•   
  •   

Tech & Science Sophisticated malware attacks through routers

14:24  12 march  2018
14:24  12 march  2018 Source:   engadget.com

Melbourne beat Brisbane to keep their AFLW premiership hopes alive

  Melbourne beat Brisbane to keep their AFLW premiership hopes alive Melbourne kept their hopes of an AFLW premiership in 2018 alive after winning a pressure-packed clash against the in-form Brisbane Lions by six points.Midfield supremo Daisy Pearce added to her reputation as one of the competition’s premier players, booting two goals in the first quarter to set up the Demons victory. She did everything required of her on the night – even taking her turn in the ruck at stoppages around the ground.

Nicknamed Slingshot, the code spies on PCs through a multi-layer attack that targets MikroTik routers . The combination of this sophistication with the spying focus led Kaspersky to believe that it's likely the creation of a state agency -- it rivals the Regin malware GCHQ used to spy on Belgian

Sophisticated malware attacks through routers . 16:10 12 March 2018 Read: 2073. The combination of this sophistication with the spying focus led Kaspersky to believe that it's likely the creation of a state agency -- it rivals the Regin malware GCHQ used to spy on Belgian carrier

  Sophisticated malware attacks through routers © Provided by Engadget Security researchers at Kaspersky Lab have discovered what's likely to be another state-sponsored malware strain, and this one is more advanced than most. Nicknamed Slingshot, the code spies on PCs through a multi-layer attack that targets MikroTik routers. It first replaces a library file with a malicious version that downloads other malicious components, and then launches a clever two-pronged attack on the computers themselves. One, Canhadr, runs low-level kernel code that effectively gives the intruder free rein, including deep access to storage and memory; the other, GollumApp, focuses on the user level and includes code to coordinate efforts, manage the file system and keep the malware alive.

RED and Sharp team up on 8K monitor technology

  RED and Sharp team up on 8K monitor technology Cinema camera company RED is working with Sharp on new 8K technology, according to Phil Holland, a cinematographer who works closely with RED. The footage is below, but you won't be able to appreciate it in 8K unless you have a very fast computer (faster than mine) and a screen with 8K resolution. (WIth LG's 5K monitor sold by Apple, you could at least appreciate the superiority of 8K over 4K, though.

Nicknamed Slingshot, the code spies on PCs through a multi-layer attack that targets MikroTik routers . The combination of this sophistication with the spying focus led Kaspersky to believe that it’s likely the creation of a state agency — it rivals the Regin malware GCHQ used to spy on Belgian

Malware can effectively steal what you want, including keystrokes, network traffic, passwords and screenshots. It is not certain how Slingshot enters a system in addition to taking advantage of router management software, but Kaspersky pointed out several instances.

Kaspersky describes these two elements as "masterpieces," and for good reason. For one, it's no mean feat to run hostile kernel code without crashes. Slingshot also stores its malware files in an encrypted virtual file system, encrypts every text string in its modules, calls services directly (to avoid tripping security software checks) and even shuts components down when forensic tools are active. If there's a common method of detecting malware or identifying its behavior, Slingshot likely has a defense against it. It's no wonder that the code has been active since at least 2012 -- no one knew it was there.

The malware can effectively steal whatever it wants, including keyboard strokes, network traffic, passwords and screenshots. It's not certain how Slingshot gets into a system besides taking advantage of the router management software, but Kaspersky pointed to "several" instances

Google may launch Android P's developer preview in mid-March

  Google may launch Android P's developer preview in mid-March You might see a glimpse of Google's next mobile platform very, very soon. Evan Blass, a well-known source of tech leaks, has tweeted that Mountain View is targeting a mid-month release for Android P's first developer preview. We don't know what "P" stands for yet, but since March 14th is Pi Day, some people are speculating that Android's upcoming flavor is "Pie." According to previous reports, Android P will have the power to prevent idle apps from being able to access your camera and mic.

The combination of this sophistication with the spying focus led Kaspersky to believe that it’s likely the creation of a state agency — it rivals the Regin malware GCHQ used to spy on Belgian carrier Don’t Give Away Historic Details About Yourself. Sophisticated malware attacks through routers .

https://www.engadget.com/2018/03/11/ sophisticated - malware - attacks - through - routers /.

The combination of this sophistication with the spying focus led Kaspersky to believe that it's likely the creation of a state agency -- it rivals the Regin malware GCHQ used to spy on Belgian carrier Belgacom. And while text clues hint that English speakers might be responsible, the culprit isn't clear. Just shy of 100 individuals, government outfits and institutions fell prey to Slingshot in countries including Afghanistan, Iraq, Jordan, Kenya, Libya and Turkey. It could be one of the Five Eyes countries (Australia, Canada, New Zealand, the UK and the US) keeping watch on nations with significant terrorism issues, but that's far from certain.

Slingshot should be fixed as of recent MikroTik router firmware updates. The concern, as you might guess, is that other router makers might be affected. If they are, there's a possibility that Slingshot has a far wider reach and is still taking sensitive data.

Negative gearing law overhaul should exclude wealthy property investors from hefty tax deductions, research says

  Negative gearing law overhaul should exclude wealthy property investors from hefty tax deductions, research says Wealthy property investors should be excluded from making hefty tax deductions if negative gearing laws are overhauled, according to controversial research out today. In a proposal certain to be rejected by the Federal Government, a report by the Australian Housing & Urban Research Institute (AHURI) says $1.7 billion could be saved each year by radical reforms to the negative gearing regime.

" Slingshot should be fixed as of recent MikroTik router firmware updates. The concern, as you might guess, is that other router makers might be affected. No doubt that governments and others have working current attacks for common gear, including Ubiquiti.

Latest in Gear. Sophisticated malware attacks through routers . The combination of this sophistication with the spying focus led Kaspersky to believe that it's likely the creation of a state agency -- it rivals the Regin malware GCHQ used to spy on Belgian carrier Belgacom.

Kaspersky Lab, SecureList

Intel redesigned its 8th-gen processors to patch ‘Meltdown’ flaws .
The new chips should start rolling out later this year.Intel's future chips will have new layers of protection via something called "partitioning," according to Krzanich. "Think of this ... as additional 'protective walls' between applications and user privilege levels to create an obstacle for bad actors," he said.

—   Share news in the SOC. Networks

Topical videos:

This is interesting!