БЛОГ

Archive for the ‘cybercrime/malcode’ category: Page 20

Feb 9, 2024

Raspberry Robin Malware Upgrades with Discord Spread and New Exploits

Posted by in category: cybercrime/malcode

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before.

This means that “Raspberry Robin has access to an exploit seller or its authors develop the exploits themselves in a short period of time,” Check Point said in a report this week.

Raspberry Robin (aka QNAP worm), first documented in 2021, is an evasive malware family that’s known to act as one of the top initial access facilitators for other malicious payloads, including ransomware.

Feb 8, 2024

Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware

Posted by in categories: cybercrime/malcode, robotics/AI

Threat actor “Patchwork” uses romance scams to spread espionage apps in India and Pakistan! Learn how they infiltrated Android devices with VajraSpy.

Feb 7, 2024

Critical vulnerability affecting most Linux distros allows for bootkits

Posted by in categories: cybercrime/malcode, internet

Linux developers are in the process of patching a high-severity vulnerability that, in certain cases, allows the installation of malware that runs at the firmware level, giving infections access to the deepest parts of a device where they’re hard to detect or remove.

The vulnerability resides in shim, which in the context of Linux is a small component that runs in the firmware early in the boot process before the operating system has started. More specifically, the shim accompanying virtually all Linux distributions plays a crucial role in secure boot, a protection built into most modern computing devices to ensure every link in the boot process comes from a verified, trusted supplier. Successful exploitation of the vulnerability allows attackers to neutralize this mechanism by executing malicious firmware at the earliest stages of the boot process before the Unified Extensible Firmware Interface firmware has loaded and handed off control to the operating system.

The vulnerability, tracked as CVE-2023–40547, is what’s known as a buffer overflow, a coding bug that allows attackers to execute code of their choice. It resides in a part of the shim that processes booting up from a central server on a network using the same HTTP that the Internet is based on. Attackers can exploit the code-execution vulnerability in various scenarios, virtually all following some form of successful compromise of either the targeted device or the server or network the device boots from.

Feb 4, 2024

Tech and Cyber Predictions For 2024

Posted by in categories: cybercrime/malcode, robotics/AI, space

Welcome to the latest edition of Security & Tech Insights. In this newsletter, predictions on topics of cybersecurity, emerging computing, artificial intelligence, and space will be explored. Thanks for reading and sharing!

Chuck Brooks, Editor.

https://enterprise.spectrum.com/insights/blog/2024-enterpris…aid-Social.

Feb 1, 2024

AI-Powered Proof Generator Helps Debug Software

Posted by in categories: biotech/medical, cybercrime/malcode, engineering, mathematics

Not all software is perfect—many apps, programs, and websites are released despite bugs. But the software behind critical systems like cryptographic protocols, medical devices, and space shuttles must be error-free, and ensuring the absence of bugs requires going beyond code reviews and testing. It requires formal verification.

Formal verification involves writing a mathematical proof of your code and is “one of the hardest but also most powerful ways of making sure your code is correct,” says Yuriy Brun, a professorat the University of Massachusetts Amherst.

To make formal verification easier, Brun and his colleagues devised a new AI-powered method called Baldur to automatically generate proofs. The accompanying paper, presented in December 2023 at the ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering in San Francisco, won a Distinguished Paper award. The team includes Emily First, who completed the study as part of her doctoral dissertation at UMass Amherst; Markus Rabe, a former researcher at Google, where the study was conducted; and Talia Ringer, an assistant professor at the University of Illinois Urbana-Champaign.

Jan 27, 2024

Scientists explore DNA hacking for functional 3D nanostructures

Posted by in categories: biotech/medical, cybercrime/malcode, nanotechnology

Scientists use DNA hacking to create a variety of 3D metallic and semiconductor nanostructures for advanced technologies.

Jan 27, 2024

Hacking DNA To Make Next-Gen Materials

Posted by in categories: biotech/medical, cybercrime/malcode, nanotechnology

Researchers have ‘hacked’ DNA to develop self-assembling metallic and semiconductor 3D nanostructures, the building blocks for next-generation materials.

Jan 25, 2024

Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters

Posted by in category: cybercrime/malcode

Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors with a Google account to take control of a Kubernetes cluster.

The critical shortcoming has been codenamed Sys: All by cloud security firm Orca. As many as 250,000 active GKE clusters in the wild are estimated to be susceptible to the attack vector.

In a report shared with The Hacker News, security researcher Ofir Yakobi said it “stems from a likely widespread misconception that the system: authenticated group in Google Kubernetes Engine includes only verified and deterministic identities, whereas in fact, it includes any Google authenticated account (even outside the organization).”

Jan 24, 2024

VexTrio: The Uber of Cybercrime — Brokering Malware for 60+ Affiliates

Posted by in categories: cybercrime/malcode, energy, information science

VexTrio, the shadowy entity controlling a massive network of 70,000+ domains, is finally in the spotlight. This “traffic broker” fuels countless scams & malware campaigns, including ClearFake, SocGholish, & more. Read:


The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive “criminal affiliate program,” new findings from Infoblox reveal.

The latest development demonstrates the “breadth of their activities and depth of their connections within the cybercrime industry,” the company said, describing VexTrio as the “single largest malicious traffic broker described in security literature.”

Continue reading “VexTrio: The Uber of Cybercrime — Brokering Malware for 60+ Affiliates” »

Jan 24, 2024

Mother of All Breaches: LinkedIn, X, Telegram, Adobe named in 26B leak

Posted by in category: cybercrime/malcode

The researchers have given the breach the title — MOAB, meaning ‘Mother of All Breaches.’

The security of your personal data hangs in the balance as cybersecurity experts uncover what could be the mother of all breaches, posing a threat of unprecedented proportions.


Researchers have warned that a database containing 26 billion leaked data records has been discovered. The supermassive data leak is likely the biggest found to date.

Continue reading “Mother of All Breaches: LinkedIn, X, Telegram, Adobe named in 26B leak” »

Page 20 of 216First1718192021222324Last