Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 12

Jul 28, 2024

New microgrids model takes into account a fair design of decentralized energy systems

Posted by in categories: climatology, cybercrime/malcode, sustainability

Local decentralized energy systems, known as microgrids, can make urban infrastructures more resilient and reduce risks for the population, for example, in large-scale power outages due to natural hazards or cyberattacks.

In Nature Sustainability researchers from Karlsruhe Institute of Technology (KIT) present design criteria for microgrids that allow for fair treatment of different social groups alongside technical factors. The study shows how cities can shape the transformation towards a secure and more sustainable and equitable energy supply.

Climate change increases the probability of extreme events, as we have seen during the massive flooding of large parts of southern Germany in June. The question of how cities and municipalities can make more resilient and more secure in the face of such crises is bringing so-called microgrids into focus.

Jul 26, 2024

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

Posted by in categories: cybercrime/malcode, robotics/AI

Discover how the SeleniumGreed campaign exploits exposed Selenium Grid services for crypto mining, posing risks to automated testing frameworks.

Jul 26, 2024

CrowdStrike Warns of New Phishing Scam Targeting German Customers

Posted by in category: cybercrime/malcode

CrowdStrike warns of targeted phishing campaign exploiting recent update incident. New threat actor targets German customers with fake installer.

Jul 26, 2024

Researchers Reveal ConfusedFunction Vulnerability in Google Cloud Platform

Posted by in category: cybercrime/malcode

Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform’s Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner.

Tenable has given the vulnerability the name ConfusedFunction.

“An attacker could escalate their privileges to the Default Cloud Build Service Account and access numerous services such as Cloud Build, storage (including the source code of other functions), artifact registry and container registry,” the exposure management company said in a statement.

Jul 26, 2024

Google Chrome now asks for passwords to scan protected archives

Posted by in categories: cybercrime/malcode, internet

Google Chrome now warns when downloading risky password-protected files and provides improved alerts with more information about potentially malicious downloaded files.

These new, more detailed warning messages help users quickly learn the nature of the danger presented by each file downloaded from the Internet.

For this, Google introduced a two-tier download warning system that uses AI-powered malware verdicts sourced from its Safe Browsing service to help evaluate the actual risk quickly.

Jul 26, 2024

Meta nukes massive Instagram sextortion network of 63,000 accounts

Posted by in categories: cybercrime/malcode, materials

Meta has removed 63,000 Instagram accounts from Nigeria that were involved in sextortion scams, including a coordinated network of 2,500 accounts linked to 20 individuals targeting primarily adult men in the United States.

The social media giant said these accounts are linked to an organized cybercrime group called ‘Yahoo Boys,’ that has recently increased its operational volume.

Apart from the offending Instagram accounts, Meta has also deleted 1,300 Facebook accounts, 200 Facebook Pages, and 5,700 Facebook Groups, also based in Nigeria, that were handing out tips and training material for carrying out various scams.

Jul 22, 2024

Arid Viper Launches Mobile Espionage Campaign with AridSpy Malware

Posted by in category: cybercrime/malcode

Arid Viper launches mobile espionage campaign using trojanized Android apps to deliver AridSpy spyware, targeting Middle East users via fake messaging.

Jul 22, 2024

Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking

Posted by in category: cybercrime/malcode

A Chinese organized crime syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced “technology suite” that runs the whole cybercrime supply chain spectrum to spearhead its operations.

Infoblox is tracking the proprietor and maintainer under the moniker Vigorish Viper, noting that it’s developed by the Yabo Group (aka Yabo Sports), which has been linked to illegal gambling operations and pig butchering scams in the past. In late 2022, it rebranded as Kaiyun Sports and has since been absorbed into another newly formed entity called Ponymuah.

The suite, marketed in China as “baowang” (“包网,” meaning full package) encompasses several components such as Domain Name System (DNS) configurations, website hosting, payment mechanisms, advertising, and mobile apps. It also hosts thousands of domain names and numerous brands in an infrastructure that’s tied to Hong Kong and China.

Jul 22, 2024

New Linux Variant of Play Ransomware Targeting VMware ESXi Systems

Posted by in category: cybercrime/malcode

Play ransomware’s new Linux variant targets VMWare ESXi, expanding its reach. US leads in victims, with manufacturing and services most affected.

Jul 22, 2024

Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware

Posted by in category: cybercrime/malcode

CrowdStrike warns of Remcos RAT malware targeting Latin America amid flawed update crisis causing IT disruptions.

Page 12 of 220First910111213141516Last