Nice looking website you’ve got there. It’d be a shame if someone DDoS’d it.
Category: cybercrime/malcode
Ten days after it learned it was targeted by a ransomware attack, the College of Nurses of Ontario (CNO) is still trying to figure out if the personal information of its 300 employees and 195,500 members has been compromised, officials tell CBC News.
“We are aware of a claim on the dark web regarding data theft from CNO,” the nursing regulatory body told CBC News in a statement.
Amidst rising tensions between Israel and Iran, security researchers fear new escalation.
For the first time ever, a patient’s death has been linked directly to a cyberattack. Police have launched a “negligent homicide” investigation after ransomware disrupted emergency care at Düsseldorf University Hospital in Germany.
The victim: Prosecutors in Cologne say a female patient from Düsseldorf was scheduled to undergo critical care at the hospital when the September 9 attack disabled systems. When Düsseldorf could no longer provide care, she was transferred 19 miles (30 kilometers) away to another hospital. The hackers could be held responsible by German police, the BBC reports.
A tragic first: “If confirmed, this tragedy would be the first known case of a death directly linked to a cyberattack,” Ciaran Martin, formerly the chief executive of the UK’s National Cyber Security Centre, said in a speech at the Royal United Services Institute. “Although the purpose of ransomware is to make money, it stops systems working. So if you attack a hospital, then things like this are likely to happen. There were a few near misses across Europe earlier in the year, and this looks, sadly, like the worst might have come to pass.”
Microsoft announced legal action Monday seeking to disrupt a major cybercrime digital network that uses more than 1 million zombie computers to loot bank accounts and spread ransomware, which experts consider a major threat to the U.S. presidential election.
The operation to knock offline command-and-control servers for a global botnet that uses an infrastructure known as Trickbot to infect computers with malware was initiated with an order that Microsoft obtained in Virginia federal court on Oct. 6. Microsoft argued that the crime network is abusing its trademark.
“It is very hard to tell how effective it will be but we are confident it will have a very long-lasting effect,” said Jean-Ian Boutin, head of threat research at ESET, one of several cybersecurity firms that partnered with Microsoft to map the command-and-control servers. “We’re sure that they are going to notice and it will be hard for them to get back to the state that the botnet was in.”
In the dog days of last week, a shadowy group of secret sources in U.S. Cyber Command whispered to reporters that they’d disrupted a huge, ransomware-spewing botnet. Trickbot, closely related to Emotet and Ryuk, is believed to be managed by Russian criminals.
But today, Microsoft and friends are saying the disruption was actually down to them—awks. The consortium of industry players has developed a new legal mechanism to remove the botnet’s servers from the net and they say it’s working.
They’re basically using international copyright law to do takedowns, arguing that “malicious use” of Windows and Office is actionable in court. In today’s SB Blogwatch, we DMCA ur C2 and pwn ur zombies.
With artificial intelligence (AI) tools and machine learning algorithms now making their way into a wide variety of settings, assessing their security and ensuring that they are protected against cyberattacks is of utmost importance. As most AI algorithms and models are trained on large online datasets and third-party databases, they are vulnerable to a variety of attacks, including neural Trojan attacks.
A neural Trojan attack occurs when an attacker inserts what is known as a hidden Trojan trigger or backdoor inside an AI model during its training. This trigger allows the attacker to hijack the model’s prediction at a later stage, causing it to classify data incorrectly. Detecting these attacks and mitigating their impact can be very challenging, as a targeted model typically performs well and in alignment with a developer’s expectations until the Trojan backdoor is activated.
Researchers at University of California, San Diego have recently created CLEANN, an end-to-end framework designed to protect embedded artificial neural networks from Trojan attacks. This framework, presented in a paper pre-published on arXiv and set to be presented at the 2020 IEEE/ACM International Conference on Computer-Aided Design, was found to perform better than previously developed Trojan shields and detection methods.
Ira Pastor, ideaXme life sciences ambassador interviews Brian Holmes Ph.D., Dean of The National Intelligence University, Anthony G. Oettinger School of Science and Technology Intelligence.
Ira Pastor comments:
The National Intelligence University (NIU), is a federally chartered research university which serves as the United States Intelligence Community’s institution for higher learning in fields of study central to the profession of intelligence and national security.
National Intelligence University’s interdisciplinary programs emphasize education through scholarly and applied research designed to help U.S. intelligence officers better understand the diverse range of geopolitical, strategic, and technological threats and opportunities affecting intelligence and national security.
The university is organized into two separate academic units: the College of Strategic Intelligence and the Oettinger School of Science and Technology Intelligence. Combined, the colleges cover a diverse and evolving range of international affairs issues and adversarial threats and capabilities, from cultural and religious conflicts, to weapons of mass destruction (WMD) proliferation, cybersecurity threats, terrorism, transnational crime, and more. NIU is the only university in the United States where students can study and complete research at the Top Secret/Sensitive Compartmented Information level. The School of Science and Technology Intelligence within the National Intelligence University is focused on science and technical analytic education, research and external engagement across the intelligence and national security communities.
Dr. Holmes served as an all-source intelligence analyst and Branch Chief in the Defense Intelligence Agencies’ (DIA) Counter-proliferation Support Office from 2006–2010 before accepting a managerial position in the Directorate for Analysis’ Staff Operations Division. He was a Direct Commission intelligence officer in the U.S. Navy Reserve, serving from 2007–2011 and reached the rank of Lieutenant. For three years he supported the Afghanistan-Pakistan Task Force as an all-source intelligence analyst in DIA’s Directorate for Intelligence.
“This attack demonstrates that, albeit rarely, in exceptional cases, actors are willing to go to great lengths in order to gain the highest level of persistence on a victim’s machine,” said Kaspersky Lab researcher Mark Lechtik in a statement.
The company discovered the UEFI-based malware on machines belonging to two victims. It works to create a Trojan file called “IntelUpdate.exe” in the Startup Folder, which will reinstall itself even if the user finds it and deletes it.
