Author: esimantiras

US Think Tank Waves Red Flag Over Chinese Economic Espionage

Posted on by esimantiras

US Think Tank Waves Red Flag Over Chinese Economic Espionage

image - china tech

source: technewsworld.com  |  image: pexels.com

 

A call to disrupt the People’s Republic of China’s economic espionage campaign against the United States was sounded in a new report by a Washington, D.C., technology think tank.

“China’s campaign of economic espionage against the United States spans cyber intrusions, insider theft, and technology transfer disguised as collaboration,” declared the report written by intelligence analyst and applied historian Darren E. Tromblay and published by the Information Technology & Innovation Foundation (ITIF).

“Washington must recognize that Beijing is operating an elaborate espionage ecosystem and take strategic measures to disrupt it,” it added.

China’s espionage ecosystem is systemic and strategic, it explained. From state intelligence agencies to nominally private firms, Beijing coordinates cyber, human, and corporate channels to steal U.S. industrial and defense technologies. Continue reading “US Think Tank Waves Red Flag Over Chinese Economic Espionage”

Amazon Explains How Its AWS Outage Took Down the Web

Posted on by esimantiras

Amazon Explains How Its AWS Outage Took Down the Web

source: wired.com  |  image: amazon.com

 

 

Summary of the Amazon DynamoDB Service Disruption in the Northern Virginia (US-EAST-1) Region

We wanted to provide you with some additional information about the service disruption that occurred in the N. Virginia (us-east-1) Region on October 19 and 20, 2025. While the event started at 11:48 PM PDT on October 19 and ended at 2:20 PM PDT on October 20, there were three distinct periods of impact to customer applications. First, between 11:48 PM on October 19 and 2:40 AM on October 20, Amazon DynamoDB experienced increased API error rates in the N. Virginia (us-east-1) Region. Second, between 5:30 AM and 2:09 PM on October 20, Network Load Balancer (NLB) experienced increased connection errors for some load balancers in the N. Virginia (us-east-1) Region. This was caused by health check failures in the NLB fleet, which resulted in increased connection errors on some NLBs. Third, between 2:25 AM and 10:36 AM on October 20, new EC2 instance launches failed and, while instance launches began to succeed from 10:37 AM, some newly launched instances experienced connectivity issues which were resolved by 1:50 PM. Continue reading “Amazon Explains How Its AWS Outage Took Down the Web”

Crossed wires: a case study of Iranian espionage and attribution

Posted on by esimantiras

CROSSED WIRES: A CASE STUDY OF IRANIAN ESPIONAGE AND ATTRIBUTION

source: proofpoint.com  |  image: pexels.com

 

Key findings 

  • Between June and August 2025, Proofpoint began tracking a previously unidentified threat actor dubbed UNK_SmudgedSerpent targeting academics and foreign policy experts. 
  • UNK_SmudgedSerpent leveraged domestic political lures, including societal change in Iran and investigation into the militarization of the IRGC. 
  • UNK_SmudgedSerpent used benign conversation starters, health-themed infrastructure, OnlyOffice file hosting spoofs, and Remote Management & Monitoring (RMM) tools. 
  • Throughout the investigation, UNK_SmudgedSerpent demonstrated tactics resembling several Iranian actors: TA455 (C5 Agent, Smoke Sandstorm), TA453 (Charming Kitten, Mint Sandstorm), and TA450 (MuddyWater, Mango Sandstorm). 
  • Overlapping TTPs prevent high confidence attribution, but several hypotheses could explain the nature of the relationship between UNK_SmudgedSerpent and other Iranian groups. 

Overview  

In June, Proofpoint Threat Research began investigating a benign email discussing economic uncertainty and domestic political unrest in Iran. While coinciding with the escalations in the Iran-Israel conflict, there was no indication that the observed activity was directly correlated with Israel’s attacks on Iranian nuclear facilities or Iran’s actions in response. Continue reading “Crossed wires: a case study of Iranian espionage and attribution”

A New Type of AI Malware Threatens Smart Homes…

Posted on by esimantiras

A New Type of AI Malware Threatens Smart Homes, But These Security Habits Can Help

source: cnet.com  |  image: pexels.com

 

The rise of promptware means cybercriminals have new ways to hack smart homes. New security methods are required to fight back

 

Old-school home hacking is typically ineffective — it takes too much effort for the average burglar and modern devices are better protected against mass internet attacks (especially if you keep firmware updated). But now there’s a new trick for cybercriminals to use: It’s called prompt injections — or promptware — and it can make AI do things you never wanted it to. 

In a smart home, that means that promptware can force AI to seize control of devices, doing everything from turning up the heat and switching off lights to unlocking smart locks

Experts are still learning what dangers promptware presents to LLM-style AI and the many places it can hide. Meanwhile, there are steps you can take to help stay safe and alert. Here’s what I suggest. Continue reading “A New Type of AI Malware Threatens Smart Homes…”

Google’s Gemma Model Helps Uncover Promising Cancer Therapy Pathway

Posted on by esimantiras

Google’s Gemma Model Helps Uncover Promising Cancer Therapy Pathway

source: eweek.com  |  image: pexels.com

In a world where we ask artificial intelligence to summarize articles and create images, scientists have now tasked an AI with a much bigger challenge: finding a new way to fight cancer. And it just delivered a promising lead.

