Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments
unit42.paloaltonetworks.com/siloscape/ In March 2021, I uncovered the first known malware targeting Windows containers, a development that is not surprising given the massive surge in cloud adoption over the past few years. I named the malware Siloscape (sounds like silo escape) because its primary goal is to escape the container, and in Windows this is implemented mainly by a server silo. Lisäksi:
Amazon Sidewalk: Cutting Through the Hype
isc.sans.edu/diary/rss/27502 Later this week (tomorrow?), Amazon will enable its new Sidewalk feature. The feature has already gotten a lot of bad press. Much of this comes from the fact that existing devices are automatically used as Sidewalk Gateways and users will have to opt-out. New devices may require a specific opt-in during setup.
The Autorité de la concurrence hands out a 220 millions fine to Google for favouring its own services in the online advertising sector
www.autoritedelaconcurrence.fr/en/article/autorite-de-la-concurrence-hands-out-eu220-millions-fine-google-favouring-its-own-services Following referrals from News Corp Inc., Le Figaro group and the Rossel La Voix group, the Autorité de la concurrence issues today a decision sanctioning Google, up to 220 million euros, for having abused its dominant position in the advertising server market for website and mobile applications publishers. Lisäksi:
Calling on you, 5G Experts! Join us on 5G Cybersecurity Certification
www.enisa.europa.eu/news/enisa-news/calling-on-you-5g-experts-join-us-on-5g-cybersecurity-certification The European Union Agency for Cybersecurity received earlier this year the request from the European Commission to prepare a new candidate certification scheme on 5G. The call launched today is intended to set up an ad hoc working group on 5G cybersecurity certification meant to support the Agency for the purpose of preparing the new EU 5G certification scheme.
Hacking space: How to pwn a satellite hacking an orbiting satellite is not light years away here’s how things can go wrong in outer space
www.welivesecurity.com/2021/06/07/hacking-space-how-pwn-satellite/ Getting root on something floating above our planet (or any other for that matter) would seem like a new form of hacking Holy Grail. Don’t worry though, someone’s already working on it believe it or not. Because when you break something in space, bad things happen. Just ask any space movie fan.
Hackers Breached Colonial Pipeline Using Compromised Password
www.bloomberg.com/news/articles/2021-06-04/hackers-breached-colonial-pipeline-using-compromised-password The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password, according to a cybersecurity consultant who responded to the attack. Lisäksi:
www.zdnet.com/article/the-cost-of-ransomware-around-the-globe-to-go-beyond-265-billion-in-the-next-decade/. The cost of ransomware attacks worldwide will go beyond $265 billion in the next decade. The cost of ransomware incidents worldwide is expected to spiral out of control, exceeding $265 billion by 2031.
Australians spent AU$26.5m in cryptocurrency to pay scammers in 2020
www.zdnet.com/article/australians-spent-au26-5m-in-cryptocurrency-to-pay-scammers-in-2020 Australians in 2020 reported losses to scams totalled AU$851 million, with AU$128 million lost to business email compromise (BEC), AU$8.4 million classed as remote access scams, and AU$3.1 million a result of identity theft. Lisäksi:
New Evil Corp ransomware mimics PayloadBin gang to evade US sanctions
www.bleepingcomputer.com/news/security/new-evil-corp-ransomware-mimics-payloadbin-gang-to-evade-us-sanctions/ The new PayloadBIN ransomware has been attributed to the Evil Corp cybercrime gang, rebranding to evade sanctions imposed by the US Treasury Department’s Office of Foreign Assets Control (OFAC).
Pelastakaa Lasten tuore julkaisu: Lapsista otettuja tavallisia arkipäiväisiä kuvia seksualisoidaan netissä
www.epressi.com/tiedotteet/sosiaaliset-kysymykset/pelastakaa-lasten-tuore-julkaisu-lapsista-otettuja-tavallisia-arkipaivaisia-kuvia-seksualisoidaan-netissa.html Pelastakaa Lasten tuottama “Arkipäiväiset kuvat lapsista seksualisoivassa kontekstissa” -julkaisu nostaa esiin huolestuttavan ilmiön siitä, että lapsista otettuja tavallisia, arkisia kuvia päätyy netissä seksualisoiviin konteksteihin. Lisäksi:
A new way to detect deepfake’ picture editing
www.lightbluetouchpaper.org/2021/06/07/a-new-way-to-detect-deepfake-picture-editing/ Common graphics software now offers powerful tools for inpainting using machine-learning models to reconstruct missing pieces of an image. They are widely used for picture editing and retouching, but like many sophisticated tools they can also be abused. They can remove someone from a picture of a crime scene, or remove a watermark from a stock photo. Could we make such abuses more difficult?