БЛОГ

Archive for the ‘cybercrime/malcode’ category: Page 163

Aug 14, 2019

Carnegie Mellon team flexes hacking prowess with fifth DefCon title in seven years

Posted by in category: cybercrime/malcode

PITTSBURGH, Aug. 12, 2019 /PRNewswire/ — Carnegie Mellon University’s competitive hacking team, the Plaid Parliament of Pwning (PPP), just won its fifth hacking world championship in seven years at this year’s DefCon security conference, widely considered the “World Cup” of hacking. The championship, played in the form of a virtual game of “capture the flag,” was held August 8–11 in Las Vegas.

PPP now holds two more DefCon titles than any other team in the 23-year history of DefCon hosting the competition.

“If you’re wondering who the best and brightest security experts in the world are, look no further than the capture the flag room at DefCon,” says David Brumley, a professor of Electrical and Computer Engineering at Carnegie Mellon, and the faculty advisor to the team.

Aug 14, 2019

They Stole Your Files, You Don’t Have to Pay the Ransom

Posted by in categories: cybercrime/malcode, law enforcement

The F.B.I. should follow the example of European law enforcement and help victims of ransomware decrypt their data.

Aug 14, 2019

Turn your Tesla into a CIA-like counter-surveillance tool with this hack

Posted by in categories: cybercrime/malcode, surveillance, transportation

A software engineer has built an impressive real-time counter-surveillance tool for Tesla vehicles on top of Sentry Mode.

It looks like something the CIA or James Bond would have in their car.

Aug 12, 2019

Pre-installed apps in 7 million Android devices found containing malware

Posted by in categories: cybercrime/malcode, mobile phones, surveillance

Security researchers from Google’s Project Zero team recently uncovered pre-installed apps in Android devices that either allowed remote attackers to carry out remote code execution, could disable Google Play Protect in devices, or could collect information on users’ web activities.

At the Black Hat cybersecurity conference in Las Vegas, Maddie Stone, a security researcher on Project Zero and who previously served as Senior Reverse Engineer & Tech Lead on Android Security team, revealed that her team discovered three instances of Android malware being pre-installed in budget Android phones in the recent past.

One such pre-installed app was capable of turning off Google Play Protect, the default mobile security app in Android devices, thereby leaving devices vulnerable to all forms of cyber attacks or remote surveillance. The Project Zero team also found an app pre-installed on Android phones that gathered logs of users’ web activities.

Aug 12, 2019

Cloud Atlas Hackers Add Polymorphic Malware to Their Toolkit

Posted by in categories: cybercrime/malcode, government

Cyber-espionage group Cloud Atlas has added polymorphic malware to its arsenal to avoid having its operations detected and monitored with the help of previously collected indicators of compromise (IOCs).

The hacking group also known as Inception [1, 2] was initially identified in 2014 by Kaspersky’s Global Research and Analysis Team researchers, and it has a history of targeting government agencies and entities from a wide range of industries via spear-phishing campaigns.

While the malware and Tactics, Techniques, and Procedures (TTP) Cloud Atlas uses during its operations has remained unchanged since at least 2018, the APT group has now added new polymorphic HTML Application malware dropper in the form of a malicious HTA and a backdoor dubbed VBShower.

Aug 9, 2019

Considering the nuclear option for ridding computer of malware

Posted by in category: cybercrime/malcode

The last-resort option for getting rid of malware is reinstalling Windows. Also, the tricky thing about Microsoft’s OneDrive cloud storage. And how to get a certain antivirus program off your computer. Patrick Marshall answers your personal technology questions each week.

Aug 9, 2019

NSA’s reverse-engineering malware tool, Ghidra, to get new features to save time, boost accuracy

Posted by in categories: cybercrime/malcode, engineering, privacy, robotics/AI

Just five months ago at the RSA conference, the NSA released Ghidra, a piece of open source software for reverse-engineering malware. It was an unusual move for the spy agency, and it’s sticking to its plan for regular updates — including some based on requests from the public.

In the coming months, Ghidra will get support for Android binaries, according to Brian Knighton, a senior researcher for the NSA, and Chris Delikat, a cyber team lead in its Research Directorate, who previewed details of the upcoming release with CyberScoop. Knighton and Delikat are discussing their plans at a session of the Black Hat security conference in Las Vegas Thursday.

Before the Android support arrives, a version 9.1 will include new features intended to save time for users and boost accuracy in reverse-engineering malware — enhancements that will come from features such as processor modules, new support for system calls and the ability to conduct additional editing, known as sleigh editing, in the Eclipse development environment.

Aug 9, 2019

Android malware that comes preinstalled is a massive threat

Posted by in categories: cybercrime/malcode, mobile phones

The Android Security team’s former tech lead, who’s now a security researcher on Google’s Project Zero, breaks down why.

Aug 7, 2019

AT&T Workers Installed Malware on Company Network for Cash

Posted by in categories: business, cybercrime/malcode, mobile phones

For five years, several AT&T employees were conspiring with a Pakistani man to install malware on company computers so that man could unlock millions of smartphones subsidized by the carrier, according to federal investigators.

On Tuesday, the Justice Department unsealed an indictment against Muhammad Fahd for bribing AT&T employees at a call center in Washington state to pull off the scheme. According to the feds, Fahd allegedly paid more than $1 million in bribes to the AT&T employees during the conspiracy, which allowed him to fraudulently unlock more than 2 million AT&T phones from 2012 to 2017.

Fahd allegedly partnered with businesses that offered cell phone unlocking services in exchange for a fee. These unnamed business would then supply him with the IMEI numbers of the phones bound to AT&T’s network.

Aug 6, 2019

The evolution of Emotet: How to protect your network

Posted by in categories: cybercrime/malcode, evolution, finance

With over 350,000 new malware samples emerging every day, it’s difficult for any one strain of malware to make a name for itself. Any single malware sample whose name you know — be it Mirai, WannaCry, or NotPetya — speaks to a trail of devastation.

In 2019, people are also hearing another name: Emotet.

But Emotet has been around in one form or another since 2014, and its first major resurgence was in 2017. In the beginning, Emotet was just one trojan among many — a particularly run-of-the-mill banking trojan that did some damage before being researched, understood, and dismissed in a flurry of signature updates.