Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode

“Siloscape”, the first malware to target Windows containers, breaks out of Kubernetes clusters to plant backdoors and raid nodes for credentials.

Windows containers have been victimized for over a year by the first known malware to target Windows containers. The ongoing campaign pierces Kubernetes clusters so as to plant backdoors, allowing attackers to steal data and user credentials, or even hijack an entire databases hosted in a cluster.

The malware was discovered by Unit 42 security researcher Daniel Prizmant. He dubbed it Siloscape, which he pronounces “Silo escape.” The malware pries open known vulnerabilities in web servers and databases so as to compromise Kubernetes nodes and to backdoor clusters.

Read more | >

U.S. investigators have recovered millions of dollars in cryptocurrency that Colonial Pipeline paid hackers last month to end a ransomware attack on its systems.

Deputy Attorney General Lisa Monaco announced Monday afternoon that the Department of Justice “found and recaptured the majority of the ransom” paid to the DarkSide network, the group responsible for the attack.

Paul Abbate, the deputy director of the FBI, said the bureau successfully seized the ransom funds from a bitcoin wallet that DarkSide used to collect Colonial Pipeline’s payment.

Read more | >

The world is one step closer to ultimately secure conference calls, thanks to a collaboration between Quantum Communications Hub researchers and their German colleagues, enabling a quantum-secure conversation to take place between four parties simultaneously.

The demonstration, led by Hub researchers based at Heriot-Watt University and published in Science Advances, is a timely advance, given the global reliance on remote collaborative working, including calls, since the start of the C19 pandemic.

There have been reports of significant escalation of cyber-attacks on popular teleconferencing platforms in the last year. This advance in quantum secured communications could lead to conference calls with inherent unhackable security measures, underpinned by the principles of quantum physics.

Read more | >

Scientists have created a cybersecurity technology called Shadow Figment that is designed to lure hackers into an artificial world, then stop them from doing damage by feeding them illusory tidbits of success.

The aim is to sequester bad actors by captivating them with an attractive—but imaginary—world.

The technology is aimed at protecting physical targets—infrastructure such as buildings, the electric grid, water and sewage systems, and even pipelines. The technology was developed by scientists at the U.S. Department of Energy’s Pacific Northwest National Laboratory.

Read more | >

The U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals, a senior department official told Reuters.

Internal guidance sent on Thursday to U.S. attorney’s offices across the country said information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington.

“It’s a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain,” said John Carlin, principle associate deputy attorney general at the Justice Department.

Read more | >

REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests.

Threat actors have deployed new ransomware on the back of a set of PowerShell scripts developed for making encryption, exploiting flaws in unpatched Exchange Servers to attack the corporate network, according to recent research.

Researchers from security firm Sophos detected the new ransomware, called Epsilon Red, in an investigation of an attack on a U.S.-based company in the hospitality sector, Sophos Principal Researcher Andrew Brandt wrote in a report published online.

Read more | >

WASHINGTON — The Steamship Authority of Massachusetts ferry service fell victim to a ransomware attack Wednesday, the latest cyber assault affecting logistics and services in the United States.

The Steamship Authority is the largest ferry service offering daily fares from Cape Cod to neighboring islands Nantucket and Martha’s Vineyard off the coast of Massachusetts, according to the company’s website.

“The Woods Hole, Martha’s Vineyard and Nantucket Steamship Authority has been the target of a ransomware attack that is affecting operations as of Wednesday morning,” the company wrote in a statement, adding that customers may experience delays.

Read more | >

Microsoft has galvanised policy makers across seven Asia-Pacific markets, including Singapore and Indonesia, in a bid to facilitate the sharing of threat intelligence and resources amongst their respective public sector. The US software vendor says “collective” efforts across the region are critical in combating cybersecurity threats, which are inevitable in an increasingly interconnected world.

It noted that Asia-Pacific saw malware and ransomware attacks at higher frequencies, clocking 1.6 and 1.7 times higher, respectively. than the global average. Citing numbers from its 2019 threat report, Microsoft said developing markets such as Indonesia, India, and Sri Lanka were most vulnerable to such threats that year.

It added that cybercrime not only resulted in financial losses and brought down operations, but also posed risks to national security and eroded trust in digital economies.

Read more | >