БЛОГ

Archive for the ‘cybercrime/malcode’ category: Page 31

Nov 4, 2023

How a tiny Pacific Island became the global capital of cybercrime

Posted by in categories: cybercrime/malcode, internet

Up until that moment, Tokelau, formally a territory of New Zealand, didn’t even know it had been assigned a ccTLD. “We discovered the.tk,” remembered Aukusitino Vitale, who at the time was general manager of Teletok, Tokelau’s sole telecom operator.

Zuurbier said “that he would pay Tokelau a certain amount of money and that Tokelau would allow the domain for his use,” remembers Vitale. It was all a bit of a surprise—but striking a deal with Zuurbier felt like a win-win for Tokelau, which lacked the resources to run its own domain. In the model pioneered by Zuurbier and his company, now named Freenom, users could register a free domain name for a year, in exchange for having advertisements hosted on their websites. If they wanted to get rid of ads, or to keep their website active in the long term, they could pay a fee.

In the succeeding years, tiny Tokelau became an unlikely internet giant—but not in the way it may have hoped. Until recently, its.tk domain had more users than any other country’s: a staggering 25 million. But there has been and still is only one website actually from Tokelau that is registered with the domain: the page for Teletok. Nearly all the others that have used.tk have been spammers, phishers, and cybercriminals.

Nov 3, 2023

Hackers Are Taking Over Starlink Accounts, Ordering Thousands In Equipment

Posted by in categories: cybercrime/malcode, mobile phones

Imagine this scenario: It’s early Saturday morning, you just woke up, and are trying to check the news on your phone while enjoying a cup of coffee. You notice your phone isn’t connected to the internet for some reason. You check the Starlink app for a system status, and it’s offline. Attempts to create a support ticket are unsuccessful, your Starlink account credentials aren’t being accepted. The bank calls a few moments later. They’ve frozen your credit card due to fraud. You listen, stunned, as they explain that someone has ordered over $6,000 worth of Starlink equipment in the last 24 hours.

No internet service, thousands of dollars stolen, and no help from Starlink. This is an increasingly common situation faced by Starlink customers. Hackers are gaining access to unsuspecting Starlink accounts, and using the payment information on file to order thousands in equipment. Later, they will resell the equipment on 3rd party marketplaces like Amazon, eBay, and Facebook Marketplace. In this article, I’ll explain what’s going on, how to protect yourself, and what Starlink needs to do to prevent more accounts from being hacked.

Table of Contents.

Nov 2, 2023

Saudi Aramco CEO Warns of New Threat of Generative AI

Posted by in categories: cybercrime/malcode, robotics/AI

The world’s largest oil company issued a warning this week that the energy sector is vulnerable to attacks, particularly with the advent of new technologies such as generative AI.

Amin H. Nasser, CEO of Saudi Aramco, told the Global Cybersecurity Forum that the energy sector is an attractive target to those who want to do harm. “Any large-scale disruption to the steady supply of energy would have an immediate and significant impact around the world,” he said.

According to local media reports, Nasser said new technologies, such as generative AI, are game changers for many industries but must be assessed to identify how they may pose new threats, and any vulnerabilities must be addressed before being fully deployed.

Nov 2, 2023

HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability

Posted by in categories: cybercrime/malcode, internet

🚨 Urgent: Thousands of internet-accessible ActiveMQ instances are at risk.

HelloKitty ransomware group is actively exploiting a critical Remote Code Execution (RCE) flaw, CVE-2023–46604, in Apache ActiveMQ.

Find details here ➡️.

Continue reading “HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability” »

Nov 1, 2023

It’s Cheap to Exploit Software — and That’s a Major Security Problem

Posted by in categories: cybercrime/malcode, mobile phones

How much would it cost to hack your phone? The best guess for an iPhone is between $0 and $65,000 — and that price mainly depends on you. If you skipped a really important security update, the cost is closer to $0.

Say you were up to date. That $65,000 figure is an upper cost of exploiting the median individual — switch to an Android, a Mac, or a PC and it could get a lot lower. Apple has invested enormous resources in hardening the iPhone. The asking price for an individual exploit, rather than as a service, can go as high as $8 million. Compare that to the cost of an exploit of a PDF reader like Adobe Acrobat — notoriously riddled with security vulnerabilities — which according to this TrendMicro research report (PDF) is $250 and up.

Switch from targeting a specific person to targeting any of the thousands of people at a large company and there are myriad ways in. An attacker only needs to find the cheapest one.

Oct 31, 2023

Google Chrome now auto-upgrades to secure connections for all users

Posted by in categories: cybercrime/malcode, encryption, internet

Google has taken a significant step towards enhancing Chrome internet security by automatically upgrading insecure HTTP requests to HTTPS requests for 100% of users.

This feature is called HTTPS-Upgrades and will secure old links that utilize the http:// by automatically attempting to first connect to the URL over the encrypted https:// protocol.

A limited rollout of this feature in Google Chrome began in July, but as of October 16th, Google has now rolled it out to all users on the Stable channel.

Oct 31, 2023

Boeing Breached by Ransomware, LockBit Gang Claims

Posted by in category: cybercrime/malcode

https://informatech.co/3QEBncW by.


In a post on its leak site, prolific ransomware threat group LockBit claims that it breached Boeing, and said that it will start releasing sensitive data it purportedly stole from the company’s systems if ransom demands aren’t met by Nov. 2.

“A tremendous amount of sensitive data was exfiltrated and ready to be published if Boeing do (sic) not contact within deadline!” the LockBit post shared by cybersecurity analyst Dominic Alvieri read. “For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline.”

Continue reading “Boeing Breached by Ransomware, LockBit Gang Claims” »

Oct 30, 2023

ExelaStealer: A New Low-Cost Cybercrime Weapon Emerges

Posted by in category: cybercrime/malcode

🚨 ExelaStealer, a dangerous info-stealing malware, has hit the scene, offering hackers a low-cost entry point for malicious attacks.

Learn more in this article:


Researchers warn of ExelaStealer, a new information stealer targeting Windows systems. It steals sensitive data like passwords, credit card numbers.

Oct 30, 2023

Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Maware

Posted by in category: cybercrime/malcode

🔒 Beware! A new cyber threat is using bogus MSIX Windows app packages for popular software like Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex to spread a dangerous malware called GHOSTPULSE.

Learn more ➜.


Cyber criminals are using fake MSIX Windows app packages of popular software to deliver GHOSTPULSE malware loader.

Oct 29, 2023

OpenAI forms new team to assess “catastrophic risks” of AI

Posted by in categories: biological, chemistry, cybercrime/malcode, robotics/AI

OpenAI’s new preparedness team will address the potential dangers associated with AI, including nuclear threats.

OpenAI is forming a new team to mitigate the “catastrophic risks” associated with AI. In an update on Thursday.

The team will also work to mitigate “chemical, biological, and radiological threats,” as well as “autonomous replication,” or the act of an AI replicating itself. Some other risks that the preparedness team will address include AI’s ability to trick humans, as well as cybersecurity threats.

Continue reading “OpenAI forms new team to assess ‘catastrophic risks’ of AI” »

Page 31 of 220First2829303132333435Last