Security News > 2021 > April
A North Korean government-backed campaign targeting cybersecurity researchers with malware has re-emerged with new tactics in their arsenal as part of a fresh social engineering attack. In an update shared on Wednesday, Google's Threat Analysis Group said the attackers behind the operation set up a fake security company called SecuriElite and a slew of social media accounts across Twitter and LinkedIn in an attempt to trick unsuspecting researchers into visiting the company's booby-trapped website "Where a browser exploit was waiting to be triggered."
As the article notes Intel have an overly rich CISC system at the CPU ISA level, but in reality dropped the internal CISC von Numann architecture for a RISC Harvard architecture a very long time ago. The "Go faster stripes" mentality is what has given us the joys of those low level hardware faults like Meltdown and Spector that to solve require not just major changes in the low level "Register Transfer Language"(RTL) that underlies even the most basic of microcode, it more importantly takes ten's of percents of ISA level performance away from the user.
Brown University, a private US research university, had to disable systems and cut connections to the data center after suffering a cyberattack on Tuesday. The university's Computing & Information Services staff took "a number of aggressive steps to protect the University's digital resources, including shutting down connections to our central data center and systems within it."
UPDATE. The FBI and the Cybersecurity and Infrastructure Security Agency are warning that advanced persistent threat nation-state actors are actively exploiting known security vulnerabilities in the Fortinet FortiOS cybersecurity operating system, affecting the company's SSL VPN products. The bug tracked as CVE-2018-13379 is a path-traversal issue in Fortinet FortiOS, where the SSL VPN web portal allows an unauthenticated attacker to download system files via specially crafted HTTP resource requests.
AT&T's public safety network picks up new features, including full tower-to-core encryption and a custom 5G setup. FirstNet, the dedicated public safety cell carrier, is adding 5G support and new encryption for user data.
Asteelflash, a leading French electronics manufacturing services company, has suffered a cyberattack by the REvil ransomware gang who is demanding a $24 million ransom. Asteelflash is a world-leading French electronics manufacturing services company that specializes in the design, engineering, and printing of printed circuit boards.
Activision, the company behind Call of Duty: Warzone, has issued a warning that a threat actor is taking out ads for cheat tools, which instead turn out to be remote-access trojan malware. The scam was first floated in March when a cyberattacker posted in hacking forums that they had a free, "Newbie-friendly" method for spreading a RAT: Convince victims the malware is a video game cheat, Activision said in its warning.
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency warn of advanced persistent threat actors targeting Fortinet FortiOS servers using multiple exploits. In the Joint Cybersecurity Advisory published today, the agencies warn admins and users that the state-sponsored hacking groups are "Likely" exploiting Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591.
The popular Twitch AdBlock extension has been removed from both Chrome Web Store and Firefox Addons site. Twitch AdBlock was the choice of extension among Twitch users for restricting ads when using Twitch.
The first function that we see defined in this PowerShell code is named sOH, which is not very descriptive. All of these function and variable names seem to be random and obfuscated, but we can make sense of them by reading the definition of the function.