Cybercrime/malcode – Lifeboat News: The Blog

Dec 10
2021

Community of ethical hackers needed to prevent AI’s looming ‘crisis of trust’, experts argue

The Artificial Intelligence industry should create a global community of hackers and “threat modelers” dedicated to stress-testing the harm potential of new AI products in order to earn the trust of governments and the public before it’s too late.

This is one of the recommendations made by an international team of risk and machine-learning experts, led by researchers at the University of Cambridge’s Center for the Study of Existential Risk (CSER), who have authored a new “call to action” published today in the journal Science.

They say that companies building intelligent technologies should harness techniques such as “red team” hacking, audit trails and “bias bounties”—paying out rewards for revealing ethical flaws—to prove their integrity before releasing AI for use on the wider public.

Dec 10
2021

Microsoft researchers: We’ve trained AI to find software bugs using hide-and-seek

Microsoft creates an AI bug detector that learns to hunt for and fix bugs without being trained on data from real bugs.

Dec 9
2021

Google disrupts cybercrime web infecting 1 mn devices

Google said Tuesday it has moved to shut down a network of about one million hijacked electronic devices used worldwide to commit online crimes, while also suing Russia-based hackers the tech giant claimed were responsible.

The so-called botnet of infected devices, which was also used to surreptitiously mine bitcoin, was cut off at least for now from the people wielding it on the internet.

“The operators of Glupteba are likely to attempt to regain control of the botnet using a backup command and control mechanism,” wrote Shane Huntley and Luca Nagy from Google’s threat analysis group.

Dec 7
2021

Criminal hackers are now going after phone lines, too

One way or another, most phone calls these days involve the internet. Cybersecurity experts say that makes us vulnerable in ways we might not realize.

Dec 6
2021

Hackers take $196 million from crypto exchange Bitmart, security firm says

Hackers have taken $196 million from crypto trading platform Bitmart, a security firm said Saturday.

Bitmart confirmed the hack in an official statement Saturday night, calling it “a large-scale security breach” and writing that hackers withdrew about $150 million in assets. However, blockchain security and data analytics firm Peckshield estimates that the loss is closer to $200 million.

Bitmart added in a statement that all withdrawals had been temporarily suspended until further notice and said a thorough security review was underway.

Dec 6
2021

Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats

Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post.

Dec 4
2021

Futurists predict how we’ll one day eat, vacation and work

Forget about Mark Zuckerberg, Facebook and all the talk about a metaverse. The real future will be a world that is convenient and scary and fantastical — at least according to futurologists. As this year ends, here’s a glimpse at what life might be like … one day.

Facial recognition is already common for phones, but “In 30 years it’s quite possible that you will not use a key or even a credit card. You’ll use your face or iris to make purchases and open locks. Recognition will be that good,” said Martin Ford, author of “Rule of the Robots: How Artificial Intelligence will Transform Everything.”

“The scary thing, though, will be if someone hacks your biometric data. Right now you can call the bank to change your pin or cancel a credit card. But you can’t cancel your biometrics.”

Dec 4
2021

Pegasus maker probes reports its spyware targeted US diplomats

The Israeli spyware maker in the Pegasus surveillance scandal said Friday it was investigating reports the firm’s technology was used to target iPhones of some US diplomats in Africa.

Apple has begun alerting people whose phones were hacked by NSO’s spyware, which essentially turns handsets into pocket spying devices and sparked controversy this year after reportedly being used on activists, journalists and politicians.

“On top of the independent investigation, NSO will cooperate with any relevant government authority and present the full information we will have,” the firm said in a statement.

Dec 2
2021

Hackers Increasingly Using RTF Template Injection Technique in Phishing Attacks

Hackers have been increasingly using RTF Template Injection method in widespread phishing attacks.

Nov 28
2021

Rogue Miners Are Using Google Cloud Servers to Mine Cryptocurrencies

Google’s cybersecurity team warns that this is neither the first nor the last time.

Cryptomining is a very energy-intensive process with analysis by the University of Cambridge showing that Bitcoin consumes more electricity than the entire country of Argentina. Now, Google has released a new report stating that malicious cryptocurrency miners are using hacked Google Cloud accounts for mining purposes.

The report is called “Threat Horizons” and it aims to help organizations keep their cloud environments secure.

“While cloud customers continue to face a variety of threats across applications and infrastructure, many successful attacks are due to poor hygiene and a lack of basic control implementation. Most recently, our team has responded to cryptocurrency mining abuse, phishing campaigns, and ransomware,” wrote Google in an executive summary of the report.

“Given these specific observations and general threats, organizations that put emphasis on secure implementation, monitoring, and ongoing assurance will be more successful in mitigating these threats or at the very least reduce their overall impact.”

Full Story: