source: threatpost.com

 

A new devilish malware is targeting Windows systems with cryptojacking and DDoS capabilities.

Security experts have identified a self-propagating malware, dubbed Lucifer, that targets Windows systems with cryptojacking and distributed denial-of-service (DDoS) attacks.

The never-before-seen malware initially tries to infect PCs by bombarding them with exploits in hopes of  taking advantage of an “exhaustive” list of unpatched vulnerabilities. While patches for all the critical and high-severity bugs exist, the various companies impacted by the malware had not applied the fixes.

“Lucifer is a new hybrid of cryptojacking and DDoS malware variant that leverages old vulnerabilities to spread and perform malicious activities on Windows platforms,” said researchers with Palo Alto Networks’ Unit 42 team, onWednesday in a blog post. “Applying the updates and patches to the affected software are strongly advised.”

The vulnerabilities targeted by Lucifer include Rejetto HTTP File Server (CVE-2014-6287), Oracle Weblogic (CVE-2017-10271), ThinkPHP RCE (CVE-2018-20062), Apache Struts (CVE-2017-9791), Laravel framework  CVE-2019-9081), and Microsoft Windows (CVE-2017-0144CVE-2017-0145, and CVE-2017-8464).

Continue reading “SELF-PROPAGATING LUCIFER MALWARE TARGETS WINDOWS SYSTEMS”

source: securityweek.com

 

image - phishing

The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even worse if a stolen identity belongs to a privileged user, who has even broader access, and therefore provides the intruder with “the keys to the kingdom”.

According to a 2019 study, 74 percent of respondents whose organizations have been breached acknowledged the incident exploited privileged account access. This number closely aligns with Forrester’s estimate that 80 percent of security breaches involve compromised privileged credentials. By leveraging a “trusted” identity a hacker can operate undetected and exfiltrate sensitive data sets without raising any red flags. As a result, it’s not surprising that most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks? 

The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security defines phishing as “an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails [or text messages] are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails [or SMS messages] often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user may then be asked to provide personal information, such as account usernames and passwords that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code.”

Continue reading “PHISHING ATTACKS: BEST PRACTICES FOR NOT TAKING THE BAIT”

source:  technewsworld.com

 

United States government agencies and cloud technology providers are heading toward a reset in how they cooperate on cybersecurity challenges. The expected growth of cloud use will create a more complex federal security landscape, according to a recent report from Thales Group.

Federal agencies actually have moved ahead of businesses in cloud adoption, with 54 percent of agency data already embedded in the cloud, the report notes. Furthermore, cloud technology is central to a broader “digital transformation” goal in the federal government, recently highlighted by ramping up remote workplace sites in response to the COVID-19 virus.

“Data security requirements will only continue to be more stringent as more and more data and services are migrated to the cloud,” said Brent Hansen, federal chief technology officer at Thales.

“This year registers the first year where more federal data is stored in the cloud versus on premises. This is a huge turning point and the trajectory will only continue to favor cloud,” he told the E-Commerce Times.

Continue reading “‘NEW NORMAL’ SECURITY ERA BEGINS FOR US AGENCIES, CLOUD PROVIDERS”

source:  independent.co.uk

 

Facial recognition technology is becoming an “epidemic” across shopping centres, museums and public spaces in the UK, campaigners have warned.

Following the revelation that hundreds of thousands of visitors to the area around King’s Cross railway station in London were being covertly scanned, Big Brother Watch said other private companies had also used the controversial technology.

Owners of Sheffield’s Meadowhall shopping centre have trialled facial recognition, as have the World Museum in Liverpool and the Millennium Point conference centre in Birmingham.

Last year, the Trafford Centre in Manchester was pressured to stop using live facial recognition after six months of monitoring visitors following an intervention by the surveillance camera commissioner, Tony Porter.

Silkie Carlo, director Big Brother Watch, said: There is an epidemic of facial recognition in the UK.

The collusion between police and private companies in building these surveillance nets around popular spaces is deeply disturbing.

Facial recognition is the perfect tool of oppression and the widespread use we’ve found indicates we’re facing a privacy emergency.”

Continue reading “FACIAL RECOGNITION BECOMING ‘EPIDEMIC’ IN BRITISH PUBLIC SPACES”

source: wired.com

The so-called lamphone technique allows for real-time listening in on a room that’s hundreds of feet away. 

THE LIST OF sophisticated eavesdropping techniques has grown steadily over years: wiretaps, hacked phones, bugs in the wall—even bouncing lasers off of a building’s glass to pick up conversations inside. Now add another tool for audio spies: Any light bulb in a room that might be visible from a window.

Researchers from Israeli’s Ben-Gurion University of the Negev and the Weizmann Institute of Science today revealed a new technique for long-distance eavesdropping they call “lamphone.” They say it allows anyone with a laptop and less than a thousand dollars of equipment—just a telescope and a $400 electro-optical sensor—to listen in on any sounds in a room that’s hundreds of feet away in real-time, simply by observing the minuscule vibrations those sounds create on the glass surface of a light bulb inside. By measuring the tiny changes in light output from the bulb that those vibrations cause, the researchers show that a spy can pick up sound clearly enough to discern the contents of conversations or even recognize a piece of music.

