Security Leftovers
-
URL files and WebDAV used for IcedID (Bokbot) infection, (Fri, Feb 24th)
-
Putting Undetectable Backdoors in Machine Learning Models
This is really interesting research from a few months ago:
Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. Delegation of learning has clear benefits, and at the same time raises serious concerns of trust. This work studies possible abuses of power by untrusted learners.We show how a malicious learner can plant an undetectable backdoor into a classifier. [...]
-
Here’s How We Broke Into a Bank Account Using an AI-Voice
In this week’s CYBER, Joseph Cox talks us through how he created a clone of his voice and used it to bypass his bank’s security checks.
-
Who’s Behind the Botnet-Based Service BHProxies?
A security firm has discovered that a six-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies, which offers paying customers the ability to route their web traffic anonymously through compromised computers. Here’s a closer look at Mylobot, and a deep dive into who may be responsible for operating the BHProxies service.
-
How the Ukraine War Has Changed Russia’s Cyberstrategy [iophk: Windows TCO]
Ransomware attacks, in which hackers gain control of an organization’s computer systems and demand large sums of money to return access, were among the biggest concerns when Russia invaded Ukraine a year ago. While there were some isolated ransomware attacks on Ukraine and Poland late last year that Microsoft attributed to Russian military-affiliated hackers, attacks on the scale that hit Colonial Pipeline and meat processor JBS in 2021—resulting in millions of dollars of ransom payments—have largely been absent from the conflict. Ransomware payments declined by double-digit percentages across the board in 2022, according to cybersecurity firms and analysis groups.