Subterms
Image: Shutterstock / fizkes Malware delivered to email accounts rose 196% in 2021 year on year, according to cybersecurity firm Trend Micro, which warns that email remains a major avenue for criminals looking to deliver malware and phish account credentials. Some 74.1% of the all threats blocked by Trend Micro in 2021 were email threats versus […] More
The Linux Foundation At the 2022 Open Source Summit in Austin, Tx, The Linux Foundation, the leading open source, non-profit group with its partners, and Snyk, a leading developer security company, released their first joint research report, The State of Open Source Security, uncovered worrying news. 41% of organizations are not confident in their open source software security. […] More
Ukrainian organizations have been subjected to new hacking attempts tailored to drop malware and malicious Cobalt Strike beacons onto their networks. On June 20, the Computer Emergency Response Team for Ukraine (CERT-UA) published two advisories on the hacking incidents, suspected of being the work of threat groups APT28 — also known as Fancy Bear — and UAC-0098.The phishing campaign, conducted by Russian advanced persistent threat (APT) APT28, sees it attempting to spread a malicious document titled, “Nuclear Terrorism A Very Real Threat” Distribution is suspected of being carried out on June 10. UAC-0098’s hacking attempts also begins with a malicious email. The phishing messages have a malware document attached, “Imposition of penalties.docx,” and its distribution has been described as “persistent” with an original compilation date of June 16. This document is also spread through a password-protected archive, fraudulently passed off as communication from Ukraine’s tax office, with the subject line: “Notice of non-payment of tax.” When opened, both documents automatically download an HTML file that initiates malicious JavaScript code containing an exploit for CVE-2022-30190. Issued a CVSS severity score of 7.8, CVE-2022-30190 is a remote code execution (RCE) vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT). The vulnerability, patched but exploited in the wild, first emerged as a zero-day flaw in May. If the target system has not been protected, victims of Fancy Bear’s attacks will find their systems infected with the CredoMap malware. According to Malwarebytes, CredoMap is an information stealer able to exfiltrate browser data, cookies, and account credentials. Older variants of the malware have previously been used by APT28 against Ukrainian targets. The tax-related doc, however, deploys Cobalt Strike beacons. Cobalt Strike is a legitimate, commercial penetration testing tool that has, unfortunately, been abused for malicious purposes by cyberattackers for many years. The tool’s beacon functionality can facilitate remote connections and can be used for the deployment of shellcode and malware. Since Russia’s invasion of Ukraine began, CERT-UA has pivoted its focus to warning against cyberthreats impacting both Ukrainian businesses and residents. Many campaigns are trying to take advantage of the situation, whether on behalf of the Russian state or just as run-of-the-mill attackers trying to make a profit. The agency has previously warned organizations of Ghostwriter phishing campaigns, Invisimole activities tied to the Russian APT Gamaredon, and frequent misinformation schemes targeting Ukraine’s residents. CERT-UA has also alerted Ukrainian media agencies to phishing campaigns, potentially conducted by the Russian Sandworm hacking group, intended to spread the CrescentImp malware. Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More
Image: Shutterstock Microsoft has revealed how artificial intelligence (AI) technologies are used in the fight against ransomware. Ransomware is one of today’s most prolific and vicious digital threats. Ransomware families including Locky, WannaCry, NotPetya, and Cerber plague consumers and businesses alike, locking up infected systems and demanding payment in return for decryption keys, which may […] More
A phishing and fraud ring that stole millions from victims after duping them into handing over usernames and passwords for their bank accounts has been broken up following an operation by Europol, the Belgian Police and the Dutch Police. Raids that took place on June 21 2022 led to nine arrests in the Netherlands, and […] More
Image: Maria Diaz/ZDNet iPhone and Mac owners could soon bid farewell to online CAPTCHA challenges that aim to test whether you’re a human. Instead, they’ll get ‘Private Access Tokens’. Apple WWDC It looks like Apple will be the first to roll out the new technology, which is included in the first betas of iOS 16 […] More
