The 160+ Best Black Friday Deals of the Thousands We've … – The New York Times
The 160+ Best Black Friday Deals of the Thousands We’ve … The New York Times
Tag Archive for: Black
Chilean government warns of Black Basta ransomware attacks after customs incident
The government of Chile warned of ransomware attacks by a notorious gang of hackers after its customs department dealt with an incident on Tuesday.
Officials from Chile’s Servicio Nacional de Aduanas de Chile – the government department in charge of foreign trade, imports and more – said on Tuesday afternoon that they were able to prevent a cyberattack from progressing after discovering the incident.
“After detecting a security incident on our computer teams, we have taken all necessary preventive measures to not expose our computer teams and systems to potential vulnerabilities,” they said on several social media sites.
“All security measures and protocols established by the Computer Security Incident Response Team (CSIRT) of Ministerio del Interior y Seguridad Pública are already in place. Thanks to the work of our IT teams, this incident will not affect the operational continuity of the Service and we are taking all necessary measures to continue operating at the different control points in the country.”
In a follow-up message, the country’s Computer Security Incident Response Team (CSIRT) confirmed it was a ransomware attack and specified that the incident involved the Black Basta ransomware group — which has added dozens of new victims to its leak site this week.
The scope of the attacks is widening: BlackBasta adds two more Italian companies to its data leak site.
Intred (https://t.co/zYzrXSaieZ)
Piemme S.p.A. (https://t.co/C2PzpfScUR)In both of the published attacks, samples with numerous identification documents are provided.… https://t.co/AFdnK1Bakl pic.twitter.com/jT5kLXjuI6
— Stefano Favarato (@StefanoFavarato) October 17, 2023
The CSIRT warned all of the country’s government bodies that the ransomware was found “in a limited part of the digital infrastructure of the National Customs Service.”
They urged all government agencies to verify that backup copies of systems are protected and separated from the rest of the network. Agencies also need to audit the number of administrative accounts and more generally limit the number of people with administrative permissions.
They provided a range of other actions that should be taken as the…
DARPA is hosting a Black Hat contest to create cyber-security AI models
Forward-looking: The Black Hat Def Con conference portrays itself as an internationally recognized cybersecurity event showcasing the most “technical and relevant” information security research in the business. For the next two years, the event will host a DARPA-funded contest to put AI algorithms to work on the increasingly pressing software security problem.
DARPA’s Artificial Intelligence Cyber Challenge (AIxCC) is a two-year competition for the “best and brightest” minds in the AI field, the contest’s official site explains. The Pentagon’s research agency wants companies and experts to create novel AI systems; machine learning models designed to secure the critical software code that runs beneath financial systems, public utilities and other digital infrastructures enabling modern life.
Software runs everything these days, DARPA states, which unfortunately provides an “expanding” attack surface for cyber-criminals and other malicious actors. The new AI capabilities developed during the past decade have shown “significant potential” to help address key societal challenges like cybersecurity, the US agency says. AIxCC will reward people and organizations that can actualize this theoretical potential.
DARPA says it will award a cumulative $18.5 million in prizes to the teams with the best AI systems. An additional $7 million will be awarded to small business ventures taking part in the contest. With AIxCC, the US military is seeking the development of ML models capable of identifying, and maybe fixing, dangerous security flaws within critical software projects.
DARPA will work with “leading” AI companies Anthropic, Google, Microsoft, and OpenAI to give AIxCC competitors access to the most advanced technology and expertise. With their help, contestants will likely increase their chances of developing a true “state-of-the-art” cybersecurity system infused with AI algorithms. The Open Source Foundation will contribute as well, as most modern software needing protection is based on open-source code projects.
The AIxCC challenge has already started during this year’s Def Con conference held in Las Vegas. AI teams will compete in a series of preliminary trials during 2024, with the…
Black Hat Hacker Exposes Real Identity After Infecting Own Computer With Malware
A threat actor infected their own computer with an information stealer, which has allowed Israeli threat intelligence company Hudson Rock to uncover their real identity.
Using the online moniker ‘La_Citrix’, the threat actor has been active on Russian speaking cybercrime forums since 2020, offering access to hacked companies and info-stealer logs from active infections.
La_Citrix, Hudson Rock says, has been observed hacking into organizations and compromising Citrix, VPN, and RDP servers to sell illicit access to them.
The hacker, the cybersecurity firm says, was careless enough to infect their own computer with an information stealer and to sell access to the machine without noticing.
This allowed Hudson Rock to explore the cybercriminal’s computer, which had been used to perpetrate intrusions at hundreds of companies. The computer contained employee credentials at almost 300 organizations, and the browser stored corporate credentials used to perform hacks.
According to Hudson Rock, La_Citrix was employing information stealers to exfiltrate corporate credentials that were then used to access organizations’ networks without authorization.
Further analysis of the threat actor’s computer also helped the cybersecurity firm discover their real identity and their location.
“Data from La_Citrix’s computer such as ‘Installed Software’ reveals the real identity of the hacker, his address, phone, and other incriminating evidence such as ‘qTox’, prominent messenger used by ransomware groups, being installed on the computer,” Hudson Rock notes.
The threat intelligence company, which notes that it has knowledge of thousands of hackers who accidentally infected their own computers with malware, says it will forward the uncovered evidence to the relevant law enforcement authorities.
“This is not the first time we’ve identified hackers who accidentally got compromised by info-stealers, and we expect to see more as info-stealer infections grow exponentially,” the company notes.
Related: New Information Stealer ‘Mystic Stealer’ Rising to Fame
Related: North Korean Hackers Caught Using Malware With Microphone Wiretapping…