Tag Archive for: smart

Biden probes security risks of Chinese smart cars


The News

The Biden administration is launching an investigation into national security risks posed by “connected” vehicles — cars linked to the internet — that use Chinese technology. Officials will weigh potential restrictions on the products to head off spying, hacking, or data collection.

Led by the Commerce Department, the investigation will solicit public comments over the next 60 days about risks posed by connected vehicles, which include electric vehicles, that use technology from China or other “countries of concern.” Ultimately, the administration could enact bans or “mitigating measures” to address any risks, a senior Biden administration official said, though officials are not currently promising to take any actions.

“Connected vehicles that have technologies sourced from China could be exploited in ways that threaten U.S. national security,” White House National Economic Council Director Lael Brainard told reporters. “The president believes it’s important for the United States to consider imposing safeguards to guard against connected vehicles operating on U.S. roads from relying on information and communication technology from China and other countries of concern.”

Commerce Secretary Gina Raimondo said the administration has a “high level of concern” about risks of Chinese-made connected vehicles and wants to act “before Chinese-manufactured vehicles become widespread in the United States and potentially threaten our privacy and our national security.”

The announcement is likely to inflame tensions with China, which has criticized U.S. curbs on semiconductors and other advanced technology the Biden administration says are motivated by national security considerations.

Know More

The investigation will be run by Commerce’s Bureau of Industry and Security, which is putting out an “advanced notice of proposed rulemaking” to solicit public input about potential risks from foreign-made technology in connected vehicles. The administration is taking the action under authorities provided by a Trump-era executive order.

The Biden administration is specifically looking at connected vehicles made with technology from China, even if those vehicles…

Source…

Vast botnet hijacks smart TVs for prime-time cybercrime • The Register


Updated Security researchers have pinned a DDoS botnet that’s infected potentially millions of smart TVs and set-top boxes to an eight-year-old cybercrime syndicate called Bigpanzi.

At least 170,000 bots were running daily at the campaign’s height after infecting Android-based TVs and other streaming hardware via pirated apps and firmware updates.

A common infection scenario would see a user visit a dodgy streaming site while browsing on their smartphone, only to then be pushed into downloading the associated malicious app to their Android-based smart TV.

A user would then have their device backdoored and its resources made available for use in various cybercrimes, including DDoS attacks and hijacking other streams, replacing other channels’ content with an attacker’s.

Such a case happened in the United Arab Emirates back in December 2023, for example, where regular broadcasts were hijacked with imagery from inside the conflict between Israel and Palestine.

“The potential for Bigpanzi-controlled TVs and STBs to broadcast violent, terroristic, or pornographic content, or to employ increasingly convincing AI-generated videos for political propaganda, poses a significant threat to social order and stability,” said researchers at Chinese security biz Qianxin.

The researchers didn’t detail the history of the botnet’s DDoS activity or blame it for any high-profile attacks, but to get a feel for what it’s capable of, its DDoS commands are inherited from the infamous Mirai.

Qianxin’s investigation revealed the malware, called pandoraspear, added 11 different Mirai-related DDoS attack vectors to its list of commands after the first few versions had comparably weaker tools in this area.

As we all know, Mirai was responsible for some of the most high-profile DDoS attacks from yesteryear, including those on Dyn, GitHub, Reddit, and Airbnb – all falling on that one October 2016 day that broke the internet (not in the viral sensation kind). It’s also a malware that just keeps cropping up and is under active development to this day.

In trying to trace the identity of those behind pandoraspear, Qianxin’s researchers eventually narrowed their search down to a single company but…

Source…

‘Pandoraspear’ botnet hijacks smart TVs and boxes


Cybercrime syndicate Bigpanzi stands accused of orchestrating a massive Distributed Denial of Service (DDoS) botnet named ‘Pandoraspear’.

Pandoraspear has reportedly infected potentially millions of smart TVs and set-top boxes, with at least 170,000 bots actively running during the campaign’s peak.

The infection mechanism primarily targets Android-based smart TVs and streaming hardware, exploiting users who visit dubious streaming sites on their smartphones. Upon accessing such sites, users unwittingly download malicious apps to their Android-based smart TVs—allowing cybercriminals to backdoor the devices and use their resources for various cybercrimes.

One alarming case in December 2023 involved the hijacking of regular broadcasts in the United Arab Emirates, where imagery from the conflict between Israel and Palestine replaced the original content. Security researchers from Chinese firm Qianxin have expressed concerns about the potential for these compromised devices to broadcast violent, terroristic, or pornographic content, posing a significant threat to social order.

The botnet, named ‘Pandoraspear,’ has inherited DDoS attack vectors from the infamous Mirai malware. Qianxin’s investigation revealed that the malware added 11 different Mirai-related DDoS attack vectors to its command list, showcasing the evolving nature of cybercrime tactics.

Bigpanzi – active since at least 2015 – has concentrated its efforts primarily in Brazil, particularly in São Paulo. The scale of the botnet became apparent when researchers seized control of two of the nine domains used for the botnet’s command and control infrastructure. However, the criminals responded by launching DDoS attacks to force the domains offline.

Despite the researchers’ efforts, much remains unknown about Bigpanzi, and tracing their activities is an ongoing challenge. The cybercrime syndicate appears to have shifted its DDoS operations to another botnet—indicating a strategic shift towards more lucrative cybercrimes, such as using it as a content delivery network.

As cybersecurity experts continue their investigation into Bigpanzi,…

Source…

NOD32 Antivirus / ESET Internet Security / Eset Smart Security Premium 17.0.16.0


NOD32 for Windows is the best choice for protection of your personal computer. Almost 20 years of technological development enabled ESET to create state-of-the-art antivirus system able to protect you from all sorts of Internet threats. ESET Internet Security boasts a large array of security features, usability enhancements and scanning technology improvements in defense of your your online life.

ESET Internet Security
ESET Internet Security keeps your computer or laptop safe with intelligent multi-layered protection combining proven antivirus, antispyware, firewall, anti-rootkit and antispam capabilities. Based on ESET NOD32 Antivirus, it protects you from viruses, worms, spyware, and all Internet threats. It conserves resources and improves computer speed. You are protected at the highest level while you work, social network, play online games or plug in removable media.



ESET NOD32 Antivirus
Your best defense against viruses, trojans and other forms of malware—and the top choice for IT professionals. Powered by the ThreatSense® engine with advanced heuristics, which blocks far more unknown threats than the competition. The latest generation of the legendary ESET NOD32 Antivirus takes your security to a whole new level. Built for a low footprint, fast scanning, it packs security features and customization options for consistent and personalized security online or off.

ESET Smart Security
Ultimate protection for everyday web users, thanks to ESET’s trademark best balance of detection, speed and usability. Stay safe from viruses and spyware. Stay protected from ransomware – Blocks malware that tries to lock you out of your own data. Receive free support by email or telephone in your local language, wherever you are. Bank and shop online more safely – automatically secures transactions on internet banking sites, and helps to protect you on online payment gateways. Stop hackers from accessing your PC – Personal Firewall prevents hackers from gaining access to your computer and keeps you invisible when you use public Wi-Fi. Keep your kids safe online – block unwanted internet content by categories or…

Source…