Tag Archive for: Fast

New Rorschach ransomware hits with unique features and very fast encryption

/in


Researchers warn of a new strain of ransomware dubbed Rorschach that doesn’t appear to be related to previously known threats and uses several unique features in its implementation, including one of the fastest file encryption routines observed so far.

“A behavioral analysis of the new ransomware suggests it is partly autonomous, spreading itself automatically when executed on a domain controller (DC) while it clears the event logs of the affected machines,” researchers from security firm Check Point said in a new report. “In addition, it’s extremely flexible, operating not only based on a built-in configuration but also on numerous optional arguments which allow it to change its behavior according to the operator’s needs.”

The Check Point researchers came across the ransomware strain while responding to a security incident at a US-based company. Later they realized that researchers from South Korean security firm AhnLab had previously documented a variant in February, but attributed it to the known DarkSide ransomware operation. Check Point believes this is incorrect and the confusion might be because there were similarities in the ransom notes dropped by the two threats, but not in every case. In other incidents, Rorschach dropped a ransom note similar to one used by another ransomware program, Yanluowang.

The variety in behavior exhibited by this ransomware program, which seems to have borrowed techniques and code from various other ransomware threats, led to the Check Point researchers naming it Rorschach after the popular psychological test where subjects can have different perceptions of the same inkblots shown to them.

Rorschach features DLL side-loading

In the incident investigated by Check Point, Rorschach was executed by exploiting a DLL side-loading vulnerability in a component of the Palo Alto Network’s Cortex XDR, a commercial security product. Specifically, the attackers dropped a copy of the Cortex XDR Dump Service Tool version 7.3.0.16740 together with a file named winutils.dll that serves as a loader for the ransomware.

DLL side-loading is a technique in which attackers plant a malicious DLL library with a particular name…

Source…

T-MOBILE THE RE CARRIER: ending autopay discount and putting you at risk!

/in



Redmi K60, Redmi K60 Pro with Snapdragon CPUs, 16GB RAM, up to 120W fast charging launched

/in


Redmi K60 Series
The new Redmi K60 series has finally been introduced by Redmi in China. The Redmi K60, Redmi K60 Pro, and Redmi K60E are part of the refreshed lineup. In this article, we’ll cover the specifications, features, and pricing details of the standard and Pro models. The Redmi K60 packs a Snapdragon 8 Plus Gen 1 chipset, while the Redmi K60 Pro is equipped with the latest Snapdragon 8 Gen 2 SoC. Both versions include impressive displays, batteries, and camera configurations. Read on to know more about their detailed specifications and pricing.

Redmi K60 specifications, features

Redmi K60 sports a 6.67-inch 2K AMOLED panel with a 3,200 x 1,440-pixel resolution, a 120Hz refresh rate, a 480Hz touch sampling rate, 12-bit P3 colour gamut, up to 1,400-nits maximum brightness, 1920Hz PWM dimming, HDR10+, and Dolby Vision support.

Redmi K60
Redmi K60
The Redmi K60 packs a Qualcomm Snapdragon 8+ Gen 1 chipset, coupled with Adreno GPU, up to 16GB of LPDDR5 RAM, and 512GB of UFS 3.1 storage. It draws power from a large 5,500mAh battery unit that supports 67W fast charging and 30W wireless charging. The phone runs Android 13-based MIUI 14 custom skin.

For photography, the handset features a triple rear camera setup that houses a 64MP primary sensor (6P lens, f/1.79 aperture) with OIS, an 8MP ultra-wide-angle shooter, and a 2MP macro lens. On the front, the Redmi K60 sports a 16MP camera sensor for selfies and video calls.

The device is equipped with an under-display fingerprint scanner for security, dual speakers, and an infrared sensor. In terms of connectivity, it supports 5G, 4G, dual-band Wi-Fi, NFC, Bluetooth, GPS, and a USB Type-C charging port.

Redmi K60 Pro specifications, features

The Pro model sports the same amazing display as the vanilla model with a 6.67-inch 2K panel, 120Hz refresh rate, 1920Hz PWM dimming, 1400-nits peak brightness, P3 colour gamut, and HDR10+ support.

Redmi K60 Pro
Redmi K60 Pro

The Redmi K60 Pro is powered by the Snapdragon 8 Gen 2 SoC, coupled with up to 16GB of LPDDR5x RAM, and 512GB of UFS 4.0 storage. The handset also packs a 5000mm² super large VC heat dissipation system. It is backed by a 5,000mAh battery with 120W fast wired charging and 30W wireless charging. It ships with Android…

Source…

Fast Company Is Back From the Dead After Being Hacked

/in


Screenshot of Fast Company's homepage

The news outlet announced its return loud and proud on its homepage.
Screenshot: Gizmodo / Fast Company

Bouncing back from a hack doesn’t always happen quickly, even at Fast Company. The business news outlet’s website (and its sister sites Inc.com and Mansueto.com) finally came back online on Wednesday afternoon, according to a blog post. The sites were shut down for eight days after Fast Co.’s content management system (CMS) was targeted in a cyber attack.

“I’d like to thank you for your patience…To be sidelined for more than a week was a difficult experience for our team,” wrote Fast Co. editor-in-chief, Brendan Vaughan, in yesterday’s blog post.

On September 25, a hacker remade the news outlet’s homepage, replacing each headline with an “obscene and racist message that proudly claimed credit for the intrusion,” as Vaughan explained it. Then, two days later, the hacker sent out Apple News alerts twice in quick succession with a very similar message, “N*****S TONGUE MY ANUS. THRAX WAS HERE.” The original homepage defacement displayed the same line preceded by “HACKED BY VINNY TROIA.”

Apple News responded by disabling Fast Co.’s channel, and the news outlet opted to shut down all of its sites.

In an unverified post on a hacker forum, the alleged perpetrator “Thrax” provided a lengthy explanation of how they conducted the breach, according to RestorePrivacy and Bleeping Computer. The post described how Thrax was able to easily bypass Fast Co.’s security protocols including HTTP authentication and a uniformly used default password of “pizza123.” According to the hacker, they were able to collect email addresses, usernames, and IP addresses from multiple employees as well as create their own account in the CMS with new credentials.

Without providing much detail, Fast Co. reported on Wednesday that it had conducted a thorough investigation of the breach, and determined “no customer or advertiser information was disclosing in connection with the CMS attack, and that we have taken steps to safeguard against further attacks.”

Source…