Tag Archive for: Beware

Beware of AI-enhanced Cyberattacks – CEPA

/in


Artificial intelligence can increase the quality and speed of cyberattacks. But AI also can improve our defenses.

When hackers first sent phishing emails in the 1990s, their technique was laborious, requiring them to click over and over to deliver their fake emails. Messages included requests for users to enter information on a webpage that delivered the victim’s login credentials. Today, AI-enhanced phishing attacks increase the speed and scale of cyberattacks, searching out targets, automatically dispatching millions of customized emails within minutes — and dangerously, searching for new targets in the US and abroad.

AI personalizes. The software analyzes social networks, breaches, and public records to generate convincing messages that appear to come from trusted colleagues, friends, or reputable organizations.

 While this AI-powered security threat is immense, AI also offers an opportunity to strengthen cyber defenses. A strong legal framework is required to respond. Surprisingly, the US is ahead of Europe in regulations and policies to govern cyber operations around national security.

AI-enhanced cyberattacks represent an evolution in the long history of cyberattack automation. AI disseminates malicious software across networks or devices, expediting the theft of sensitive data from compromised systems. Automated credential stuffing tests millions of stolen usernames and password combinations against multiple online login pages, enabling rapid account takeover at speed and scale.

 The same power that allows the machine to execute actions or learn by themselves makes them difficult to control. Consider the ‘paperclip maximizer,” a thought experiment introduced by philosopher Nick Bostrom. A hypothetical AI-powered computer is given the sole objective of manufacturing as many paper clips as possible. It pursues this narrow goal, allocating all available resources to it, including those necessary for human survival, leading to catastrophic consequences.

The thought experiment underlines the dangers of AI cyber automation: a seemingly harmless objective could lead to an unintended outcome. COMPAS, a software used by US courts to…

Source…

Beware! This Android Malware Can Steal All Your Money While Remaining Undetected

/in


Online threats manifest in various forms and sizes, ranging from deceptive job offers by scammers to phishing emails that install harmful software on your device. However, imagine encountering a new malware specifically designed for Android devices, disguising itself as legitimate apps like Google Chrome. This infamous malware, known as ‘Chameleon,’ not only infiltrates your device’s security measures but also steals sensitive financial data, including bank account passwords. The threat posed by it is significant and warrants caution.

The latest information on this comes from research conducted by ThreatFabric. It states that this threat isn’t new; it has been circulating for a year or so. However, recently, bad actors have made it more advanced than before, allowing it to easily penetrate devices using an HTML trick capable of granting access to a user’s important information.

Story continues below advertisement

The research further notes that this malware is distributed through Zombinder, allowing it to stick around undetected as you use your typical everyday apps like Google Chrome. It can also easily bypass your device’s biometrics, as noted by ThreatFabric.

As we mentioned, this malware can steal personal data. It can also use this data to gain access to your bank account, causing financial loss and allowing bad actors to access your personal information. So, unless you want to lose all your money and even your digital existence, be quite wary.

How to Be Safe

The one and only way to truly avoid having malware like Chameleon on your device is to stop downloading apps and APKs from random websites, and especially the ones that promise a paid app for free. Downloading from unverified sources can prove to be quite challenging in the long term, and it can do more harm than good. Ergo, never download any official app from a random link that you received, or a website that looks fishy.

Another way to ensure safety is to keep Google’s Play Protect on. This built-in Google tool can go a long way to ensure the safety of your device.

top videos

  • Apple Watch BANNED In US: All Details About The Masimo Patent War | Tech | Latest News

  • ChatGPT rival Krutrim Launched By Ola: What is…

    • Source…

    Beware: North Korean Hackers Allegedly Have New Modus Operandi To Steal Your Crypto

    /in


    KEY POINTS

    • Rogue actors allegedly backed by North Korea have stolen data from nearly 1,500 victims between March and October
    • The majority of the victims are from the private sector and 57 from incumbent or retired government officials
    • When the scam email was opened or the phishing link was clicked on, the victim’s computer would be infected with malware

    The South Korean National Police Agency has warned people against North Korean malicious actors and hackers, who have been impersonating government agency officials and journalists to steal cryptocurrencies.

    Rogue actors allegedly backed by the hermit country have stolen data from nearly 1,500 victims between March and October, the majority of whom were from the private sector and 57 from incumbent or retired government officials, the local media reported quoting the South Korean National Police Agency.

    Malicious actors pretended to be officials from South Korea’s National Pension Service, National Health Insurance, National Tax Service and National Police Agency to send phishing emails to recipients.

    When the scam email was opened or the phishing link was clicked on, the victim’s computer would be infected with malware, following which the hackers would harvest data, including personal information.

    Hackers also stole user IDs and profiles of 19 victims to access their cryptocurrency trading accounts, according to the police authorities, although they did not disclose the amount of crypto assets stolen by cybercriminals.

    North Korea’s hacking efforts have grown in scale and scope in 2023, according to authorities who revealed that “last year, they stripped virtual assets by distributing ransomware. That coerced victims to pay money and valuables to regain their property. ” However, this year, malicious actors have become more aggressive in phishing, which has resulted in the authorities shutting down 42 phishing websites.

    It was reported earlier this month that North Korean hackers linked to the notorious cybercriminal group Lazarus Group, purportedly operating on behalf of North Korea, were impersonating blockchain engineers on Discord using social engineering techniques.

    Victims reportedly download a malicious ZIP file, convinced they were…

    Source…

    Beware AvosLocker Ransomware Attacks on Critical Infrastructure

    /in


    US authorities issued a warning this week about potential cyberattacks against critical infrastructure from ransomware-as-a-service (RaaS) operation AvosLocker.

    In a joint security advisory, the Cybersecurity Infrastructure and Security Agency (CISA) and FBI warned that AvosLocker has targeted multiple critical industries across the US as recently as May, using a wide variety of tactics, techniques, and procedures (TTPs), including double extortion and the use of trusted native and open source software.

    The AvosLocker advisory was issued against a backdrop of increasing ransomware attacks across multiple sectors. In a report published Oct. 13, cyber-insurance company Corvus found a nearly 80% increase in ransomware attacks over last year, as well as a more than 5% increase in activity month-over-month in September.

    What You Need to Know About AvosLocker Ransomware Group

    AvosLocker does not discriminate between operating systems. It has thus far compromised Windows, Linux, and VMWare ESXi environments in targeted organizations.

    It’s perhaps most notable for how many legitimate and open source tools it uses to compromise victims. These include RMMs like AnyDesk for remote access, Chisel for network tunneling, Cobalt Strike for command-and-control (C2), Mimikatz for stealing credentials, and the file archiver 7zip, among many more.

    The group also likes to use living-off-the-land (LotL) tactics, making use of native Windows tools and functions such as Notepad++, PsExec, and Nltest for performing actions on remote hosts.

    The FBI has also observed AvosLocker affiliates using custom Web shells to enable network access, and running PowerShell and bash scripts for lateral movement, privilege escalation, and disabling antivirus software. And just a few weeks ago, the agency warned that hackers have been double-dipping: using AvosLocker and other ransomware strains in tandem to stupefy their victims.

    Post-compromise, AvosLocker both locks up and exfiltrates files in order to enable follow-on extortion, should its victim be less than cooperative.

    “It’s all kind of the same, to be honest, as what we’ve been seeing for the past year or so,” Ryan Bell, threat intelligence manager at Corvus, says of…

    Source…