Lifeboat Foundation

A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims’ passwords, and ultimately breach networks for ransomware attacks.

Over the past couple of weeks, cybersecurity researchers MalwareHunterTeam, Germán Fernández, and Will Dormann have illustrated how Google search results have become a hotbed of malicious advertisements pushing malware.

These ads pretend to be websites for popular software programs, like LightShot, Rufus, 7-Zip, FileZilla, LibreOffice, AnyDesk, Awesome Miner, TradingView, WinRAR, and VLC.

The FBI has concluded its investigation on the $100 million worth of ETH heist that hit Harmony Horizon in June 2022 and validated that the hackers responsible for it are the Lazarus group and APT38.

Polymorphic malware could be easily made using ChatGPT. With relatively little effort or expenditure on the part of the attacker, this malware’s sophisticated capabilities can readily elude security tools and make mitigation difficult.

Malicious software called ‘Polymorphic Malware’ has the capacity to alter its source code in order to avoid detection by antivirus tools. It is a very potent threat because it may quickly change and propagate before security systems can catch it.

According to researchers, getting around the content filters that prevent the chatbot from developing dangerous software is the first step. The bot was instructed to complete the task while adhering to a number of constraints, and the researchers were given a working code as an outcome.

Sometimes, ChatGPT made “surprising” mistakes in school-level math.

Microsoft-backed OpenAI’s AI chatbot ChatGPT has been making headlines ever since it was released to the public on November 30. It can break down complex scientific concepts, compose poems, write stories, code, and create malware…the list is endless. OpenAI has also released a paid version of the chatbot. Known as ‘ChatGPT Professional’, it is available at $42 per month.

Bauna/iStock.

Continue reading “ChatGPT passes Wharton Business School’s MBA exam, gets a B” »

In recent years, many computer scientists have been exploring the notion of metaverse, an online space in which users can access different virtual environments and immersive experiences, using VR and AR headsets. While navigating the metaverse, users might also share personal data, whether to purchase goods, connect with other users, or for other purposes.

Past studies have consistently highlighted the limitations of password authentication systems, as there are now many cyber-attacks and strategies for cracking them. To increase the security of users navigating the metaverse, therefore, password-based authentication would be far from ideal.

This inspired a team of researchers at VIT-AP University in India to create MetaSecure, a password-less authentication system for the metaverse. This system, introduced in a paper pre-published on arXiv, combines three different authentication techniques, namely device attestation, facial recognition and physical security keys.

Get your eyepatch out: Cyber attacks on the high seas are trending.

A scientist is now aiming to prove that The Matrix is based on fact, and that the simulation we live in can be hacked.

A new privilege escalation vulnerability has been identified in the Linux kernel by researcher Davide Ornaghi. This vulnerability might enable a local attacker to execute code on vulnerable computers with elevated rights if the kernel is installed on those systems. Additionally, Davide published the proof-of-concept and the write-up. The vulnerability, which has been assigned the tracking number CVE-2023–0179, is a stack-based buffer overflow that exists in the Netfilter subsystem. An authorized attacker might exploit this issue to get elevated privileges as root if the attacker executed a program that had been carefully written for the purpose.

The Linux kernel has a framework known as netfilter that enables a variety of networking-related actions to be performed in the form of individualized handlers. This may be accomplished by filtering incoming network packets. Netfilter provides the functionality necessary for directing packets through a network and preventing packets from reaching sensitive locations within a network by offering a variety of functions and operations for packet filtering, network address translation, and port translation. [1] These features allow Netfilter to provide the functionality required for directing packets through a network.

Continue reading “A new privilege escalation vulnerability in the Linux kernel, enables a local attacker to execute malware on vulnerable systems” »

A group of hackers was able to take control of a decommissioned satellite and use it to stream a hacking conference’s talks and hacker movies.

On Saturday, at the DEF CON hacking conference in Las Vegas, Karl Koscher, one of the members of a hacking enthusiasts group called Shadytel, explained how he and his friends were able to legally stream from a satellite in geostationary orbit—35,786 km or 22,236 miles from the surface of the planet.

The satellite had been decommissioned and was about to be sent to the so-called “graveyard orbit,” a far-away orbit where satellites go to die.

Continue reading “Hackers Took Over a Commercial Satellite to Broadcast Hacker Movies” »