Researchers in China claim to have reached a breakthrough in quantum computing, figuring out how they can break the RSA public-key encryption system using a quantum computer of around the power that will soon be publicly available.
Breaking 2048-bit RSA — in other words finding a method to consistently and quickly discover the secret prime numbers underpinning the algorithm — would be extremely significant. Although the RSA algorithm itself has largely been replaced in consumer-facing protocols, such as Transport Layer Security, it is still widely used in older enterprise and operational technology software and in many code-signing certificates.
macOS may alert you when you’re trying to open or run a file, with an alert informing you that malware was detected. But what about in scans?
Music-streaming service Deezer has owned up to a data breach, after hackers managed to steal the data of over 200 million of its users.
We recently discovered ransomware, which performs MSDTC service DLL Hijacking to silently execute its payload. We have named this ransomware CatB, based on the contact email that the ransomware group uses. The sample was first uploaded to VT on November 23, 2022 and tagged by the VT community as a possible variant of the Pandora Ransomware. The assumed connection to the Pandora Ransomware was due to some similarities between the CatB and Pandora ransom notes. However, the similarities pretty much end there. The CatB ransomware implements several anti-VM techniques to verify execution on a “real machine”, followed by a malicious DLL drop and DLL hijacking to evade detection.
The ASEC analysis team recently discovered that a Linux malware developed with Shc has been installing a CoinMiner. It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed on the target system. Among those installed were the Shc downloader, XMRig CoinMiner installed through the former, and DDoS IRC Bot, developed with Perl.
A group of Chinese researchers have just published a paper claiming that they can—although they have not yet done so—break 2048-bit RSA. This is something to take seriously. It might not be correct, but it’s not obviously wrong.
More than 200 local governments, schools and hospitals in the U.S. were affected by ransomware in 2022, according to research conducted by cybersecurity firm Emsisoft.
The annual “State of Ransomware in the US” report found that 105 local governments; 44 universities and colleges; 45 school districts; and 25 healthcare providers operating 290 hospitals dealt with ransomware attacks last year.
Ukraine has achieved a cut-price version of what the Pentagon has spent decades and billions of dollars striving to accomplish: digitally networked fighters, intelligence and weapons.
A comprehensive analysis of the year's new malware
If you installed PyTorch-nightly on Linux via pip between December 25, 2022 and December 30, 2022, please uninstall it and torchtriton immediately, and use the latest nightly binaries (newer than Dec 30th 2022).
$ pip3 uninstall -y torch torchvision torchaudio torchtriton
$ pip3 cache purge
PyTorch-nightly Linux packages installed via pip during that time installed a dependency, torchtriton, which was compromised on the Python Package Index (PyPI) code repository and ran a malicious binary. This is what is known as a supply chain attack and directly affects dependencies for packages that are hosted on public package indices.
The U.S. military's Cyber Command hunted down foreign adversaries overseas ahead of this year's mid-term elections, taking down their infrastructure before they could strike, the head of U.S. Cyber Command said.
U.S. Army General Paul Nakasone said the cyber effort to secure the vote began before the Nov. 8 vote and carried through until the elections were certified.
"We did conduct operations persistently to make sure that our foreign adversaries couldn't utilize infrastructure to impact us," Nakasone, who is also the director of the U.S. National Security Agency, told reporters.
In a New Year's Eve apology, the LockBit ransomware gang has expressed regret for attacking Toronto's Hospital for Sick Children and sent a free decryptor so files can be unscrambled. According to Brett Callow, a B.C.-based threat analyst for Emsisoft, the gang posted a message on its site claiming the attack was the work of an affiliate and violated their rules.
With the ongoing war in Ukraine, in the Polish cyberspace, there are more and more occurrences classified as computer incidents, including attacks perpetrated by Russian hackers. This is a response of the Russian Federation to the Poland’s support provided to Ukraine and an attempt to destabilise the situation in our country.
New YouTube Bot Malware Spotted Stealing User’s Sensitive Information
Italians Users Targeted By PureLogs Stealer Through Spam Campaigns
Meet Toka, the Israeli cyber firm founded by Ehud Barak, that lets clients hack cameras and change their feeds – just like in Hollywood heist movies
The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.
Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.
Works on iOS 16.1.2 and below (tested on iOS 16.1) on unjailbroken devices.
A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.
In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center (MSTIC) observed activity targeting employees in organizations across multiple industries including media, defense and aerospace, and IT services in the US, UK, India, and Russia. Based on the observed tradecraft, infrastructure, tooling, and account affiliations, MSTIC attributes this campaign with high confidence to ZINC, a state-sponsored group based out of North Korea with objectives focused on espionage, data theft, financial gain, and network destruction.
