Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 141

Oct 16, 2020

Are hackers holding the data of Ontario’s 200,000 nurses hostage on the dark web?

Posted by in category: cybercrime/malcode

Ten days after it learned it was targeted by a ransomware attack, the College of Nurses of Ontario (CNO) is still trying to figure out if the personal information of its 300 employees and 195,500 members has been compromised, officials tell CBC News.

“We are aware of a claim on the dark web regarding data theft from CNO,” the nursing regulatory body told CBC News in a statement.

Oct 16, 2020

Iranian state hacker group linked to ransomware deployments

Posted by in category: cybercrime/malcode

Amidst rising tensions between Israel and Iran, security researchers fear new escalation.

Oct 16, 2020

A patient has died after ransomware hackers hit a German hospital

Posted by in categories: biotech/medical, cybercrime/malcode

For the first time ever, a patient’s death has been linked directly to a cyberattack. Police have launched a “negligent homicide” investigation after ransomware disrupted emergency care at Düsseldorf University Hospital in Germany.

The victim: Prosecutors in Cologne say a female patient from Düsseldorf was scheduled to undergo critical care at the hospital when the September 9 attack disabled systems. When Düsseldorf could no longer provide care, she was transferred 19 miles (30 kilometers) away to another hospital. The hackers could be held responsible by German police, the BBC reports.

A tragic first: “If confirmed, this tragedy would be the first known case of a death directly linked to a cyberattack,” Ciaran Martin, formerly the chief executive of the UK’s National Cyber Security Centre, said in a speech at the Royal United Services Institute. “Although the purpose of ransomware is to make money, it stops systems working. So if you attack a hospital, then things like this are likely to happen. There were a few near misses across Europe earlier in the year, and this looks, sadly, like the worst might have come to pass.”

Oct 16, 2020

Microsoft attempts takedown of global criminal botnet

Posted by in categories: cybercrime/malcode, law

Microsoft announced legal action Monday seeking to disrupt a major cybercrime digital network that uses more than 1 million zombie computers to loot bank accounts and spread ransomware, which experts consider a major threat to the U.S. presidential election.

The operation to knock offline command-and-control servers for a global botnet that uses an infrastructure known as Trickbot to infect computers with malware was initiated with an order that Microsoft obtained in Virginia federal court on Oct. 6. Microsoft argued that the crime network is abusing its trademark.

“It is very hard to tell how effective it will be but we are confident it will have a very long-lasting effect,” said Jean-Ian Boutin, head of threat research at ESET, one of several cybersecurity firms that partnered with Microsoft to map the command-and-control servers. “We’re sure that they are going to notice and it will be hard for them to get back to the state that the botnet was in.”

Oct 16, 2020

U.S. Cyber Command Says it Nuked Trickbot, but Microsoft and Chums Claim Credit

Posted by in categories: cybercrime/malcode, law

In the dog days of last week, a shadowy group of secret sources in U.S. Cyber Command whispered to reporters that they’d disrupted a huge, ransomware-spewing botnet. Trickbot, closely related to Emotet and Ryuk, is believed to be managed by Russian criminals.

But today, Microsoft and friends are saying the disruption was actually down to them—awks. The consortium of industry players has developed a new legal mechanism to remove the botnet’s servers from the net and they say it’s working.

Continue reading “U.S. Cyber Command Says it Nuked Trickbot, but Microsoft and Chums Claim Credit” »

Oct 9, 2020

CLEANN: A framework to shield embedded neural networks from online Trojan attacks

Posted by in categories: cybercrime/malcode, information science, robotics/AI

With artificial intelligence (AI) tools and machine learning algorithms now making their way into a wide variety of settings, assessing their security and ensuring that they are protected against cyberattacks is of utmost importance. As most AI algorithms and models are trained on large online datasets and third-party databases, they are vulnerable to a variety of attacks, including neural Trojan attacks.

A neural Trojan attack occurs when an attacker inserts what is known as a hidden Trojan trigger or backdoor inside an AI model during its training. This trigger allows the attacker to hijack the model’s prediction at a later stage, causing it to classify data incorrectly. Detecting these attacks and mitigating their impact can be very challenging, as a targeted model typically performs well and in alignment with a developer’s expectations until the Trojan backdoor is activated.

Researchers at University of California, San Diego have recently created CLEANN, an end-to-end framework designed to protect embedded from Trojan attacks. This framework, presented in a paper pre-published on arXiv and set to be presented at the 2020 IEEE/ACM International Conference on Computer-Aided Design, was found to perform better than previously developed Trojan shields and detection methods.

Oct 9, 2020

The University Where US Intelligence Personnel Study

Posted by in categories: cybercrime/malcode, military

Ira Pastor, ideaXme life sciences ambassador interviews Brian Holmes Ph.D., Dean of The National Intelligence University, Anthony G. Oettinger School of Science and Technology Intelligence.

Ira Pastor comments:

Continue reading “The University Where US Intelligence Personnel Study” »

Oct 8, 2020

Suspected Chinese Hackers Unleash Malware That Can Survive OS Reinstalls

Posted by in category: cybercrime/malcode

“This attack demonstrates that, albeit rarely, in exceptional cases, actors are willing to go to great lengths in order to gain the highest level of persistence on a victim’s machine,” said Kaspersky Lab researcher Mark Lechtik in a statement.

The company discovered the UEFI-based malware on machines belonging to two victims. It works to create a Trojan file called “IntelUpdate.exe” in the Startup Folder, which will reinstall itself even if the user finds it and deletes it.

Oct 7, 2020

New HEH botnet can wipe routers and IoT devices

Posted by in category: cybercrime/malcode

The disk-wiping feature is present in the code but has not been used yet.

Oct 4, 2020

Russian state hackers appear to have breached a federal agency

Posted by in category: cybercrime/malcode

Evidence suggests Russia’s state-backed Fancy Bear group was behind a hack targeting a US federal agency.