Tag Archive for: Helps

FBI Boston helps crack Russian cyber hackers

/in


The FBI in Boston has helped crack a Russian-backed “Moobot” malware hack intended to steal government and corporate secrets.

The FBI reported Thursday that a tip from Ukrainian allies, among others, helped unravel the Russian ruse.

The Russian GRU Military Unit 26165 — who pose as government and international organizations — travel and enter computer systems via routers where they “conceal and otherwise enable a variety of crimes,” the FBI said.

The hackers hunt for credentials while seeking intelligence the Russian covet. The Moobot malware was installed on Ubiquiti Edge OS routers, the agency added, turning the computer networks into a “global cyber espionage platform.”

Firewalls were updated to block the malware to limit the damage, the FBI said.

“Operation Dying Ember was an international effort led by FBI Boston to remediate over a thousand compromised routers belonging to unsuspecting victims here in the United States and around the world that were targeted by malicious, nation state actors in Russia to facilitate their strategic intelligence collection,” said Special Agent in Charge Jodi Cohen of the FBI Boston Division.

This all comes as Russia has obtained a “troubling” emerging anti-satellite weapon, the White House announced Thursday.

“We’re not talking about a weapon that can be used to attack human beings or cause physical destruction here on Earth,” White House national security spokesman John Kirby said, according to the Associated Press.

Source…

AI aids nation-state hackers but also helps US spies to find them, says NSA cyber director

/in


Nation state-backed hackers and criminals are using generative AI in their cyberattacks, but U.S. intelligence is also using artificial intelligence technologies to find malicious activity, according to a senior U.S. National Security Agency official.

“We already see criminal and nation state elements utilizing AI. They’re all subscribed to the big name companies that you would expect — all the generative AI models out there,” said NSA director of cybersecurity Rob Joyce, speaking at a conference at Fordham University in New York on Tuesday. “We’re seeing intelligence operators [and] criminals on those platforms,” said Joyce.

“On the flip side, though, AI, machine learning [and] deep learning is absolutely making us better at finding malicious activity,” he said.

Joyce, who oversees the NSA’s cybersecurity directorate tasked with preventing and eradicating threats targeting U.S. critical infrastructure and defense systems, did not speak to specific cyberattacks involving the use of AI or attribute particular activity to a state or government. But Joyce said that recent efforts by China-backed hackers to target U.S. critical infrastructure — thought to be in preparation for an anticipated Chinese invasion of Taiwan — was an example of how AI technologies are surfacing malicious activity, giving U.S. intelligence an upper hand.

“They’re in places like electric, transportation pipelines and courts, trying to hack in so that they can cause societal disruption and panic at the time in place of their choosing,” said Joyce.

Joyce said that China state-backed hackers are not using traditional malware that could be detected, but rather exploiting vulnerabilities and implementation flaws that allow the hackers to gain a foothold on a network and appear as though they are authorized to be there.

“Machine learning, AI and big data helps us surface those activities [and] brings them to the fore because those accounts don’t behave like the normal business operators on their critical infrastructure, so that gives us an advantage,” Joyce said.

Joyce’s comments come at a time where generative AI tools are capable of producing convincing computer-generated text and imagery and are increasingly used…

Source…

What Is Hashing? How Does Hash Key Work And Salting Helps It?

/in


Safeguarding your data and personal information has never been more important than today and hashing is a widely used method that acts as a guardian for our passwords and other types of sensitive information.

Hashing is a crucial element in modern cybersecurity, quietly safeguarding sensitive data and ensuring the integrity of digital information. At its core, hashing is a process that takes an input, referred to as a ‘key,’ and transforms it into a fixed-length string of characters known as a ”hash.” What makes hashing indispensable is its ability to provide a unique digital signature for data, allowing any alterations to be quickly detected.

The fundamental concept behind hashing revolves around the use of a mathematical algorithm called a hash function. This algorithm is designed to meet specific criteria: it must produce a consistent output length, be deterministic, efficient, exhibit the avalanche effect, and possess preimage resistance. These criteria ensure the reliability and security of the hash.

Let us go through why is hashing so important in today’s cybersecurity and how it is implemented in various fields.

What is hashing and salting
Hashing is a vital method for safeguarding personal data and passwords in today’s cybersecurity (Image credit)

What is hashing?

Hashing is a process that takes an input, often referred to as a ‘key,’ and transforms it into a fixed-length string of characters, known as a ”hash”. This hash is typically much shorter than the original input. The core components of hashing include:

  1. Hash function: At the heart of hashing is the hash function, which is an algorithm responsible for performing the transformation. A good hash function should meet specific criteria:
    • It should take an input of any size and produce a fixed-length output (e.g., 256 bits).
    • It should be deterministic, meaning the same input will always yield the same hash.
    • It should be quick to compute.
  2. Uniqueness: Ideally, different inputs should produce unique hashes. While it’s theoretically possible for two different inputs to yield the same hash (a collision), modern hash functions are designed to minimize this occurrence
  3. Irreversibility: Hashing is a one-way process, meaning you cannot reverse a…

Source…

Firmware Vulnerability in Chips Helps Hackers Take Control of Systems

/in


A security company has found hardware vulnerabilities that, if cracked, can give hackers control over systems.

The vulnerability, disclosed by Binarly Research, allows an attacker to gain control of the system by modifying a variable in non-volatile memory, which stores data permanently, even when a system is turned off.

The modified variable will compromise the secure boot phase of a system, and an attacker can gain persistent access to compromised systems once the exploit is in place, said Alex Matrosov, the founder and CEO of Binarly, which offers open source tools to detect firmware vulnerabilities.

“Basically, the attacker can manipulate variables from the operating system level,” Matrosov said.

Firmware Vulnerability Opens the Door

Secure boot is a system deployed in most PCs and servers to ensure that devices start properly. Hackers can take control of the system if the boot process is either bypassed or under their control.

But in order to manipulate the variables, a user would need privileged access to the system. Users may need to have administrator access to Linux or Windows systems. The malicious code executes before the operating system is loaded.

“The firmware piece is important because the attacker can gain very, very interesting persistence capabilities, so they can play for the long term on the device,” Matrosov said.

The vulnerability is like leaving a door open — a hacker can gain access to system resources as and when they please when the system is switched on, Matrosov said.

The vulnerability is notable because it affects processors based on the ARM architecture, which are used in PCs, servers, and mobile devices. A number of security problems have been discovered on x86 chips from Intel and AMD, but Matrosov noted that this disclosure is an early indicator of security flaws existing in ARM chip designs.

Qualcomm Warns About Snapdragon

The problem springs from a vulnerability affecting Qualcomm’s Snapdragon chipsets, which the chip company disclosed on Jan. 5.

Qualcomm’s Snapdragon chips are used in laptops and mobile devices. The vulnerabilities could affect a wide range of those devices using Unified Extensible Firmware Interface (UEFI) firmware with Snapdragon…

Source…