Google, on October 15, announced a major scientific milestone: an AI model from its Gemma family has helped uncover a potential new way to treat cancer.

In collaboration with Yale University, researchers at Google DeepMind and Google Research developed Cell2Sentence-Scale 27B (C2S-Scale), a massive 27 billion parameter AI model designed to understand the “language” of individual cells. Continue reading “Google’s Gemma Model Helps Uncover Promising Cancer Therapy Pathway”

A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

Posted on by esimantiras

A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones

source: wired.com  |  image: pexels.com

The malicious app required to make a “Pixnapping” attack work requires no permissions.

ANDROID DEVICES ARE vulnerable to a new attack that can covertly steal two-factor authentication codes, location timelines, and other private data in less than 30 seconds.

The new attack, named Pixnapping by the team of academic researchers who devised it, requires a victim to first install a malicious app on an Android phone or tablet. The app, which requires no system permissions, can then effectively read data that any other installed app displays on the screen. Pixnapping has been demonstrated on Google Pixel phones and the Samsung Galaxy S25 phone and likely could be modified to work on other models with additional work. Google released mitigations last month, but the researchers said a modified version of the attack works even when the update is installed.

Continue reading “A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones”

Groundbreaking Gene Therapy…

Posted on by esimantiras

Groundbreaking Gene Therapy Slows Huntington’s Disease for the First Time

 

source: nicenews.com  |  image:  pexels.com

 

It doesn’t get more “nice news” than this: In a historic medical first, a pioneering gene therapy successfully slowed the progression of Huntington’s disease by 75% in a clinical trial. The breakthrough offers new hope for the tens of thousands living with the devastating hereditary condition, which progressively destroys brain cells and impairs movement, cognition, and behavior — and until now, there was no treatment capable of slowing or halting its advance.
Continue reading “Groundbreaking Gene Therapy…”

Self-Replicating Worm Hits 180+ Software Packages

Posted on by esimantiras

Self-Replicating Worm Hits 180+ Software Packages

source: krebsonsecurity.com  |  image: pexels.com

 

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed.

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel series — because it publishes any stolen credentials in a new public GitHub repository that includes the name “Shai-Hulud.”

“When a developer installs a compromised package, the malware will look for a npm token in the environment,” said Charlie Eriksen, a researcher for the Belgian security firm Aikido. “If it finds it, it will modify the 20 most popular packages that the npm token has access to, copying itself into the package, and publishing a new version.”

At the center of this developing maelstrom are code libraries available on NPM (short for “Node Package Manager”), which acts as a central hub for JavaScript development and provides the latest updates to widely-used JavaScript components.

The Shai-Hulud worm emerged just days after unknown attackers launched a broad phishing campaignthat spoofed NPM and asked developers to “update” their multi-factor authentication login options. That attack led to malware being inserted into at least two-dozen NPM code packages, but the outbreak was quickly contained and was narrowly focused on siphoning cryptocurrency payments.

Image: aikido.dev

In late August, another compromise of an NPM developer resulted in malware being added to “nx,” an open-source code development toolkit with as many as six million weekly downloads. In the nx compromise, the attackers introduced code that scoured the user’s device for authentication tokens from programmer destinations like GitHub and NPM, as well as SSH and API keys. But instead of sending those stolen credentials to a central server controlled by the attackers, the malicious nx code created a new public repository in the victim’s GitHub account, and published the stolen data there for all the world to see and download. Continue reading “Self-Replicating Worm Hits 180+ Software Packages”

Dark Web Threats Put Bullseye on US Businesses

Posted on by esimantiras

Dark Web Threats Put Bullseye on US Businesses

source: technewsworld.com  |  image: pexels.com

 

When it comes to threats from the dark web, the U.S. is a prime target.

A new report by threat intelligence company SOCRadar found that more than four out of five (82%) threats from the dark web aimed at North America targeted the United States over the last 12 months. “The high percentage in the United States suggests a larger digital footprint and more attractive targets,” the report noted.

The 26-page report also found that Uncle Sam is a popular target for ransomware extortionists, with 88% of those attacks aimed at U.S.-based organizations. “High-value businesses, extensive digital networks, and larger financial opportunities likely attract attackers to the U.S. market,” it reasoned.

While Canada (9.7%) and Mexico (1.8%) were targeted substantially less, the report warned, “All countries must stay vigilant and actively strengthen cybersecurity defenses against ransomware threats.” Continue reading “Dark Web Threats Put Bullseye on US Businesses”

A DHS Data Hub Exposed Sensitive Intel to Thousands of Unauthorized Users

Posted on by esimantiras

A DHS Data Hub Exposed Sensitive Intel to Thousands of Unauthorized Users

source: wired.com  |  image: dhs.gov

A misconfigured platform used by the Department of Homeland Security left national security information—including some related to the surveillance of Americans—accessible to thousands of people.

THE DEPARTMENT OF Homeland Security’s mandate to carry out domestic surveillance has been a concern for privacy advocates since the organization was first created in the wake of the September 11 attacks. Now a data leak affecting the DHS’s intelligence arm has shed light not just on how the department gathers and stores that sensitive information—including about its surveillance of Americans—but on how it once left that data exposed to thousands of government and private sector workers and even foreign nationals who were never authorized to see it. Continue reading “A DHS Data Hub Exposed Sensitive Intel to Thousands of Unauthorized Users”