Tag Archive for: package

ZenRAT Malware Targets Windows Users Via Fake Bitwarden Password Manager Installation Package

/in


Windows operating systems are the target of new malware dubbed ZenRAT by U.S.-based cybersecurity company Proofpoint. The attackers built a website that impersonates the popular Bitwarden password manager; if accessed via Windows, the fake site delivers the ZenRAT malware disguised as Bitwarden software. It’s currently unknown if the malware is used by threat actors for cyberespionage or for financial fraud.

We’ll delve into the technical details and share more information from Proofpoint researchers, as well as provide tips on mitigating this ZenRAT malware threat.

Jump to:

What is ZenRAT malware, and what happens when it’s executed?

ZenRAT is malware developed in .NET. It was previously unreported and specifically targets Microsoft Windows operating systems. Once executed, the ZenRAT malware queries the system to gather information:

  • CPU and GPU names.
  • Operating system version.
  • RAM capabilities.
  • IP address and gateway IP address.
  • Installed software including antivirus.

The data is sent as a ZIP archive file to its command and control server, along with stolen browser data and credentials. The ZIP file contains two files named InstalledApps.txt and SysInfo.txt. Proofpoint told TechRepublic that they ” … observed ZenRAT stealing data from both Chrome and Firefox” and believe “It’s reasonable to assume that it would have support for most Chromium-based browsers.”

The malware executes several checks when running. For starters, it checks that it doesn’t operate from Belarus, Kyrgyzstan, Kazakhstan, Moldova, Russia or Ukraine.

Then, the malware ensures it doesn’t already run on the system by checking for a specific mutex and that the hard drive isn’t less than 95GB in size, which might indicate a sandbox system to the malware. It also checks for known virtualization products’ process names to verify it isn’t running in a virtualized environment.

Once the checks have been passed, the malware sends a ping command to be sure it’s connected to the internet, and checks if there is an update for the malware.

In addition, the malware has the ability to send its log files to the C2 server in clear text, probably for debugging…

Source…

UK to accelerate research on 5G and 6G technology as part of £110 million telecoms R and D package

/in


  • Three top UK universities awarded £28 million to develop next-generation 6G network technology
  • Groundbreaking £80 million fund to set up state-of-the-art UK Telecoms Lab in the West Midlands for testing network equipment
  • UK joins forces with Republic of Korea to solve power efficiency challenges in rollout of more innovative and secure networks

Research and development on next-generation 5G and 6G wireless technology and telecoms security is to be ramped up as part of a £110 million government investment.

In the package announced today, three top UK universities, University of York, University of Bristol and University of Surrey, will receive a share of £28 million to team up with major telecoms companies including Nokia, Ericsson and Samsung to design and build networks of the future such as 6G.

The move will bolster the UK’s status as a global leader in telecoms research and follows Ericsson and Samsung’s recent decision to set up cutting-edge 6G research centres in the UK. It will also support the roll out of lightning-fast 5G by making it easier for more firms to enter the market.

The universities will work with world-leading UK academics and industry players to ensure future network technologies, including 6G, are designed in a way that promotes a more diverse and innovative telecoms market, and brings an end to current network setups where all equipment within a network must be from a single supplier.

The package includes £80 million for a state-of-the-art UK Telecoms Lab being built in Solihull in the West Midlands. Under a new contract the government has signed with the National Physical Laboratory, the lab will act as a secure research facility for mobile network operators, suppliers and academics to research and test the security, resilience and performance of their 5G and, in the future, 6G network technology. The facility will also create dozens of specialised jobs in telecoms and cyber security for the region.

A new R and D partnership with the Republic of Korea has also kicked off, which aims to accelerate the deployment of Open RAN and associated technologies. The joint project, which will receive more than £3 million (including £1.2 million…

Source…

US to provide Ukraine with four more mobile artillery rocket systems in new $400 million Ukraine security assistance package

/in


The latest package is valued at $400 million and is drawing from Presidential Drawdown Authority funding only, meaning the US is sending weapons directly from US stockpiles of weapons.

The $400 million package includes four additional rocket systems, additional ammunition for those systems, three tactical vehicles to “recover equipment, support Ukrainian efforts to repair, resupply as the battle continues,” 1,000 rounds of 155 mm artillery ammunition, demolition munitions, counter battery systems, and spare parts and other equipment, the official said.

The 1,000 rounds of 155 mm artillery ammunition that the US is providing to Ukraine in this package is a “new type” of ammunition that the US has not provided to Ukraine previously, the official added.

“It has greater precision, it offers Ukraine precise targeting, precise capability for specific targets, it will save ammunition, it will be more effective due to the precision, so it’s a further evolution in our support for Ukraine in this battle for the Donbas,” the official said.

The US has provided Ukraine with 12 high mobility artillery rocket systems total with the commitment of these additional four systems, the official said. A senior military official said “upwards of 100” Ukrainians have been trained on the systems so far.

Reports that Russians have destroyed two high mobility artillery rocket systems systems are false, the official added.

“The ones that have already been provided are fully accounted for, Ukrainians are still using them in the fight,” the official said.

Source…

1&1 Versatel offers new internet package with security applications to business customers

/in



Germany’s 1&1 Versatel said it is offering the new Office Fast & Secure internet package for business customers, particularly small and medium-sized firms. The new internet service combines …

Source…