Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode

The group uses tools outside of the country for this attack campaign, as well as custom malware, including custom malware – including backdoor. Hartip – that Symantec has never used. Compromised computers at the time of the attack included domain controllers and file servers, and there is evidence that files are being filtered by some compromised computers. Attackers frequently used DLL side loading in this campaign and took advantage of the patched Zerologon vulnerability in August 2020.

Symantec first addressed this campaign when suspicious DLL-side loading activity on one the customers networks triggered a warning from Cloud Analytics technology available in Symantec Endpoint Security Complete (SESC).

The campaign is spread across the world, with a large number of regions detected as the victims of the attack. The common link between all the organisations that were attacked were their links to japan or japan based organisations. In the map you can clearly see that there was a reportedly Chinese-government-linked group attacking companies within China’s borders but, like many of the companies targeted in this campaign, the target in that instance is a subsidiary of a Japanese organization.

Read more | >

Initially discovered in bacteria, CRISPR-based genome editing endonucleases have proven remarkably amenable for adaptation to insects. To date, these endonucleases have been utilized in a plethora of both model and non-model insects including diverse flies, bees, beetles, butterflies, moths, and grasshoppers, to name a few, thereby revolutionizing functional genomics of insects. In addition to basic genome editing, they have also been invaluable for advanced genome engineering and synthetic biology applications. Here we explore the recent genome editing advancements in insects for generating site-specific genomic mutations, insertions, deletions, as well as more advanced applications such as Homology Assisted Genome Knock-in (HACK), potential to utilize DNA base editing, generating predictable reciprocal chromosomal translocations, and development gene drives to control the fate of wild populations.

Read more | >

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned.

The incident is the latest incursion at GoDaddy that relied on tricking employees into transferring ownership and/or control over targeted domains to fraudsters. In March, a voice phishing scam targeting GoDaddy support employees allowed attackers to assume control over at least a half-dozen domain names, including transaction brokering site escrow.com.

Read more | >

Despite expert advice against paying up, most victims of ransomware attacks in the region, including 88% in Australia and 78% in Singapore, have paid the ransom in full or in part, and the number of such attacks is only going to keep climbing amidst accelerated digital transformation efforts and remote work.

Read more | >

A team of researchers have devised a way to verify that a class of complex programs is bug-free without the need for traditional software testing. Called Armada, the system makes use of a technique called formal verification to prove whether a piece of software will output what it’s supposed to. It targets software that runs using concurrent execution, a widespread method for boosting performance, which has long been a particularly challenging feature to apply this technique to.

The between the University of Michigan, Microsoft Research, and Carnegie Mellon was recognized at ACM’s Programming Language Design and Implementation (PDLI 2020) with a Distinguished Paper Award.

Concurrent programs are known for their complexity, but have been a vital tool for increasing performance after the raw speed of processors began to plateau. Through a variety of different methods, the technique boils down to running multiple instructions in a simultaneously. A common example of this is making use of multiple cores of a CPU at once.

Read more | >