Russian military intelligence tied to the group Fancy Bear are using brute force techniques to infiltrate the networks of government and private sector organizations, a joint advisory from US and UK cybersecurity agencies said.
Category: cybercrime/malcode
Answer.
Financially motivated cybercriminals are increasingly turning to Cobalt Stike, a legitimate tool that cybersecurity professionals use to test system security, researchers at Proofpoint found.
The cybersecurity firm declined to disclose specific numbers but reported a 161% increase in attacks using Cobalt Strike in 2020 compared to 2019. Proofpoint researchers have already seen tens of thousands of organizations targeted by the tool this year and expect those numbers to climb in 2021, according to the report the firm released Tuesday.
Threat groups are able to get ahold of the tool from pirated versions circulating the dark web, according to Sherrod DeGrippo, senior director of threat research and detection at Proofpoint.
Ransomware continues to grow more sophisticated and lucrative, and now security firm LIFARS says operators have built a Silicon Valley-like VC ecosystem.
SAN FRANCISCO, June 25 (Reuters) — Microsoft (MSFT.O) said on Friday an attacker had won access to one of its customer-service agents and then used information from that to launch hacking attempts against customers.
The company said it had found the compromise during its response to hacks by a team it identifies as responsible for earlier major breaches at SolarWinds (SWI.N) and Microsoft.
Microsoft said it had warned the affected customers. A copy of one warning seen by Reuters said the attacker belonged to the group Microsoft calls Nobelium and that it had access during the second half of May.
The artificial intelligence revolution is just getting started. But it is already transforming conflict. Militaries all the way from the superpowers to tiny states are seizing on autonomous weapons as essential to surviving the wars of the future. But this mounting arms-race dynamic could lead the world to dangerous places, with algorithms interacting so fast that they are beyond human control. Uncontrolled escalation, even wars that erupt without any human input at all.
DW maps out the future of autonomous warfare, based on conflicts we have already seen – and predictions from experts of what will come next.
For more on the role of technology in future wars, check out the extended version of this video – which includes a blow-by-blow scenario of a cyber attack against nuclear weapons command and control systems: https://youtu.be/TmlBkW6ANsQ
Subscribe: https://www.youtube.com/user/deutschewelleenglish?sub_confirmation=1
For more news go to: http://www.dw.com/en/
Follow DW on social media:
►Facebook: https://www.facebook.com/deutschewellenews/
►Twitter: https://twitter.com/dwnews.
►Instagram: https://www.instagram.com/dwnews.
Für Videos in deutscher Sprache besuchen Sie: https://www.youtube.com/dwdeutsch.
#AutonomousWeapons #ArtificialIntelligence #ModernWarfare
Rather than steal credentials or hold data for ransom, a recent campaign observed by Sophos prevents people from visiting sites that offer illegal downloads.
The objective of most malware is some kind of gain — financial or otherwise — for the attackers who use it. However, researchers recently observed a unique malware with a single intent: Blocking the infected computers from visiting websites dedicated to software piracy.
The malware (which SophosLabs principal researcher Andrew Brandt called “one of the strangest cases I’ve seen in a while”) works by modifying the HOSTS file on the infected system, in a “a crude but effective method to prevent a computer from being able to reach a web address,” he wrote in a report published Thursday.
A malware called Crackonosh infected 222000 PCs in order to mine $2 million worth of Monero cryptocurrency.
Cybersecurity experts reported the detection of at least four flaws in Dell SupportAsist’s BIOSConnect feature, the exploitation of which would allow threat actors to deploy remote code to affected devices. It should be noted that this software is preinstalled by default on most Dell computers running Windows systems, and BIOSConnect allows remote firmware update and some operating system recovery features.
This set of flaws received a score of 8.3÷10 on the Common Vulnerability Scoring System (CVSS) scale, and its exploitation would allow privileged remote hackers on the target system to impersonate an official Dell service in order to take control of the operating system boot process and thus break any security controls enabled. So far no active exploitation attempts or a functional attack have been detected for the abuse of these flaws.
The report was presented by security firm Eclypsium, whose researchers say the problem lies in at least 129 Dell devices, including desktops, laptops and electronic tablets used by nearly 130 million users worldwide.
Flaws in card reader technology let a security firm consultant wreak havoc with point-of-sale systems and more.