Lifeboat Foundation

A growing number of ransomware groups are adopting a new tactic that helps them encrypt their victims’ systems faster while reducing the chances of being detected and stopped.

This tactic is called intermittent encryption, and it consists of encrypting only parts of the targeted files’ content, which would still render the data unrecoverable without using a valid decryptor+key.

For example, by skipping every other 16 bytes of a file, the encryption process takes almost half of the time required for full encryption but still locks the contents for good.

Researchers have found a spike in ransomware, banking trojans and other cyber-attacks across the globe including in India and as per recent data from Japanese cybersecurity firm, Trend Micro. The data showed that India ranks third in terms of Emotet attacks, a kind of malware originally designed as a banking Trojan and is aimed at stealing financial data.

Data from Trend Micro shows that Emotet has continued to thrive in 2022. The first half of 2022 saw a whopping 976.7% increase in Emotet detections at 148,700, compared to the first half of 2021 which was pegged at 13811.

Japan leads with 107,669, followed by the US (4,937) in the second spot and India occupying the third place (3,729) number of detection. Italy (3,442) and Brazil (3,006) are the other countries with the highest number of Emotet detections in the first half of 2022. These attacks have globally increased by over 10 times in the first half of 2022 compared to the first half of the previous year, likely because of prolific threat actors using it as part of their operations, the research said.

The ITRC has received many reports from victims staying their Instagram account was hacked after falling for a bitcoin scam.

Researchers are working on an injectable that could get dormant follicles growing again. Trials on mice show promise.

A lot of hurdles remain before the emerging technology of self-driving personal and commercial vehicles is common, but transportation researchers at The University of Alabama developed a promising, inexpensive system to overcome one challenge: GPS hacking that can send a self-driving vehicle to the wrong destination.

Initial research shows a self-driving vehicle can use already installed sensors to detect traveling the wrong route when passengers are unaware of the change, thwarting an attempt to spoof the GPS signal to the vehicle, according to findings outlined in recently published papers in the IEEE Transactions on Intelligent Transportation Systems and Transportation Research Record: Journal of the Transportation Research Board.

Relying on software code and in-vehicle sensors already part of the self-driving system would be cheaper for consumer and commercial vehicles to deny the hacked directions used to steer cargo or people away from their intended destination, said Dr. Mizanur Rahman, assistant professor of civil, construction and environmental engineering and affiliate researcher with the Alabama Transportation Institute.

Facebook, Apple, Google, Microsoft logins all reportedly hackable with new EvilProxy service.

Security researchers have discovered that Minecraft is the most heavily abused game title by cybercriminals, who use it to lure unsuspecting players into installing malware.

Based on stats collected by the security firm between July 2021 and July 2022, Minecraft-related files accounted for roughly 25% of malicious files spreading via game brand abuse, followed by FIFA (11%), Roblox (9.5%), Far Cry (9.4%), and Call of Duty (9%).

Other game titles with notable percentages of abuse during this period are Need for Speed, Grand Theft Auto, Valorant, The Sims, and GS: GO.

A new stealthy Linux malware known as Shikitega has been discovered infecting computers and IoT devices with additional payloads.

The malware exploits vulnerabilities to elevate its privileges, adds persistence on the host via crontab, and eventually launches a cryptocurrency miner on infected devices.

Shikitega is quite stealthy, managing to evade anti-virus detection using a polymorphic encoder that makes static, signature-based detection impossible.

A reverse-proxy Phishing-as-a-Service (PaaS) platform called EvilProxy has emerged, promising to steal authentication tokens to bypass multi-factor authentication (MFA) on Apple, Google, Facebook, Microsoft, Twitter, GitHub, GoDaddy, and even PyPI.

The service enables low-skill threat actors who don’t know how to set up reverse proxies to steal online accounts that are otherwise well-protected.

Reverse proxies are servers that sit between the targeted victim and a legitimate authentication endpoint, such as a company’s login form. When the victim connects to a phishing page, the reverse proxy displays the legitimate login form, forwards requests, and returns responses from the company’s website.