БЛОГ

Archive for the ‘cybercrime/malcode’ category: Page 121

May 19, 2021

Ethical hacking group worms its way into Fermilab

Posted by in categories: cybercrime/malcode, education

A group of “ethical hackers” has obtained access to sensitive systems and proprietary online data hosted by the Fermi National Accelerator Laboratory in the US after accessing multiple unsecured entry points in late April and early May. The group – Sakura Samuraidiscovered configuration data for the lab’s NoVa experiment and more than 4500 “tickets” for tracking internal projects.

The Sakura Samurai team has previous experience probing the vulnerabilities of scientific and educational organizations, which hold critical information that if leaked could put those institutions at risk. “Fermilab was no different,” Sakura Samurai leader Robert Willis told Physics World. “Oversharing can be very dangerous, especially when it’s sharing credentials that could enable a malicious actor to take over a server with the potential to move across their network to access items that the organization wouldn’t even think of being vulnerable.”

May 19, 2021

Splunk to buy security intelligence-sharing startup TruStar

Posted by in categories: cybercrime/malcode, robotics/AI

Splunk today announced it plans to acquire security software company TruStar for an undisclosed amount. The acquisition will add TruStar’s cloud-native, cyber intelligence-sharing capabilities and automated processes to Splunk’s growing cybersecurity portfolio.

“TruStar will help us get even better at predictive threat assessments by strengthening our threat intelligence framework. This acquisition will allow customers to autonomously and seamlessly enrich their (security operation center) workflows with threat intelligence data feeds from heterogeneous sources,” Splunk president and CEO Doug Merritt told VentureBeat in an exclusive interview.

The pending deal is in line with Splunk’s philosophy that “security is a data problem,” he said. The announcement marks a return to M&A activity for Splunk and the massive $1.05 billion deal for SignalFX in 2019. The company also made four cloud-related acquisitions in 2020.

May 17, 2021

Ransomware’s Dangerous New Trick Is Double-Encrypting Your Data

Posted by in category: cybercrime/malcode

Even when you pay for a decryption key, your files may still be locked up by another strain of malware.

May 17, 2021

Windows 10 has a built-in ransomware block, you just need to enable it

Posted by in categories: biotech/medical, cybercrime/malcode

Not the usual medical or science, but it may help someone.


Windows 10 comes with its own baked-in antivirus solution called Windows Defender, and it is enabled by default when setting up a new PC. At the very least, that affords you some basic protection against the many malware threats out in the wild. But did you know there is an added optional layer that can keep your pictures, videos, work documents, and other files safe in the event of a ransomware infection? The caveat is that you have to manually enable ransomware protection in Windows 10.

Continue reading “Windows 10 has a built-in ransomware block, you just need to enable it” »

May 9, 2021

The Colonial Pipeline Hack Is a New Extreme for Ransomware

Posted by in categories: cybercrime/malcode, energy

An attack has crippled the company’s operations—and cut off a large portion of the East Coast’s fuel supply—in an ominous development for critical infrastructure.

May 8, 2021

Cyber attack shuts down top U.S. fuel pipeline network

Posted by in categories: cybercrime/malcode, energy

Top U.S. fuel pipeline operator Colonial Pipeline has shut its entire network, the source of nearly half of the U.S. East Coast’s fuel supply, after a cyber attack that the company said was caused by ransomware.

The shutdown has raised fears of a price spike at the gas pumps ahead of peak demand summer driving season if it persists, and has drawn attention to how critical U.S. energy infrastructure is vulnerable to hackers.

Colonial transports 2.5 million barrels per day of gasoline, diesel, jet fuel and other refined products through 5500 miles (8850 km) of pipelines linking refiners on the Gulf Coast to the eastern and southern United States.

May 4, 2021

Spectre Strikes Back: New Hacking Vulnerability Affecting Billions of Computers Worldwide

Posted by in category: cybercrime/malcode

Computing experts thought they had developed adequate security patches after the major worldwide Spectre flaw of 2018, but UVA’s discovery shows processors are open to hackers again.

In 2018, industry and academic researchers revealed a potentially devastating hardware flaw that made computers and other devices worldwide vulnerable to attack.

Researchers named the vulnerability Spectre because the flaw was built into modern computer processors that get their speed from a technique called “speculative execution,” in which the processor predicts instructions it might end up executing and preps by following the predicted path to pull the instructions from memory. A Spectre attack tricks the processor into executing instructions along the wrong path. Even though the processor recovers and correctly completes its task, hackers can access confidential data while the processor is heading the wrong way.

May 4, 2021

They Told Their Therapists Everything. Hackers Leaked It All

Posted by in categories: biotech/medical, business, cybercrime/malcode, neuroscience

A mental health startup built its business on easy-to-use technology. Patients joined in droves. Then came a catastrophic data breach.

Apr 29, 2021

Hackers use a bug to evade macOS defenses

Posted by in categories: cybercrime/malcode, robotics/AI

Lauded for years as the system able to best prevent malware infection, macOS recently fell victim to an operating system vulnerability that hackers used to circumvent all of Apple’s system defenses.

Security researcher Cedric Owens discovered this bug in March 2021 while assessing Apple’s Gatekeeper mechanism, a safeguard that will only allow developers to run their on Macs after registering with Apple and paying a fee. Moreover, the company requires that all applications undergo an automated vetting process to further protect against malicious software.

Unfortunately, Owens uncovered a logic flaw in the macOS itself, rather than the . The bug allowed attackers to develop able to deceive the operating system into running their malware regardless of whether they passed Apple’s safety checks. Indeed, this flaw resembles a door that has been securely locked and bolted but still has a small pet door at the bottom through which you can break in or insert a bomb.

Apr 29, 2021

The U.S. Navy’s New Unhackable GPS Alternative: The Stars

Posted by in category: cybercrime/malcode

GPS is a world-changing technology. It’s also incredibly fragile, easily spoofable, and consistently hackable. That’s why the U.S. Navy and Marine Corps are looking to the stars for a navigational Plan B.