БЛОГ

Archive for the ‘cybercrime/malcode’ category: Page 85

May 15, 2022

Hackers Are Starting To Target EV Charging Stations

Posted by in category: cybercrime/malcode

As the world rapidly shifts to EV transport, the automotive industry is experiencing some major teething issues. The global charging network is having to keep pace with more and more EVs on the road, and as manufacturers expand their networks, cracks are starting to appear in their grand schemes. We recently reported that a long string of EV chargers outside of Moscow were hacked by Ukrainian programmers to display anti-war and anti-Putin messaging, and there have even been cases in the UK where charging station displays showed graphic images. Hacking EV infrastructure is becoming more commonplace, and it could be a bigger issue than many might think.

May 13, 2022

Microsoft Unveils New Cyber Cops to Combat Hacking Increase

Posted by in category: cybercrime/malcode

Microsoft announces new security category to combat rising cybercrime and a shortage of cybersecurity professionals.

May 13, 2022

Kathryn Coulter Mitchell — R&D For US Security & Resilience — Science & Technology Directorate — DHS

Posted by in categories: biotech/medical, cybercrime/malcode, government, policy, science

R&D & Innovation For U.S. Security & Resilience — Kathryn Coulter Mitchell, Acting Under Secretary for Science and Technology, DHS Science and Technology Directorate, Department of Homeland Security.


Kathryn Coulter Mitchell (https://www.dhs.gov/person/kathryn-coulter-mitchell), is Acting Under Secretary for Science and Technology (S&T), at the U.S. Department of Homeland Security, where as the science advisor to the Homeland Security Secretary, she heads the research, development, innovation and testing and evaluation activities in support of the Department of Homeland Security’s (DHS) operational Components and first responders across the nation.

Continue reading “Kathryn Coulter Mitchell — R&D For US Security & Resilience — Science & Technology Directorate — DHS” »

May 13, 2022

BPFdoor: Stealthy Linux malware bypasses firewalls for remote access

Posted by in categories: cybercrime/malcode, internet

A recently discovered backdoor malware called BPFdoor has been stealthily targeting Linux and Solaris systems without being noticed for more than five years.

BPFdoor is a Linux/Unix backdoor that allows threat actors to remotely connect to a Linux shell to gain complete access to a compromised device.

The malware does not need to open ports, it can’t be stopped by firewalls, and can respond to commands from any IP address on the web, making it the ideal tool for corporate espionage and persistent attacks.

May 10, 2022

US college forced to close after cyberattack, posts goodbye note

Posted by in category: cybercrime/malcode

A college in the US has announced it will be closing its doors very soon following the impact of a cyberattack in December 2021.

May 8, 2022

Apple, Google and Microsoft team up on passwordless logins

Posted by in categories: cybercrime/malcode, mobile phones

On the “World Password Day”, which was on May 5, Google, Microsoft and Apple joined hands to “kill” the password.

The three technology giants have vowed to create a future where your phone will be the primary source of online authentication. The new standard is being referred to as “muti-device FIDO credential”.

In a rare show of alliance, Apple, Google and Microsoft have joined forces to expand support for passwordless logins across mobile, desktop and browsers.

Continue reading “Apple, Google and Microsoft team up on passwordless logins” »

May 8, 2022

Cybersecurity reporting mandates could make us more vulnerable, not less

Posted by in categories: cybercrime/malcode, finance, law

Those who call for mandatory reporting have the right intent, but if it’s not implemented in the right way, it will cause more harm than good.

Mandatory reporting almost always puts companies at risk, either legally or through financial penalties. Penalizing an organization for not reporting a breach in time puts it in a worse cybersecurity posture because it is a strong incentive to turn a blind eye to attacks. Alternatively, if a company knows of a breach, it will find ways to “classify” it in a way that falls into a reporting loophole.

The reporting timelines in the law are arbitrary and not based in the reality of effective incident response. The first hours and days after a breach are integral to the actual incident reporting process, but they are chaotic, and teams are sleep-deprived. Working with lawyers to determine how to report and figuring out the evidence that companies do and don’t want to “see” just makes the process harder.

May 7, 2022

This New Fileless Malware Hides Shellcode in Windows Event Logs

Posted by in category: cybercrime/malcode

A new malicious campaign has been spotted taking advantage of Windows event logs to stash chunks of shellcode for the first time in the wild.

“It allows the ‘fileless’ last stage trojan to be hidden from plain sight in the file system,” Kaspersky researcher Denis Legezo said in a technical write-up published this week.

The stealthy infection process, not attributed to a known actor, is believed to have commenced in September 2021 when the intended targets were lured into downloading compressed. RAR files containing Cobalt Strike and Silent Break.

May 6, 2022

US sanctions Bitcoin laundering service used by North Korean hackers

Posted by in categories: bitcoin, cryptocurrencies, cybercrime/malcode

The U.S. Department of Treasury today sanctioned cryptocurrency mixer Blender.io used last month by the North Korean-backed Lazarus hacking group to launder funds stolen from Axie Infinity’s Ronin bridge.

In the wake of the attack, Sky Mavis (the bridge’s creator) revealed that hackers breached the Ronin bridge on March 23 to steal 173,600 Ethereum and 25.5M USDC tokens in two transactions worth $617 million at the time, the largest cryptocurrency hack in history.

The previous most significant theft of cryptocurrency was the $611 million Poly Network hack in August 2021.

May 1, 2022

Cybersecurity Incident Disrupts Tenet’s Acute Hospital Operations

Posted by in categories: biotech/medical, cybercrime/malcode, health

Tenet Healthcare Corporation recently experienced a cybersecurity incident in April 2022, which resulted in a temporary disruption to a subset of acute care operations.

The report from Tenet comes on the heels of telephone and computer problems occurring at St. Mary’s Medical Center and Good Samaritan Medical Center in West Palm Beach Florida, that were reported by WPTV NewsChannel 5. Tenet health is the parent company for both of the medical centers.

Patients and staff have contacted WPTV NewsChannel 5 expressing concerns about patient care tied to limits of electronic charting and their inability to communicate by telephone.

Page 85 of 215First8283848586878889Last