Tag Archive for: threat

Russian ‘Cyber Sabotage’ A Global Threat: Security Firm

/in


A Sandworm cyber hacker groups linked to Russian intelligence services is expected by computer security firm Mandiant to take aim at Western elections the Kremlin would like to sway


Indranil Mukherjee

Text size

Source…

Malware Alert: Windows Devices in Crosshairs of New Threat Byakugan!

/in


Windows devices are now under a new threat – a malware named Byakugan, stealing sensitive data and providing remote access to attackers.

What is Byakugan?

Byakugan is a sophisticated malware that specifically targets Windows devices. It’s built using node.js and includes a variety of libraries such as a screen monitor, miner, keystroke recorder, file manipulator, and browser info stealer. This allows the intruder to steal sensitive data including cookies, credit card details, downloads, and profiles filled automatically. To add salt to the wound, Byakugan can even mine cryptocurrencies using the victim’s CPU or GPU resources.

Distribution and Infection Method

The malware is primarily distributed via a phishing campaign, where victims are lured with a fake PDF file containing a malicious link. The infection starts when the victim clicks this deceptive link. The process continues as a file named require.exe is deposited followed by the downloading of an installer program into a temporary folder. A DLL file is then manipulated through DLL hijacking, to execute require.exe and download the malware’s main module.

The Main Module

The main module of this malware is downloaded from the site thinkforce.com. This server not only aids in distribution but also doubles as a control panel for the attacker, allowing further exploitation and manipulation of the infected device.

Past Incidents

Similar attacks have been carried out before. Adobe was previously targeted with an infostealer disguised as an Adobe Reader install program, prompting users to download what they thought was Adobe Reader, but in reality was a malicious file. Two harmful files were created and a Windows system file was run with admin rights. The malicious DLL file managed to bypass User Account Control (UAC) through DLL hijacking.

About Acrobat Reader DC by Adobe

Acrobat Reader DC by Adobe is a top-notch office tool that is widely used for reading, commenting, printing, and signing PDF documents. It’s a key competitor to Word but distinguishes itself with its superior efficiency and its seamless connection to Adobe’s cloud. It’s a free and highly recommended software for Windows, Android, and iOS users.

Source…

Quantum hacking is a looming privacy threat. Companies should start worrying now

/in


Now that everyone else has had a turn, quantum hackers are coming for your data.

Well, not quite yet. But they’re working on it.

Quantum computers, which are still in development by players such as Google, IBM, and Microsoft, hold enormous promise to do good as well as harm. The U.S. and Chinese governments are pouring billions into them.

For a primer on this new breed, I turned to Martin Lee, technical lead of security research and EMEA lead at Cisco Talos, the networking giant’s threat intelligence and response group.

Traditional computers operate on binary digits, or bits, that are either one or zero. In a quantum machine, “the bits are one, zero, or everything in between, all at the same time,” Lee says. So it “has the possibility of being able to calculate and consider many different solutions to a problem all at the same time to find the correct answer.”

That’s ideal for calculating the shapes of proteins to discover new drugs, Lee notes, or the thermodynamics of an engine.

It’s also perfect for stealing data.

Because a quantum computer makes calculating the factors of prime numbers much easier, it could swiftly crack many existing encryption algorithms, Lee says.

How soon? Maybe next year, maybe in five years, or maybe never, Lee reckons. But it’s time to start considering the problem so it doesn’t become an emergency, he warns. “Certainly, CIOs and CTOs need to think about ‘How do we prepare for a post-quantum world?’”

In response, companies are already developing and deploying quantum security. One is QuSecure, a California startup whose clients include Cisco, Dell, and the U.S. military.

Hackers are harvesting data now for quantum decryption later, says cofounder, chief product officer, and CTO Rebecca Krauthamer. Prime targets include electronic health and financial records, as well as national security data, Krauthamer adds. “All those kinds of things, they have a shelf life, and that’s why for some sectors, it’s a very urgent problem.”

To ward off quantum attacks, you fight fire with fire, right? Actually, no.

QuSecure’s software sits atop a client’s existing encryption, explains Skip Sanzeri, cofounder, chair, and COO. Besides some…

Source…

Japan, Philippines, US to Share Cyber Threat Intel

/in


The US, Japan, and the Philippines reportedly will join forces in cybersecurity defense with a strategic cyber threat-sharing arrangement in the wake of rising attacks by China, North Korea, and Russia.

The initiative will launch during high-level trilateral talks between US President Joe Biden, Japanese Prime Minister Fumio Kishida, and Philippine President Ferdinand Marcos Jr. during a trilateral summit in Washington this week, according to the English-language version of the Nihon Keizai Shimbun. The cyber alliance comes on the heels of Volt Typhoon, a group of cyberattackers linked to China’s military, targeting critical infrastructure networks in the Philippines and US territories in the region.

Over the past three months, the number of cyberattack attempts against national government agencies in the Philippines has increased 20% week over week, according to data from Trend Micro shared with Dark Reading. 

“Traditional US allies in Asia — Japan, Taiwan, Philippines — are of high interest to Chinese-aligned attackers,” says Robert McArdle, director of forward-looking threat research with the cybersecurity firm. “There has been an increase in tensions in the region recently as well as important political events including presidential elections that China maintains interest in.”

The cybersecurity concerns come as geopolitical tensions have ratcheted up in the region. China has both expanded its military presence, especially with its claims to large sections of the South China Sea — as far away as 1,000 km from its mainland and encroaching on Philippines territory. The military buildup has been matched by increases in cyberattacks by Chinese state-sponsored actors, such as Mustang Panda, which compromised a Philippines government agency last year. The widespread Volt Typhoon attacks have claimed critical infrastructure networks in the Philippines, US, UK, and Australia.

Philippines at Risk

The dispute over the South China Sea comes at a time when the Philippines has seen significant growth in its technology development and business sectors and increased urbanization and Internet access, says Myla Pilao, director for technical marketing for Trend Micro, who works in the…

Source…