Xpertfeed

  New Nodersok malware installs Node.js to turn systems into proxies, perform click-fraud. Thousands of Windows computers across the world have been infected with a new strain of malware that downloads and installs a copy of the Node.js framework to convert infected systems into proxies and perform click-fraud. The malware, named Nodersok (in a  Microsoft report ) and Divergent (in a  Cisco Talos report ), was first spotted over the summer, distributed via malicious ads that forcibly downloaded HTA (HTML application) files on users' computers. Users who found and ran these HTA files started a multi-stage infection process involving Excel, JavaScript, and PowerShell scripts that eventually downloaded and installed the Nodersok malware. The malware itself has multiple components, each with its own role. There's a PowerShell module that tries to disable Windows Defender and Windows Update, and there's a component for elevating the malware's permissions to SYSTEM level. But

  Google's search technologies struggle to identify original news stories. Google looks smart and its people behave smart, but that doesn't mean its algorithms are smart. Machine learning works well when it comes to images, not language. Google's dirty little secret is that its algorithms are quite dumb and have trouble understanding what they see and read. Take this example of Google recently saying that its search algorithm will be trained to highlight original news stories such as scoops and investigative pieces... Marc Tracy in  The New York Times  reports : "After weeks of reporting, a journalist breaks a story. Moments after it goes online, another media organization posts an imitative article recycling the scoop that often grabs as much web traffic as the original. Publishers have complained about this dynamic for years…" This has been a problem since Google News launched in September 2002. Finally, the head of Google News,  Richard Gingras , has responded:

  As more and more devices get connected to the Internet of Things, researchers say compromising pumps has become a hot topic on cyber criminal forums. Cyber criminals are increasingly turning their attention to hacking Internet of Things devices as connected products proliferate – and there's one smart device in particular that is catching hackers' attention. While routers remain the top target for IoT-based cyberattacks, there's a lot of discussion in underground forums about compromising internet-connected gas pumps. This new target was uncovered by by researchers at Trend Micro, which carried out an examination of  dark web marketplaces  in five different languages – Russian, Portuguese, English, Arabic, and Spanish. The  Internet of Things in the Cybercrime Underground   report describes how the Russian market is the most sophisticated of the underground communities and one in which cyber criminals are keen to make money from attacks and exploits. One way this is alrea

  Targeting Youtube channels at kids lands Google on wrong side of Children's Online Privacy Protection Act (COPPA). Google and YouTube will pay $170 million to settle a case with the US Federal Trade Commission and New York Attorney General that alleges the tech giant illegally collected the personal information of children. Under the  Children's Online Privacy Protection Act  (COPPA), owners of online services targeted at children need to gain parental consent before collecting data on persons under 13 years of age, which also includes the use of persistent identifying cookies. The FTC and New York Attorney General put forward the argument in a  complaint [PDF]  that YouTube channels created to target children needed to comply with COPPA. "The complaint notes that the defendants knew that the YouTube platform had numerous child-directed channels," the FTC said. "YouTube marketed itself as a top destination for kids in presentations to the makers of popular chil

  New Confidential Computing Consortium will promote the use of TEEs (trusted execution environments). Some of the biggest names in the cloud and hardware ecosystem have agreed to join a new industry group focused on promoting safe computing practices. Founding members include Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom, and Tencent. Named the  Confidential Computing Consortium , this industry group's goals will be to come up with strategies and tools to accelerate the adoption of "confidential computing." By confidential computing, the group is referring to hardware and software-based technical solutions for isolating user data inside a computer's memory while it's being processed, to avoid exposing it to other applications, the operating system, or other cloud server tenants. The easiest way of supporting confidential computing practices is through the use of  trusted execution environments (TEEs) , also known as enclaves. These a

  The Desktop as a Service offering simplifies the delivery of Windows apps and desktops from Azure to devices. Citrix Managed Desktops  will be generally available on August 26, Citrix said Tuesday. The desktop-as-a-service offering simplifies the delivery of Microsoft Windows apps and desktops from Microsoft Azure to devices.  Compared with  Citrix Virtual Apps and Desktops , Citrix Managed Desktop is designed to offer a "turnkey service" for any organization, regardless of their size or IT expertise. Customers can provision Windows-based applications and desktops from the cloud to any device, and the service can be purchased on a monthly or term basis.  It's designed to streamline provisioning for internal or external users, such as a contract or seasonal workers, or to scale virtual desktops to respond to changing demands, like an influx of workers from an acquisition. Users should be able to easily integrate Azure-hosted virtual desktops with on-premises Active Direc

  'Norman' cryptomining malware was found to have infected almost every system in one organisation during an investigation by security researchers. A newly-discovered form of  cryptocurrency-mining malware  is capable of remaining so well-hidden that researchers investigating it found that it had spread to almost every computer at a company that had become infected. Dubbed 'Norman' due to references in the backend of the malware, the cryptojacker has been detailed by cybersecurity researchers at Varonis. The Monero-cryptomining campaign was uncovered after Varonis' security platform spotted suspicious network alerts and abnormal file activity on systems within organisations that had reported unstable applications and network slowdown. Cryptojacking malware exploits the processing power of an infected computer to mine for cryptocurrency – which can cause the system to slow down, even to the point of becoming unusable. Researchers found that several variants of crypto

  The iPhone-maker will also began offering a 50 percent bonus for bugs discovered in Apple’s pre-release builds. Tech giant Apple has confirmed that the company is offering hackers $1 million reward if they manage to hack into their iPhones and explain to the tech how they did it. The bounty was announced by the company at the annual Black Hat hacker convention in Las Vegas last week. It is said to be the biggest ever payout by the iPhone-maker. Apple had rolled out its bug bounty programme in 2016 with rewards up to $200,000 for finding vulnerabilities on the iOS platform which would let an attacker gain full control of the device, without needing the user’s consent. Expanding its bug bounty program to all Apple’s platforms such as iOS, iCloud, iPadOS, macOS, tvOS andwatchOS Apple’s $1 million reward is five times larger than the previous one and is open to everyone. However, those wanting to win the top prize must note that that the prize will be given only for the very specific hac

  A further five vulnerabilities were patched last week Google security researchers have discovered a total of six vulnerabilities in Apple’s iOS software, one of which the iPhone manufacturer has yet to successfully patch. Tech News reports  that the flaws were discovered by two Google Project Zero researchers, Natalie Silvanovich and Samuel Groß, and five of them were patched with  last week’s iOS 12.4 update , which contained several security fixes. All of the vulnerabilities discovered by the researchers are “interactionless,” meaning they can be run without any interaction from a user, and they exploit a vulnerability in the iMessage client. Four of them (including the as-yet-unpatched vulnerability) rely on an attacker sending a message containing malicious code to an unpatched phone and can execute as soon as a user opens the message. The remaining two rely on a memory exploit. Details of the five patched bugs have been published online, but the final bug will remain confidentia

  Researchers analysed millions of posts made on dark web forums over a 12-month period -- here's what they found out and what it means for your security. Some of the most popular strains of malware on underground forums are open-source or cracked versions of malicious software that use exploits that are years old, but still effective. Cybersecurity researchers at Recorded Future analyzed almost four million posts made on dark web forums in several languages between May 2018 and May 2019, and set out their findings in a new report:  Bestsellers in the Underground Economy . The languages analysed include English, Russian, Chinese, Spanish, Arabic and others. Across the different forums, many of the forms of malware discussed were universally popular. The top choices were simple-to-use, readily-available forms of malware, suggesting that for many cybercriminals, getting their hands on malware is the main goal -- it doesn't necessarily have to be sophisticated. Some of the most po