benjamin

  Amazon: Charities, aid orgs in Ukraine attacked with malware Charities and non-governmental organizations (NGOs) providing support in Ukraine are targeted in malware attacks aiming to disrupt their operations and relief efforts seeking to assist those affected by Russia's war. Amazon did not name the organizations targeted in these attacks in a blog post published on Friday. "While we are seeing an increase in activity of malicious state actors, we are also seeing a higher operational tempo by other malicious actors.," Amazon said. "We have seen several situations where malware has been specifically targeted at charities, NGOs, and other aid organizations in order to spread confusion and cause disruption. "In these particularly egregious cases, malware has been targeted at disrupting medical supplies, food, and clothing relief." The company said it's working with the employees of multiple NGOs, charities, and aid organizations on humanitarian relief i...

  Type on all your devices with this multi-platform wireless keyboard deal Even before the rise of remote work and hybrid schedules, we lived in a multi-screen world where you'd have to pause while composing an email to write a text on another device. This multi-platform wireless keyboard is designed to travel with you and help you centralize your text input to one device. This keyboard starts with a travel and device friendly design. Just under .8" and 1.1 pounds, it can be placed in a laptop tote or a backpack without any appreciable weight with a rugged plastic casing. The top has a groove to serve as a kickstand for devices you're using, such as a tablet and phone, and can easily fit both portrait and landscape orientations. The quiet-key switches in a QWERTY layout allows use anywhere without distracting co-workers or adding to noisy environments. Inside the case, there's a battery that will last up to 40 hours with a six month stand-by time and a charging window ...

  Russia shares list of 17,000 IPs allegedly DDoSing Russian orgs The Russian government shared a list of 17,576 IP addresses allegedly used to launch distributed denial-of-service (DDoS) attacks targeting Russian organizations and their networks. The list was shared by the National Coordination Center for Computer Incidents (NKTsKI), an organization created by Russia's Federal Security Service (FSB), together with guidance to defend against the attacks and a second list containing attackers' referrer domain information. "The National Coordinating Center for Computer Incidents (NCCC) in the context of massive computer attacks on Russian information resources recommends taking measures to counter threats to information security," the Russian government agency said in a notice. While the list of IPs does not provide info on the attackers' identity, the list of domains points to European Union and US organizations, including the sites of the FBI and ...

  SharkBot malware hides as Android antivirus in Google Play SharkBot banking malware has infiltrated the Google Play Store, the official Android app repository, posing as an antivirus with system cleaning capabilities. Although the trojan app was far from popular, its presence in Play Store shows that malware distributors can still bypass Google's automatic defenses. The app is still present in Google's store at the moment of writing. The laced Android application that carries SharkBot Publisher details on the Play Store SharkBot was discovered in Google Play by researchers at the NCC Group, who today published a detailed technical analysis of the malware. What can SharkBot do? The malware was first discovered by Cleafy in October 2021. Its most significant feature, which set it apart from other banking trojans, was transfering money via Automatic Transfer Systems (ATS). This was possible by simulating touches, clicks, and button presses on compromised devices. NCC repor...

  Malware now using NVIDIA's stolen code signing certificates Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. This week, NVIDIA confirmed that they suffered a cyberattack that allowed threat actors to steal employee credentials and proprietary data. The extortion group, known as Lapsus$, states that they stole 1TB of data during the attack and began leaking the data online after NVIDIA refused to negotiate with them. Lapsus$ messages about the NVIDIA attack The leak includes two stolen code-signing certificates used by NVIDIA developers to sign their drivers and executables. A code-signing certificate allows developers to digitally sign executables and drivers so that Windows and end-users can verify the file's owner and whether they have been tampered with by a third party.  To increase security in Windows, Microsoft also requires kernel-mode drivers to be code signed be...

  Adafruit discloses data leak from ex-employee's GitHub repo Adafruit has disclosed a data leak that occurred due to a publicly-viewable GitHub repository. The company suspects this could have allowed "unauthorized access" to information about certain users on or before 2019. Based in New York City, Adafruit is a producer of open-source hardware components since 2005. The company designs, manufactures, and sells electronics products, tools, and accessories. Ex-employee's GitHub repo had real customer data On Friday, March 4th, Adafruit announced that a publicly-accessible GitHub repository contained a data set comprising information on some user accounts. This information included: names email addresses shipping/billing addresses order details order placement status via payment processor or PayPal The data set, according to Adafruit, did not contain any user passwords or financial information such as credit cards. However, the exposure of real user da...