“Any sound in the room can be recovered from the room with no requirement to hack anything and no device in the room,” says Ben Nassi, a security researcher at Ben-Gurion who developed the technique with fellow researchers Yaron Pirutin and Boris Zadov, and who plans to present their findings at the Black Hat security conference in August. “You just need line of sight to a hanging bulb, and this is it.”

In their experiments, the researchers placed a series of telescopes around 80 feet away from a target office’s light bulb, and put each telescope’s eyepiece in front of a Thorlabs PDA100A2 electro-optical sensor. They then used an analog-to-digital converter to convert the electrical signals from that sensor to digital information. While they played music and speech recordings in the faraway room, they fed the information picked up by their set-up to a laptop, which analyzed the readings.

side by side images of telescope pointing to window and aerial of bridge

The researchers’ experimental setup, with an electro-optical sensor behind the eyepiece of a telescope, pointing at a lightbulb inside an office building more than 80 feet away.COURTESY OF BEN NASSI

The researchers found that the tiny vibrations of the light bulb in response to sound—movements that they measured at as little as a few hundred microns—registered as a measurable changes in the light their sensor picked up through each telescope. After processing the signal through software to filter out noise, they were able to reconstruct recordings of the sounds inside the room with remarkable fidelity: They showed, for instance, that they could reproduce an audible snippet of a speech from President Donald Trump well enough for it to be transcribed by Google’s Cloud Speech API. They also generated a recording of the Beatles’ “Let It Be” clear enough that the name-that-tune app Shazam could instantly recognize it.

Continue reading “SPIES EAVESDROP BY WATCHING LIGHT BULB VIBRATE”

source:  defenseone.com

The crypto agency has a list of questions for federal employees and contractors to ask as they choose a collaboration tool.

Video conferencing platforms Zoom and Microsoft Teams are both FedRamp approved, but while Zoom offers end-to-end encryption, Microsoft Teams does not, according to the National Security Agency. 

These are just two of nine factors the NSA cites in creating a guide to help federal workers choose commercial telework tools for “safely using collaboration services,” as necessitated by the coronavirus pandemic.

The guide, which NSA released Friday, applies only to commercial applications, and one strong recommendation from the agency is that, when possible, workers use U.S. government services such as Defense Collaboration Services, Intelink Services and others, which were designed specifically for secure government communications. But government workers still need to interact with external entities which might be sending them invitations via commercial applications, and the NSA has detailed a number of factors for them to weigh in deciding which ones to facilitate:

  • Does the service implement end-to-end encryption?
  • Are strong, well-known, testable encryption standards used?
  • Is multi-factor authentication (MFA) used to validate users’ identities?
  • Can users see and control who connects to collaboration sessions?
  • Does the service privacy policy allow the vendor to share data with third parties or affiliates?
  • Do users have the ability to securely delete data from the service and its repositories as needed?
  • Has the collaboration service’s source code been shared publicly (e.g. open source)? 
  • Has the service and/or app been reviewed or certified for use by a security-focused nationally recognized or government body? 
  • Is the service developed and/or hosted under the jurisdiction of a government with laws that could jeopardize USG official use?

Continue reading “ZOOM OR NOT? NSA OFFERS GUIDANCE”

source: nakedsecurity.sophos.com

If you’re a Naked Security Podcast listener, you’ll have heard Sophos’s own Peter Mackenzie telling some fairly wild ransomware stories.

Peter works in the Managed Threat Response (MTR) part of our business – in his own words, if your network’s on fire, he’s one of the people who will rush in to try to fix it.

As you can imagine, plenty of his deployments come in the aftermath of ransomware attacks.

A few years ago ransomware criminals typically used what’s called the “spray-and-pray” approach – or what might more appropriately be called “spray-and-prey”, given the entirely predatory nature of these attacks.

A ransomware gang might have emailed a malicious attachment to ten million people, relying on ten thousand of them opening it up and getting scrambled, and then banking (figuratively and literally) on three thousand or so of the victims being stuck with little alternative but to pay up $350 each, for a total criminal pay-check of $1,000,000.

Make no mistake, those early ransomware criminals, such as the crooks behind malware such as CryptoLockerLocky and Teslacrypt, extorted millions of dollars, and their crimes were no less odious or destructive overall than what we see today.

But today’s ransomware criminals tend to pick entire organisations as victims.

Continue reading “INSIDE A RANSOMWARE GANG’S ATTACK TOOLBOX”

source: sciencedaily.com

MIT engineers have designed a “brain-on-a-chip,” smaller than a piece of confetti, that is made from tens of thousands of artificial brain synapses known as memristors — silicon-based components that mimic the information-transmitting synapses in the human brain.

The researchers borrowed from principles of metallurgy to fabricate each memristor from alloys of silver and copper, along with silicon. When they ran the chip through several visual tasks, the chip was able to “remember” stored images and reproduce them many times over, in versions that were crisper and cleaner compared with existing memristor designs made with unalloyed elements.

Their results, published today in the journal Nature Nanotechnology, demonstrate a promising new memristor design for neuromorphic devices — electronics that are based on a new type of circuit that processes information in a way that mimics the brain’s neural architecture. Such brain-inspired circuits could be built into small, portable devices, and would carry out complex computational tasks that only today’s supercomputers can handle.

Continue reading “ARTIFICIAL BRAIN SYNAPSES ON A SINGLE CHIP”