Tag Archive for: Tony

What does $5,000 buy you on a hacking forum? – Week in security with Tony Anscombe

/in


A bootkit that ESET researchers have discovered in the wild is the BlackLotus UEFI bootkit that is being peddled on hacking forums

For a mere $5,000, you can buy a UEFI bootkit called BlackLotus that can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled. This week, ESET researchers published their analysis of BlackLotus that caused them to conclude that the bootkit they had discovered in the wild is indeed the BlackLotus bootkit peddled on hacking forums.

Now, what exactly can the bootkit do on the victim’s computer and why is it a major threat? Find out in the video.

Be sure to check out the full technical write-up here: BlackLotus UEFI bootkit: Myth confirmed

Source…

Google and Apple both release patches against zero‑day vulnerabilities – Week in security with Tony Anscombe

/in


Zero-day vulnerabilities are super active and Google and Apple are acting to patch these vulnerabilities, some of which seen on-the-wild.

Google and Apple are both release patches for zero-day vulnerabilities that have already been exploited in the wild. ESET cybersecurity expert Tony Anscombe explains what those vulnerabilities are in simpler words, and reiterate the importance of keeping all your apps and devices up-to-date to stay cybersafe.

Watch the video to learn more.

Source…

Mike Wimmer: The Real Tony Stark Working For Special Operations?

/in


In an age of rapidly changing technology, where tech becomes obsolete almost as soon as it hits the shelves, staying on top of the wave is the only way to keep from being rolled over. Mike Wimmer is doing a good job of riding that wave.

Mike Wimmer is an American entrepreneur. He has some exciting ideas on artificial intelligence the US government is interested in. His achievements include being Valedictorian at his high school graduation, starting two tech companies, having membership in Mensa, Congressional briefings, and being coined by the United States Special Operations Command’s (USSOCOM) directorate of science and technology. Did I mention he’s 13 years old?

Mike Wimmer, Entrepreneur. (Photo from nexterainnovations.com)

Real (Young) Genius

About the same age you and I were learning not to finger paint with the contents of our diapers, Mike was learning trigonometry. While we were playing with Hot Wheels cars, Mike was too, developing computer algorithms to recognize his Hot Wheels. At the same age, I was standing against the wall, too nervous to ask a girl to dance at Homecoming; Mike was signing contracts with USSOCOM. Where did I go wrong?

Oh, wait, I didn’t. I spent long years reaching this point, where I could tell you about Mike Wimmer, the cool things he is doing, and how expertise like his is how the US military is stepping into the new millennium. We each have our roles in this life. Mike’s role is different than mine. Or yours. Or most everyone else.

Global Shift to Technological Warfare

In recent articles, the SOFREP team has brought you more information about the future of artificial intelligence in warfare. Technological leaps in global warfare have brought China to the top of the news cycle. Russian hackers appear to have access to nearly every network on the planet (and beyond). Every military branch and office within the US government has a cyber operations division. Globally connected systems are here to stay.

Real-time cyber attacks, including information on the attack’s origin, type, and target, as well as the attacker’s IP address, geographic location, and ports being utilized, are displayed on the Norse attack map on the 275th Cyberspace…

Source…

Messenger: Missouri has an award-winning cybersecurity team. Why is Parson calling such work a crime? | Tony Messenger

/in


That’s what the news release with the dead link says. I copied and pasted the link into an internet site called the “Wayback Machine,” which captures websites in real time, so that when future links go dead, for whatever reason, the information is still archived. Here’s what it says about why state workers looked at publicly available HTML code at government and private business sites:

“The program identifies high-risk systems that, if left insecure, could lead to disruptions within critical infrastructure or significant data loss, and contacts the owners of the impacted systems to mitigate risks. … The primary business goal of this program is to protect the critical infrastructure belonging to governments, businesses, utilities, and academic institutions across the State of Missouri. Critical infrastructure provides the foundation of many life sustaining services such as healthcare, government, public safety, energy, transportation, communication, food/agriculture, and manufacturing. Keeping these services available around the clock are critical to today’s way of life. A secondary business goal is to safeguard the data belonging to Missouri citizens, students, and customers. Our data lives online as much as we do, and to safeguard it has become essential to prevent identify theft, financial loss, and brand reputation impact.”

This is the same sort of motivation that drives data journalists to check state websites, and, when they find something that could lead to citizens’ personal information being insecure, letting government officials know of the potential weakness. That’s what Renaud found out. He discovered the state’s Department of Elementary and Secondary Education was storing social security numbers of teachers in publicly available HTML code. Then he told the state about it so they could fix the problem.

Source…