サイバーヴィッシュ テクノロジーなどに関する最新の洞察とトレンド テクノロジー
サイバーセキュリティ テクノロジー

LASTPASS – FACING SECURITY ISSUES AGAIN?

Lastpass- the password management solution which had the beliefs of thousands of users suddenly faced criticism on account of its security incident last month. Lastpass has a record of security incidents in 2011, 2015, 2016,2019,2021,2022.

続きを読む
silver and black laptop computer
サイバーセキュリティ テクノロジー

HP Enterprise Computers were left vulnerable to cyberattacks because of unpatched high-severity security vulnerabilities.

Security researchers have found hidden vulnerabilities in several models of HP’s Business-oriented notebooks that continue to be unpatched, (Sic) Binarily told listeners at the Black Code conference.It said that these flaws are “difficult to detect with TPM measurements.” Firmware flaws can have serious implications as they allow an adversary to achieve long-term persistence on a device running in the background, evading traditional operating system security protections. The high-severity vulnerabilities identified by Binarly affect HP EliteBook devices and concern a case of memory corruption in the System Management Mode (SMM) of the firmware, thereby enabling an attacker to execute arbitrary code with highest privileges – CVE-2022-23930 (CVSS score: 8.2) – Stack-based buffer […]

続きを読む
光を見ている青い目の女性
テクノロジー

Conti Cybercrime Cartel、「BazarCall」フィッシング攻撃を使用して被害者のコンピュータにアクセス

A trio of offshoots from the Conti cybercrime cartel are using a new type of phishing technique. In call back or callback phishing, attackers first use basic email hacking to get you to provide them with your network’s password and then they’ll exploit it further by getting in touch again over that same phone number spoofed message side channel attack vector. These targeted attacks were likely launched by Silent Ransom, Quantum and Roy/Zeon. They split from Conti after the ransomware-as-a-service (RaaS) cartel orchestrated its shutdown in May 2022 following a public support for Russia on the ongoing Russo-Ukrainian conflict. The advanced social engineering tactic BazaCall (BazarCall) was used by Conti […]

続きを読む
緑と青のボールのイラスト
テクノロジー

Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users

Security firms SEKOIA and Trend Micro uncovered a new campaign by a Chinese hacker group named Lucky Mouse. The hackers use malicious versions of cross-platform messaging app Line to backdoor systems. The malware is spread through a chat application named MiMi, which has its installer files compromised with HyperBro samples for Windows and rshell artifacts for Linux and macOS. As many as 13 different entities located in Taiwan and the Philippines have been at the receiving end of the attacks, eight of whom have been hit with rshell. The first victim of rshell was reported in mid-July 2021. Lucky Mouse has been active since 2013 and successfully gained access to […]

続きを読む
テクノロジー

Facebook to implement end-to-end encryption and encrypted backups for Messenger

Select users will be able to test end-to-end encryption on Facebook Messenger at the beginning of next week. “If you’re in the test group, some of your Messenger chats will be automatically encrypted. You won’t have to opt-in or out of this feature.” It is a year since Instagram, WhatsApp and Facebook Messenger were enabled for E2EE calls. The way encryption works is that it scrambles the data in transit, so no one can read them as they’re sent from your phone to WhatsApp’s servers. Meta-owned WhatsApp explains this process beautifully on their documentation page. In 2022, Facebook released the ability to have encrypted chats on Messenger. You needed to […]

続きを読む
テクノロジー

暗号通貨業界に対する政府の取り締まりが続く

In conclusion, the Dutch developer of the decentralized cryptocurrency mixing service, Tornado Cash, has been arrested on suspicion of hiding criminal financial flows and facilitating money laundering. This follows the U.S. sanctioning of the service just days earlier. This suggests that the decentralized nature of cryptocurrencies is not as secure as we thought, and that they are still vulnerable to government interference.

続きを読む