Tag Archive for: idea

Mysterious malware discovered on 30,000 new Macs – and researchers have no idea what it was designed to do

/in


Security researchers have discovered a piece of malware called Silver Sparrow on 30,000 Mac computers, including those with Apple’s latest M1 chips.

Instead, spreading across 153 countries, the malware is designed to deliver a payload that the researchers have yet not discovered.

It also has a system in place to self-destruct – hiding its existence totally.

As Ars Technica reports, infected computers check a server every hour to see if there are any new commands from malicious individuals to execute.

The malware is even stranger due to the fact it uses the macOS Installer JavaScript API to execute commands, which makes it hard to analyse the contents of the package.

When the malware is executed, all that the researchers found were two messages: for computers using Intel chips, the malware displays the words “Hello World!”, while for M1 Macs it says “You did it!”

The researchers hypothesise that these are simply placeholders for a later execution.

“We’ve found that many macOS threats are distributed through malicious advertisements as single, self-contained installers in PKG or DMG form, masquerading as a legitimate application—such as Adobe Flash Player—or as updates”, the researchers describe.

Apple has already revoked the binaries that could be mean users accidentally install the malware. The malware does not seem to have delivered any malicious payload, and the company emphasises that using its own Mac App Store is the safest place to get software for its computers Mac.

For programs downloaded outside the store Apple does use technical technical mechanisms including as the Apple notary service detect and block malware.

“To me, the most notable [thing] is that it was found on almost 30K macOS endpoints… and these are only endpoints the MalwareBytes can see, so the number is likely way higher,” says Patrick Wardle, a macOS security expert, according to Ars Technica.

“That’s pretty widespread… and yet again shows the macOS malware is becoming ever more pervasive and commonplace,…

Source…

After the SolarWinds Hack, We Have No Idea What Cyber Dangers We Face

/in


Months before insurgents breached the Capitol and rampaged through the halls of Congress, a stealthier invader was muscling its way into the computers of government officials, stealing documents, monitoring e-mails, and setting traps for future incursions. Last March—if not before, as a report by the threat-intelligence firm ReversingLabs suggests—a hacking team, believed to be affiliated with Russian intelligence, planted malware in a routine software upgrade from a Texas-based I.T. company called SolarWinds, which provides network-management systems to more than three hundred thousand clients. An estimated eighteen thousand of them downloaded the malware-ridden updates, which were embedded in a SolarWinds product called Orion. Once they did, the hackers were able to roam about customers’ networks, undetected, for at least nine months. “This threat actor has demonstrated sophistication and complex tradecraft in these intrusions,” the Cybersecurity and Infrastructure Security Agency (CISA) wrote, in its assessment of the breach. “CISA expects that removing the threat actor from compromised environments will be highly complex and challenging.” CISA, which is part of the Department of Homeland Security, is a SolarWinds client. So is the Pentagon, the Federal Bureau of Investigation, and U.S. Cyber Command.

By now, hacking has become so routine that it’s hardly remarkable. Each morning, I wake up to an e-mail from the cybersecurity firm Recorded Future, listing the hacking groups and targets that its algorithms have uncovered in the previous twenty-four hours. The hackers have cute names, such as Lizard Squad and Emissary Panda. Their targets are a mix of commercial businesses—such as Sony and Lord & Taylor—and government sites, including those of the State Department, the White House, the Air Force, and the Securities and Exchange Commission. Most days, I also get an alert from M.S.-ISAC, the Multi-State Information Sharing and Analysis Center, the real-time threat-reporting division of the nonprofit Center for Internet Security, disclosing newly discovered vulnerabilities. There is never a day when there aren’t numerous attacks and multiple software systems…

Source…

Everybody Is Designing Electric Car Chargers Wrong, But I Have an Idea – Jalopnik

/in

Everybody Is Designing Electric Car Chargers Wrong, But I Have an Idea  Jalopnik

You’ve seen a normal electric car charging station, right? The charging infrastructure isn’t really there yet, but it’s still likely you’ve seen one. They tend to be …

“Don’t Plug Your Phone into a Charger You Don’t Own” – read more

Is it still a good idea to publish proof-of-concept code for zero-days? – ZDNet

/in

Is it still a good idea to publish proof-of-concept code for zero-days?  ZDNet

More often than not, the publication of proof-of-concept (PoC) code for a security flaw, especially a zero-day, has led to the quick adoption of a vulnerability by …

“exploit kit” – read more