Lifeboat Foundation

WHETHER you’re an Android fan or an iPhone lover, you should be wary of a common text message scam.

It’s called “smishing” and has been flagged by the experts at Security Intelligence as a growing problem.

Smishing is essentially the same as phishing, the common email scam technique that tries to get you to give away personal data.

A cybersecurity technique that shuffles network addresses like a blackjack dealer shuffles playing cards could effectively befuddle hackers gambling for control of a military jet, commercial airliner or spacecraft, according to new research. However, the research also shows these defenses must be designed to counter increasingly sophisticated algorithms used to break them.

Many aircraft, spacecraft and weapons systems have an onboard computer network known as military standard 1,553, commonly referred to as MIL-STD-1553, or even just 1553. The network is a tried-and-true protocol for letting systems like radar, flight controls and the heads-up display talk to each other.

Securing these networks against a cyberattack is a national security imperative, said Chris Jenkins, a Sandia cybersecurity scientist. If a hacker were to take over 1,553 midflight, he said, the pilot could lose control of critical aircraft systems, and the impact could be devastating.

The United States Marshals Service (USMS) was hit with a ransomware attack the agency said in a statement. The incident occurred on February 17, and “officials determined that it constitutes a major incident,” according to an agency spokesperson.

Ransomware is a type of malware that locks up computer systems until a “ransom” is paid to unlock the system.

Already smarting from a breach that put partially encrypted login data into a threat actor’s hands, LastPass on Monday said that the same attacker hacked an employee’s home computer and obtained a decrypted vault available to only a handful of company developers.

Although an initial intrusion into LastPass ended on August 12, officials with the leading password manager said the threat actor “was actively engaged in a new series of reconnaissance, enumeration, and exfiltration activity” from August 12 to August 26. In the process, the unknown threat actor was able to steal valid credentials from a senior DevOps engineer and access the contents of a LastPass data vault. Among other things, the vault gave access to a shared cloud-storage environment that contained the encryption keys for customer vault backups stored in Amazon S3 buckets.

Pierce, an artist whose work critically engages with weaponized emerging technologies, recently unveiled their latest ingenious project—an everyday hoodie retrofitted to include an array of infrared (IR) LEDs that, when activated, blinds any nearby night vision security cameras. Using mostly off-the-shelf components like LumiLED lights, an Adafruit microcontroller, and silicone wire, as well as we software Pierce that made open-source for interested DIYers, the privacy-boosting “Camera Shy Hoodie” is designed to enable citizens to safely engage in civic protests and demonstrations. Or, wearers can just simply opt-out of being tracked by unknown third-parties while walking down the street.

A DIY hack for hoodies emits infrared LEDs to obscure wearers’ faces from invasive surveillance camera tracking.

A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk (VHD) files, marking a deviation from the ISO optical disc image format.

“These VHD files are being distributed with filenames that make them appear like either hacks or cracks for Nintendo and Steam games,” AhnLab Security Emergency response Center (ASEC) said in a report last week.

ChromeLoader (aka Choziosi Loader or ChromeBack) originally surfaced in January 2022 as a browser-hijacking credential stealer but has since evolved into a more potent, multifaceted threat capable of stealing sensitive data, deploying ransomware, and even dropping decompression bombs.

Materials research organizations in Asia have been targeted by a previously unknown threat actor using a distinct set of tools.

Symantec, by Broadcom Software, is tracking the cluster under the moniker Clasiopa. The origins of the hacking group and its affiliations are currently unknown, but there are hints that suggest the adversary could have ties to India.

This includes references to “SAPTARISHI-ATHARVAN-101” in a custom backdoor and the use of the password “iloveindea1998^_^” for a ZIP archive.

Ben Goertzel in response to some common objections covered in an article on io9 by George Dvorsky ‘You’ll Probably Never Upload Your Mind Into A Computer’: http://io9.com/you-ll-probably-never-upload-your-mind-into-a-computer-474941498

Objections are covered in order as they appear in the article:
1. Brain functions are not computable.
2. We’ll never solve the hard problem of consciousness.
3. We’ll never solve the binding problem.
4. Panpsychism is true.
5. Mind-body dualism is true.
6. It would be unethical to develop.
7. We can never be sure it works.
8. Uploaded minds would be vulnerable to hacking and abuse.

Continue reading “Ben Goertzel — Countering Objections to Mind Uploading” »

Enterprises looking to get ahead of data breaches and data leaks can benefit from using dark web monitoring tools and scan for personally identifiable information and even respond to attacks. Here is a list of 10 such tools.