Malware and Wi-Fi threats are on the rise.
NordLocker report warns users to remain on their guard against the latest threats.
Category: cybercrime/malcode
These attacks — along with news of several high-profile data breaches linked to the Russian government-backed hack of American software company SolarWinds, including at tech titans like Microsoft — have prompted questions about how these attacks have occured, and how to better guard against them.
State and local leaders testified June 17 before the Senate about how cyber threats they face have grown. And along with the increased penalties for cybercriminials included in a bipartisan Senate infrastructure package, a second bipartisan Senate bill would require public and private entities to report cybersecurity breaches to the government within 24 hours, as well as add liability protections to help encourage businesses to come forward.
Here’s what you should know as debate over cybersecurity and how to fight ransomware continues.
Cyber incidents are an ongoing and substantial threat. Find out how The National Guard is working to deter, disrupt and defeat malicious cyber activity.
ARLINGTON, Va. – The National Guard plays a critical role in defending computer networks and mitigating cyber-attacks that occur almost daily, said Guard senior leaders during a roundtable discussion Tuesday.
“Cyber incidents are an ongoing and substantial threat,” said Army Gen. Daniel Hokanson, chief of the National Guard Bureau. “In 2021 alone, America’s power plants, food supply, water supply, health care, law enforcement, and defense sectors have all come under attack.”
That’s why upcoming exercises like Cyber Shield 2021 – which helps prepare “Guard cyber warriors to deter, disrupt and defeat malicious cyber activity” – are important, he said. Adding the Guard plays a key role in the Department of Defense’s cyber enterprise while partnering with outside agencies.
😃
Defense Advanced Research Projects Agency (DARPA) has made its hardware vulnerability disclosure platform for white-hat hackers open source.
The platform, known as Finding Exploits to Thwart Tampering (FETT), was first launched last year, and the agency hopes that moving to an open-source structure will help ethical hackers to spot flaws with chip design and aid the creation of new processor prototypes.
The system virtualizes hardware and firmware, giving hackers a full range of access to chip designs before they are produced and installed into agency systems.
A recent security report states that it is possible to hijack sessions on Google Compute Engine virtual machines to gain root access through a DHCP attack. While deploying this attack is impractical, an exploit attempt can be highly functional.
The report, published on GitHub, mentions that a threat actor could allow threat actors to take control of virtual machines because these deployments rely on ISC DHCP software, which employs a very weak random number generator. A successful attack clutters these virtual machines with DHCP traffic, forcing the use of a fake metadata server controlled by an attacker.
If the attack is successful, the virtual machine uses the unauthorized server for its configuration instead of an official Google one, which would allow cybercriminals to log in to the affected device with root access.
In some cases, chain reactions fed more widespread disruption.
The Swedish Coop grocery store chain had to close hundreds of stores on Saturday because its cash registers are run by Visma Esscom, which manages servers for a number of Swedish businesses and in turn uses Kaseya.
Brett Callow, a ransomware expert at the cybersecurity firm Emsisoft, said he was unaware of any previous ransomware supply-chain attack on this scale.
On June 25, 2021 NASA published detail description of future missions for Ingenuity Mars Helicopter considering 2nd software update because of HD imaging issue. Ingenuity’s team determined that capturing color images may have been inducing the imaging pipeline glitch, which resulted in the instability (Flight 6 anomaly). So Mars Helicopter needs 2nd software update to make thing going well within upcoming 9th flight. Ingenuity’s first bug was solved by software update (watchdog timer issue). Another software update for Mars Helicopter is intended to return ability to make 13 Megapixels photos on mars without flight anomalies for Ingenuity. Last week Mars Helicopter completed 8th flight on flying to 160 meters South and Perseverance goes to new location Séítah as well. Black and white images are from Ingenuity’s onboard camera directly. Mars Helicopter flew for 77.4 seconds. Maximal horizontal speed was 4 meters per second. Altitude was 10 meters. Ingenuity made amazing work to live on Mars autonomously.
Credit: nasa.gov, NASA/JPL-Caltech, NASA/JPL-Caltech/ASU
Link to Ingenuity’s 9th flight preparation with 2nd software update: https://mars.nasa.gov/technology/helicopter/status/308/flight-8-success-software-updates-and-next-steps/
#mars #ingenuity #helicopter
Businesses around the world rushed Saturday to contain a ransomware attack that has paralyzed their computer networks, a situation complicated in the U.S. by offices lightly staffed at the start of the Fourth of July holiday weekend.
It’s not yet known how many organizations have been hit by demands that they pay a ransom in order to get their systems working again. But some cybersecurity researchers predict the attack targeting customers of software supplier Kaseya could be one of the broadest ransomware attacks on record.
It follows a scourge of headline-grabbing attacks over recent months that have been a source of diplomatic tension between U.S. President Joe Biden and Russian President Vladimir Putin over whether Russia has become a safe haven for cybercriminal gangs.
User records from a popular no-logs VPN service were obtained following a data breach.
A hacker has obtained LimeVPN’s entire database from a backup of its website which they are now selling online.