Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 77

A group of hackers was able to take control of a decommissioned satellite and use it to stream a hacking conference’s talks and hacker movies.

On Saturday, at the DEF CON hacking conference in Las Vegas, Karl Koscher, one of the members of a hacking enthusiasts group called Shadytel, explained how he and his friends were able to legally stream from a satellite in geostationary orbit—35,786 km or 22,236 miles from the surface of the planet.

The satellite had been decommissioned and was about to be sent to the so-called “graveyard orbit,” a far-away orbit where satellites go to die.

Read more | >

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.

With the explosive growth of technology, businesses are more vulnerable than ever to malicious cyber attacks. And as cybercriminals become more sophisticated, new methods of attack are popping up left and right.

To add fuel to the fire, the average cost of a data breach increased from $3.86 million to $4.24 million in 2021. That’s costly enough to put most SMBs into the red. Not to mention the reputational damage it can cause for your brand.

Read more | >

Making predictions is never easy, but it is agreed that cryptography will be altered by the advent of quantum computers.

Thirteen, 53, and 433. That’s the size of quantum computers.

Hh5800/iStock.

In fact, the problems used for cryptography are so complex for our present algorithms and computers that the information exchange remains secure for any practical purposes – solving the problem and then hacking the protocol would take a ridiculous number of years. The most paradigmatic example of this approach is the RSA protocol (for its inventors Ron Rivest, Adi Shamir, and Leonard Adleman), which today secures our information transmissions.

Read more | >

The Guardian dice que un incidente cibernético a fines de diciembre de 2022 que provocó que el periódico británico cerrara sus oficinas durante semanas fue causado por ransomware e informó al personal el miércoles que los hackers habían accedido a sus datos.

Un correo electrónico enviado a su personal por la directora ejecutiva de Guardian Media Group Anna Bateson y la editora en jefe Katharine Viner dijeron que el ataque probablemente fue provocado por un correo electrónico de phishing.

El diario no entregó detalles de los datos expuestos aunque aclaró que no se ha visto afectado ningún dato personal de sus lectores o del personal en sus oficinas de EE.UU. o Australia.

Read more | >

Researchers from the cyber security firm Imperva Red Team have disclosed information on a newly found and fixed vulnerability that affected over 2.5 billion Google Chrome users as well as all Chromium-based browsers such as Edge and Opera.

The vulnerability, which is identified as CVE-2022–3656, makes it possible for remote attackers to acquire sensitive user data such as passwords for cloud service providers and knowledge about cryptocurrency wallets. After further investigation, it was determined that the problem was caused by the manner in which the Chrome browser dealt with symlinks when processing directories and files.

Because of this vulnerability, an attacker can use social engineering to convince a victim to visit a website that has been compromised and then download a ZIP archive file from that website. The file will contain a symlink to a valuable folder or file that is already present on the device, such as wallet keys. The user is requested to input their recovery keys whenever this file is sent back to this site as a component of an infection chain, such as a crypto wallet service.

Read more | >

A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems.

“The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto wallets from victim machines,” Uptycs security researcher Karthickkumar Kathiresan said in a report.

Details of the campaign were first disclosed by Milan-based IT services firm SI.net last month.

Read more | >

This post is also available in: he עברית (Hebrew)

Hackers constantly improve at penetrating cyber defenses to steal valuable documents. So some researchers propose using an artificial-intelligence algorithm to hopelessly confuse them, once they break-in, by hiding the real deal amid a mountain of convincing fakes. The algorithm, called Word Embedding–based Fake Online Repository Generation Engine (WE-FORGE), generates decoys of patents under development. But someday it could “create a lot of fake versions of every document that a company feels it needs to guard,” says its developer, Dartmouth College cybersecurity researcher V. S. Subrahmanian.

If hackers were after, say, the formula for a new drug, they would have to find the relevant needle in a haystack of fakes. This could mean checking each formula in detail—and perhaps investing in a few dead-end recipes. “The name of the game here is, ‘Make it harder,’” Subrahmanian explains. “‘Inflict pain on those stealing from you.’”

Read more | >