Lifeboat Foundation

A new Joker malware app on the Play Store infected more than 500,000 Android users.

People in movies are often quick to resort to sawing off someone’s hand to get past a fingerprint scanner. A report from the Kraken Security Labs Team shows that it would be much easier—and less gruesome—to recreate someone’s fingerprint using a little bit of off-the-shelf wood glue.

Kraken notes that biometric security has become increasingly common as smartphone, tablet, and laptop manufacturers have incorporated fingerprint scanners into their products. These scanners offer a convenient way to access those devices without entering a password.

The report says a fingerprint scanner can be “hacked” by using a picture of the target’s fingerprint, creating a negative in Photoshop, printing the resulting image, and then putting some wood glue on top of the imitated fingerprint so it can be used to trick many commercial scanners.

The increase in tensions between the United States and Russia due to Moscow amassing troops on the border with Ukraine is raising concerns Russia may not only put boots on the ground but also turn to hacking operations to put pressure on the U.S. and Ukraine.

Those concerns are underlined by massive hacking efforts by Russia against Ukraine over the past few years and the ransomware attacks linked to Russian hackers against critical U.S. organizations.

“This is a Russian calling card,” Mark Montgomery, senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies, told The Hill Wednesday. “I do worry that they will use their cyber and disinformation tools to try to undermine the stability of the Ukrainian economic security and national security.”

A suspected Chinese hacking campaign has breached four more US defense and technology companies in the last month, and hundreds more US organizations are running the type of vulnerable software that the attackers have exploited, according to research shared with CNN.

The apparent espionage activity, which the National Security Agency helped investigate when it emerged in recent months, is more extensive than previously known and has seen the hackers steal passwords from targeted organizations with a goal of intercepting sensitive communications.

The cybersecurity researchers in November publicly confirmed just one victimized US organization, CNN reported then, but they now say the number is at least five and could continue to grow.

Agency reports 235 ransomware attacks on Canadian targets this year, half of which were key infrastructure providers.

Security experts tell us what to expect in the cybercriminal landscape as we head into the new year. It’s not good.

NSO Group, an Israeli tech firm, developed malware to hack iPhones by creating a “computer within a computer” capable of stealing sensitive data and sitting undetected for months or even years, researchers at Google have revealed.

The malware is part of NSO Group’s Pegasus software tool, which it is thought to have sold to countries including Azerbaijan, Bahrain, Saudi Arabia, India and the United Arab Emirates. US law-makers have called for sanctions against the firm.

An incredibly sophisticated piece of malware developed by the Israeli tech firm NSO Group works by creating an entirely separate computer inside the memory of an iPhone, allowing attackers to snoop and steal data.

Continue reading “NSO iPhone malware builds a computer inside your phone to steal data” »

2021 will be remembered as a significant year for the cyber security industry. With the pandemic accelerating digital transformation, the threat landscape was in constant flux. Major ransomware attacks demonstrated not just their impact on businesses, but wider society too. As we look ahead to 2022, the only constant in our industry is uncertainty in the cyber realm, but here are a few of our predictions for next year, based on trends we’re already seeing emerge.

Ransomware.

Jamie Metzl is an author specializing in topics of genetic engineering, biotechnology, and geopolitics. Please support this podcast by checking out our sponsors:
- Mizzen+Main: https://mizzenandmain.com and use code LEX to get $35 off.
- NI: https://www.ni.com/perspectives.
- GiveDirectly: https://givedirectly.org/lex to get gift matched up to $300
- Indeed: https://indeed.com/lex to get $75 credit.
- Blinkist: https://blinkist.com/lex and use code LEX to get 25% off premium.

EPISODE LINKS:
Jamie’s Twitter: https://twitter.com/JamieMetzl.
Jamie’s Website: https://jamiemetzl.com/
Jamie’s lab leak blog post: https://jamiemetzl.com/origins-of-sars-cov-2/
Hacking Darwin (book): https://amzn.to/3lLqLsM

Continue reading “Jamie Metzl: Lab Leak Theory | Lex Fridman Podcast #247” »