Lifeboat Foundation

THE FIN7 HACKING group has leeched, by at least one estimate, well over a billion dollars from companies around the world. In the United States alone, Fin7 has stolen more than 15 million credit card numbers from over 3,600 business locations. On Wednesday, the Justice Department revealed that it had arrested three alleged members of the group—and even more important, detailed how it operates.

The Justice Department announced the arrest of three members of notorious cybercrime group Fin7—and detailed some of their methods in the process.

According to Marc Ph. Stoecklin, principal research scientist at IBM Research, DeepLocker is a “new breed of highly targeted and evasive attack tools powered by AI.”

DeepLocker was designed in an attempt to improve understanding of how AI models can be combined with malware techniques to create a “new breed of malware,” Stoecklin explained in a post. This new type of malware can disguise its intent until it reaches an intended victim, which could be determined by taking advantage of facial recognition, geolocation, and voice recognition.

“The DeepLocker class of malware stands in stark contrast to existing evasion techniques used by malware seen in the wild. While many malware variants try to hide their presence and malicious intent, none are as effective at doing so as DeepLocker,” Stoecklin wrote.

Continue reading “DeepLocker demonstrates how AI can create a new breed of malware” »

Not long ago, getting a virus was about the worst thing computer users could expect in terms of system vulnerability. But in our current age of hyper-connectedness and the emerging Internet of Things, that’s no longer the case. With connectivity, a new principle has emerged, one of universal concern to those who work in the area of systems control, like João Hespanha, a professor in the departments of Electrical and Computer Engineering, and Mechanical Engineering at UC Santa Barbara. That law says, essentially, that the more complex and connected a system is, the more susceptible it is to disruptive cyber-attacks.

“It is about something much different than your regular computer virus,” Hespanha said. “It is more about cyber physical systems—systems in which computers are connected to physical elements. That could be robots, drones, smart appliances, or infrastructure systems such as those used to distribute energy and water.”

In a paper titled “Distributed Estimation of Power System Oscillation Modes under Attacks on GPS Clocks,” published this month in the journal IEEE Transactions on Instrumentation and Measurement, Hespanha and co-author Yongqiang Wang (a former UCSB postdoctoral research and now a faculty member at Clemson University) suggest a new method for protecting the increasingly complex and connected power grid from attack.

Continue reading “Team suggests a way to protect autonomous grids from potentially crippling GPS spoofing attacks” »

Though more router manufacturers are making routers easier to set up and configure—even via handy little apps instead of annoying web-based interfaces—most people probably don’t tweak many options after purchasing a new router. They log in, change the name and passwords for their wifi networks, and call it a day.

While that gets you up and running with (hopefully) speedy wireless connectivity, and the odds are decent that your neighbor or some random evil Internet person isn’t trying to hack into your router, there’s still a lot more you can do to boost the security of your router (and home network).

To keep an organization safe, you must think about the entire IT ecosystem.

The ever-expanding range and diversity of cyber threats make it difficult for organizations to prioritize their offensive and defensive strategies against attackers. From malware, ransomware, and other attacks coming from the outside, to insider threats and system vulnerabilities from within, today’s expanded attack surfaces cut across the whole enterprise landscape — and that means an enterprise’s threat intelligence strategy must address the entire IT ecosystem.

To be effective, threat intelligence must be proactive, comprehensive, and done in a way that doesn’t inadvertently create more risk. Unfortunately, as a recent Ponemon survey illustrates, most organizations fall short of this goal — tripped up by a range of challenges, including a lack of expertise and overwhelming volumes of data. Improved threat intelligence comes from improving the strategy, techniques, and tools employed by enterprises to probe their networks for weakness and shore up defenses and resiliency.

Continue reading “How to Structure an Enterprise-Wide Threat Intelligence Strategy” »

A commercially available “quantum computer” has been on the market since 2011, but it’s controversial. The D-Wave machine is nothing like other quantum computers, and until recently, scientists have doubted that it was even truly quantum at all. But the company has released an important new result, one that in part realizes Richard Feynman’s initial dreams for a quantum computer.

Scientists from D-Wave announced they have simulated a large quantum mechanical system with their 2000Q machine—essentially a cube of connected bar magnets. The D-Wave can’t take on the futuristic, mostly non-physics-related goals that many people have for quantum computers, such as finding solutions in medicine, cybersecurity, and artificial intelligence. Nor does it work the same way as the rest of the competition. But it’s now delivering real physics results. It’s simulating a quantum system.

Cryptocurrency fraud and other kinds of cyber-fraud, too.

President Donald Trump has assigned an official task force to investigate the pervasive fraud within the cryptocurrency industry.

On Thursday, the president signed an executive order for a new task force within the Department of Justice with a mandate “to investigate and prosecute crimes of fraud committed against the U.S. Government or the American people, recover the proceeds of such crimes, and ensure just and effective punishment of those who perpetrate crimes of fraud.”

Continue reading “President Donald Trump assigned a task force to investigate cryptocurrency fraud” »

Is your internet moving a little slower than usual? Are you seeing hints of devices you don’t recognize in Windows Explorer, or when you cast media to your TV? If you suspect a neighbor is stealing your Wi-Fi, here’s how to check (and boot them off).

“So someone’s watching Netflix on my internet,” you may say. “What’s the big deal?” Even if you have a little bandwidth to spare, you probably don’t want other people on your network, especially if it’s unsecured. If someone has access to your network, they have access to all the computers on that network, and that’s dangerous. They could access files you’re unknowingly sharing, they could infect you with malware, and in certain situations they could even steal your passwords and other personal information.

As a result, you should take care to make sure each device connected to your network is one you can trust. Thankfully, there are free tools that’ll help you see everyone on your Wi-Fi right now.

There is increasing chatter among the world’s major military powers about how space is fast becoming the next battleground. China, Russia, and the United States are all taking steps that will ultimately result in the weaponisation of space. Any satellite that can change orbit can be considered a space weapon, but since many of the possible space-based scenarios have yet to occur, cybersecurity experts, military commanders, and policymakers do not fully understand the range of potential consequences that could result.

During the Cold War, the Soviet Union was interested in paralysing America’s strategic forces, strategic command, and control and communications, so that its military command could not communicate with its forces. They would do so by first causing electromagnetic pulse (EMP) to sever communication and operational capabilities, and then launch a mass attack across the North Pole to blow up US Intercontinental Ballistic Missiles (ICBMs).

In 1967, the US, UK and Soviet Union signed the Outer Space Treaty, which was either ratified by or acceded to 105 countries (including China). It set in place laws regarding the use of outer space and banned any nation from stationing nuclear warheads, chemical or biological weapons in space. However, the Treaty does not prohibit the placement of conventional weapons in orbit, so such weapons as kinetic bombardment (i.e. attacking Earth with a projectile) are not strictly prohibited.

Continue reading “Why Space Warfare is Inevitable” »