Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 111

Oct 6, 2021

It’s Cybersecurity Awareness Month. Does your business have a viable plan yet?

Posted by in categories: business, cybercrime/malcode

The cybersecurity world is evolving rapidly — perhaps more quickly than at any other time in its history. It would be easy to attribute the cyber hiccups that many businesses face to the fact that they are simply unable to keep up with bad actors.

The facts are more complicated. While it’s true that new threats are emerging every day, more often than not, breaches result from long-standing organizational issues, not a sudden upturn in the ingenuity of cybercriminals.

Full Story:

Oct 6, 2021

Researchers Discover UEFI Bootkit Targeting Windows Computers Since 2012

Posted by in category: cybercrime/malcode

Researchers discover previously undocumented UEFI bootkit malware used by threat actors to backdoor Windows systems since 2012.

Oct 5, 2021

Blockchain technology could provide secure communications for robot teams

Posted by in categories: bitcoin, cybercrime/malcode, drones, robotics/AI

The transaction-based communications system ensures robot teams achieve their goal even if some robots are hacked.

Imagine a team of autonomous drones equipped with advanced sensing equipment, searching for smoke as they fly high above the Sierra Nevada mountains. Once they spot a wildfire, these leader robots relay directions to a swarm of firefighting drones that speed to the site of the blaze.

But what would happen if one or more leader robots was hacked by a malicious agent and began sending incorrect directions? As follower robots are led farther from the fire, how would they know they had been duped?

Continue reading “Blockchain technology could provide secure communications for robot teams” »

Oct 4, 2021

A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries

Posted by in categories: cybercrime/malcode, energy, transportation

The researcher warns that there is a new APT hacker group that targets the fuel, electricity, and aviation industries.

Oct 4, 2021

One Identity has acquired OneLogin, a rival to Okta and Ping in sign-on and identity access management

Posted by in categories: cybercrime/malcode, governance

“Right now, organizations see a twofold gain from consolidating around a platform player in cybersecurity,” Nichols said. The first is, “to increase efficiency” but the other, he pointed out, is legislation. With more regulatory oversight in how companies are handling their cybersecurity challenges, the pressure is on them to make their systems more resilient, and having too many components becomes a challenge to manage for that reason, too.

“Joining One Identity provides us with the ability to further accelerate our growth and provide additional value for both of our customers,” added Brad Brooks, CEO of OneLogin, in a statement. “With OneLogin’s robust unified platform for both workforce and CIAM, combining forces with One Identity’s suite of products including their PAM solution will allow new and existing customers, on a global scale, to tap into the market’s only unified identity security platform.” consolidation is afoot in the world of cybersecurity, specifically around services to help organizations manage identity and access. Today, One Identity — which provides tools for managing “zero trust” access to systems, as well as running log management and other governance services for enterprises — announced that it has acquired OneLogin, a rival to companies like Okta, Ping and others in the area of secure sign-on services for end users.

Terms of the acquisition — which officially closed last week, on October 1 — are not being disclosed, but we are trying to find out.

Oct 3, 2021

Bioengineers Develop New Class of Giant Magnetoelastic Effect Human-Powered Bioelectronics

Posted by in categories: bioengineering, cybercrime/malcode, encryption

Traditional networks are unable to keep up with the demands of modern computing, such as cutting-edge computation and bandwidth-demanding services like video analytics and cybersecurity. In recent years, there has been a major shift in the focus of network research towards software-defined networks (SDN) and network function virtualization (NFV), two concepts that could overcome the limitations of traditional networking. SDN is an approach to network architecture that allows the network to be controlled using software applications, whereas NFV seeks to move functions like firewalls and encryption to virtual servers. SDN and NFV can help enterprises perform more efficiently and reduce costs. Needless to say, a combination of the two would be far more powerful than either one alone.

Oct 3, 2021

Building a template for the future 6G network

Posted by in categories: augmented reality, cybercrime/malcode, encryption, internet, virtual reality

Traditional networks are unable to keep up with the demands of modern computing, such as cutting-edge computation and bandwidth-demanding services like video analytics and cybersecurity. In recent years, there has been a major shift in the focus of network research towards software-defined networks (SDN) and network function virtualization (NFV), two concepts that could overcome the limitations of traditional networking. SDN is an approach to network architecture that allows the network to be controlled using software applications, whereas NFV seeks to move functions like firewalls and encryption to virtual servers. SDN and NFV can help enterprises perform more efficiently and reduce costs. Needless to say, a combination of the two would be far more powerful than either one alone.

In a recent study published in IEEE Transactions on Cloud Computing, researchers from Korea now propose such a combined SDN/NFV network architecture that seeks to introduce additional computational functions to existing network functions. “We expect our SDN/NFV-based infrastructure to be considered for the future 6G network. Once 6G is commercialized, the resource management technique of the network and computing core can be applied to AR/VR or holographic services,” says Prof. Jeongho Kwak of Daegu Gyeongbuk Institute of Science and Technology (DGIST), Korea, who was an integral part of the study.

The new network architecture aims to create a holistic framework that can fine-tune processing resources that use different (heterogeneous) processors for different tasks and optimize networking. The unified framework will support dynamic service chaining, which allows a single network connection to be used for many connected services like firewalls and intrusion protection; and code offloading, which involves shifting intensive computational tasks to a resource-rich remote server.

Oct 2, 2021

Hackers rob thousands of Coinbase customers using MFA flaw

Posted by in categories: cryptocurrencies, cybercrime/malcode

Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company’s SMS multi-factor authentication security feature.

Coinbase is the world’s second-largest cryptocurrency exchange, with approximately 68 million users from over 100 countries.

In a notification sent to affected customers this week, Coinbase explains that between March and May 20th, 2,021 a threat actor conducted a hacking campaign to breach Coinbase customer accounts and steal cryptocurrency.

Oct 2, 2021

Hackers bypass Coinbase 2FA to steal customer funds

Posted by in category: cybercrime/malcode

More than 6,000 Coinbase users had funds stolen from their accounts after hackers used a vulnerability in Coinbase’s SMS-based two-factor authentication system to breach accounts.

The intrusions took place earlier this year, between March and May, the exchange said in a data breach notification letter it has filed with US state attorney general offices.

“The third party took advantage of a flaw in Coinbase’s SMS Account Recovery process in order to receive an SMS two-factor authentication token and gain access to your account,” Coinbase said.

Sep 30, 2021

Ransomware gangs are complaining that other crooks are stealing their ransoms

Posted by in category: cybercrime/malcode

But even if victims pay the ransom – which isn’t recommended because it encourages more ransomware attacks – restoring the network can still be a slow process and it can be weeks or months before services are fully restored.

SEE: A cloud company asked security researchers to look over its systems. Here’s what they found.

Be it REvil or any other ransomware gang, the best way to avoid the disruption of a ransomware attack is to prevent attacks in the first place.