more widespread disruption.

The Swedish Coop grocery store chain had to close hundreds of stores on Saturday because its cash registers are run by Visma Esscom, which manages servers for a number of Swedish businesses and in turn uses Kaseya.

Brett Callow, a ransomware expert at the cybersecurity firm Emsisoft, said he was unaware of any previous ransomware supply-chain attack on this scale.

Jul 4, 2021

Helicopter Ingenuity in trouble on Mars losing ability to take Hi-Res color photos

Posted by in categories: cybercrime/malcode, robotics/AI, space

https://youtube.com/watch?v=dQfV2_sROBw

On June 25, 2021 NASA published detail description of future missions for Ingenuity Mars Helicopter considering 2nd software update because of HD imaging issue. Ingenuity’s team determined that capturing color images may have been inducing the imaging pipeline glitch, which resulted in the instability (Flight 6 anomaly). So Mars Helicopter needs 2nd software update to make thing going well within upcoming 9th flight. Ingenuity’s first bug was solved by software update (watchdog timer issue). Another software update for Mars Helicopter is intended to return ability to make 13 Megapixels photos on mars without flight anomalies for Ingenuity. Last week Mars Helicopter completed 8th flight on flying to 160 meters South and Perseverance goes to new location Séítah as well. Black and white images are from Ingenuity’s onboard camera directly. Mars Helicopter flew for 77.4 seconds. Maximal horizontal speed was 4 meters per second. Altitude was 10 meters. Ingenuity made amazing work to live on Mars autonomously.

Credit: nasa.gov, NASA/JPL-Caltech, NASA/JPL-Caltech/ASU

Continue reading “Helicopter Ingenuity in trouble on Mars losing ability to take Hi-Res color photos” »

Jul 4, 2021

Ransomware attack before holiday leaves companies scrambling

Posted by in categories: biotech/medical, business, cybercrime/malcode

Businesses around the world rushed Saturday to contain a ransomware attack that has paralyzed their computer networks, a situation complicated in the U.S. by offices lightly staffed at the start of the Fourth of July holiday weekend.

It’s not yet known how many organizations have been hit by demands that they pay a ransom in order to get their systems working again. But some cybersecurity researchers predict the attack targeting customers of software supplier Kaseya could be one of the broadest ransomware attacks on record.

It follows a scourge of headline-grabbing attacks over recent months that have been a source of diplomatic tension between U.S. President Joe Biden and Russian President Vladimir Putin over whether Russia has become a safe haven for cybercriminal gangs.

Jul 2, 2021

Hacker obtains data on thousands of VPN users

Posted by in category: cybercrime/malcode

User records from a popular no-logs VPN service were obtained following a data breach.


A hacker has obtained LimeVPN’s entire database from a backup of its website which they are now selling online.

Jul 2, 2021

NSA, FBI warn of ongoing brute force hacking campaign tied to Russian military

Posted by in categories: cybercrime/malcode, government, military

Russian military intelligence tied to the group Fancy Bear are using brute force techniques to infiltrate the networks of government and private sector organizations, a joint advisory from US and UK cybersecurity agencies said.

Jun 30, 2021

Cybercriminals are deploying legit security tools far more than before, researchers conclude

Posted by in category: cybercrime/malcode

Answer.


Financially motivated cybercriminals are increasingly turning to Cobalt Stike, a legitimate tool that cybersecurity professionals use to test system security, researchers at Proofpoint found.

The cybersecurity firm declined to disclose specific numbers but reported a 161% increase in attacks using Cobalt Strike in 2020 compared to 2019. Proofpoint researchers have already seen tens of thousands of organizations targeted by the tool this year and expect those numbers to climb in 2021, according to the report the firm released Tuesday.

Continue reading “Cybercriminals are deploying legit security tools far more than before, researchers conclude” »

Jun 30, 2021

Hackers are investing in each other’s operations—just like VCs invest in startups

Posted by in category: cybercrime/malcode

Ransomware continues to grow more sophisticated and lucrative, and now security firm LIFARS says operators have built a Silicon Valley-like VC ecosystem.

Jun 29, 2021

Microsoft approved a Windows driver booby-trapped with rootkit malware

Posted by in category: cybercrime/malcode

Redmond’s legendary QA strikes again.

Jun 26, 2021

Microsoft says new breach discovered in probe of suspected SolarWinds hackers

Posted by in category: cybercrime/malcode

SAN FRANCISCO, June 25 (Reuters) — Microsoft (MSFT.O) said on Friday an attacker had won access to one of its customer-service agents and then used information from that to launch hacking attempts against customers.

The company said it had found the compromise during its response to hacks by a team it identifies as responsible for earlier major breaches at SolarWinds (SWI.N) and Microsoft.

Microsoft said it had warned the affected customers. A copy of one warning seen by Reuters said the attacker belonged to the group Microsoft calls Nobelium and that it had access during the second half of May.