It is premature to sound the death knell for current key cryptography, but there is an urgent need now to build up skillsets in quantum computing. This will ensure nations have the right knowledge to combat potential threats when the technology becomes viable in the near future. And that future may play out in the next five years as market players make significant strides in the field. IBM, for instance, said it planned to produce a quantum computer capable of clocking at least 4,000 qubits by 2025. This would push the technology past experimental stage, with organisations able to deploy quantum computers within the 2023 to 2025 timeframe, IBM said. Such progress underscored the need to ensure there were skillsets ready to tap and support future deployment of quantum computing, said Dell Technologies CTO John Roese. Noting that the tech community was ill-prepared for the emergence of cloud computing, he said there were professionals skilled in traditional programming languages such as C++, but there was a dearth of relevant skillsets to leverage cloud-native architectures. Businesses and universities realised this and made the effort to catch up, Reese said in an interview with ZDNet. While the industry managed to scrape through, he urged the need to learn from this mistake and prepare for the next shift. This would ensure governments and organisations were ready when quantum computers were commercially available.He said the technology field required a different set of skills as the programming language and build logic were different. Software frameworks and tool chains also were new, so the tech workforce including data scientists would have to adapt and build up new skillsets for quantum computing. Efforts here at least appear to be underway. Dell estimates that governments worldwide have committed upwards of $24 billion in research and development investments to establish competencies around quantum technology. This was significant, Roese said, considering the industry today was worth just $900 million in revenue. He added that Asian nations such as China, Singapore, and India were amongst those that had begun work to build up capabilities in quantum computing. In Singapore, such plans included focus on security and building quantum-safe networks. The government last month announced it was setting aside SG$23.5 million (17.09 million) to support three national platforms, parked under its Quantum Engineering Programme (QEP), for up to 3.5 years. These aimed to boost the country’s capabilities in quantum computing and ensure encryption technologies remained robust and able to withstand “brute force” attacks. The QEP also encompassed a quantum-safe network touted to showcase “crypto-agile connectivity” and support trials with both public and private organisations. First unveiled in February, the project aimed to enhance network security for critical infrastructures and had roped in 15 partners at launch, including ST Telemedia Global Data Centres, Cyber Security Agency, and Amazon Web Services. Singapore’s Deputy Prime Minister and Coordinating Minister for Economic Policies Heng Swee Keat said quantum technology could prove a “game changer”, as efforts were made to stay ahead of malicious actors amidst a cyber landscape that was fast evolving. Heng said: “Strong encryption is key to the security of digital networks. The current encryption standard, AES 256, has held up, as few have the computing power to use brute force to break the encryption. But this could change with quantum computing.” As quantum computers continued to achieve higher compute speeds million times faster than supercomputers, he said it was vital that Singapore invested in quantum engineering and research to stay ahead of potential threats.;Roese noted that while public key cryptography remained robust today, the threat quantum advancements presented was “real enough” and could pose certain risks in the future. Personal medical information and certain banking data, in particular, that were permanent records and would remain relevant 10 years down the road must stay secured against future threats. “So the risk isn’t about exposing the information now, but whether it is potentially vulnerable 10 years from now,” he said, adding that governments also would want to ensure communications between nation states remained secured decades on, as a breach could lead to a sticky geopolitical situation. He pointed to the need for tools to support crypto “agility”, which would allow organisation to decide what kind of data should be wrapped in post-quantum encryption.Asked where Dell fit in the quantum space, Roese said the tech vendor was not looking to produce quantum computers. Instead, it aimed to provide the tools and capabilities to piece together what was required to make such systems viable.Describing the end state for quantum computers as the “quantum sandwich”, he said Dell was working with key quantum players including IBM to determine the best way to architect and pull in conventional computer architectures, such as servers, so these could operate efficiently with quantum at the core. Part of Dell’s efforts here encompassed a hybrid emulation platform that could enable developers to run quantum applications on classical computing infrastructure. Roese said: “There are very few quantum computers being built today. To put one into production doesn’t involve just the quantum component, but the surrounding parts and you then need to operationalise it.”Dell hoped to drive this by “industrialising” the innovation and making it useable, he said, adding that it aimed to do so through its quantum simulation platform and hybrid quantum architecture systems. RELATED COVERAGE More
A Yodel delivery van making a delivery. Image: Getty Delivery company Yodel is experiencing service delays because of what it describes as a “cyber incident” affecting customer services and parcel tracking. “Yodel has experienced a cyber incident that has caused some disruption. We are servicing customers but tracking is currently impacted,” a Yodel spokesperson told […] More
