What the latest security news tell us about technology and how best to take advantage of it
Data privacy is a long-term effort, but not everyone gets the idea to invest resources in it. Users can easily be fooled by an attacker in the online space. The latest security news tells about how companies and other organizations react to these technology threats so we can learn from them.
PowerShell scripts ransomware attacks on the rise
With PowerShell, attackers can stealthily gather internal user data and exploit it.
Sophos recently posted that attackers took two months to craft and install PowerShell scripts as services before deploying the ransomware, named Midas.
Midas included repeated iterations, creating Windows services designed to execute several PowerShell scripts the attackers had established, on one machine at a time. In this attack, the target organization never understood or saw an alert that the attacker got into the infrastructure.
Electromagnetic waves & Raspberry Pi counter ransomware
Meanwhile, a technology breakthrough by the researchers from Convolution Neural Networks developed a design to measure the traces of malware from a device. The team says that it was successfully able to detect the presence of malware with near accuracy of 99.82%.
In a recent study, the researchers from the Research Institute of Computer Science and Random Systems in France have been able to detect the presence of malware with a popular portable chipset called Raspberry Pi, using electromagnetic waves.
As Republicworld mentioned, the device developed by the French researchers uses an H-field probe together with Raspberry Pi.
It can detect the presence of magnetic fields produced by weak signals. The malware detection device analyzes and detects the presence of abnormalities in the electromagnetic waves produced by computers that happen to have malware that can be used for computer hacking.
Мulti-factor authentication used by hackers against the second line of defense
According to Proofpoint, hackers who publish phishing kits are beginning to add multi-factor authentication bypassing capabilities to their software. Researchers found that hackers use a new type of kit that does not rely on recreating a target website. It uses a transparent reverse proxy to present the actual website to the victim. This way users falsely believe they’ve entered safely. The truth is that the reverse proxy allows the threat actor to man-in-the-middle (MitM) a session and capture all details like usernames and passwords in real-time, including the session cookie. This is illustrated in the Figure below.
AI and ML can save us from security threats
The answer to counter it? Of course, a machine-learning (ML) algorithm.
With Phoca – a tool using ML scans suspected phishing pages and tries to determine if the website was using a transparent reverse proxy to MitM (Man in the Middle) credentials.
Other security researchers at the University of Plymouth and the University of Portsmouth in the UK transformed the markup and code of web pages into images using “binary visualization” tools. A specially trained model translated the website through a binary visualization network, named MobileNet. According to the researchers’ tests, the algorithm has gotten an accuracy rate of 94% for phishing websites.
Cyber intruders improve their hacking skills and find creative ways to steal data. The examples above are a wake-up calls the security should be a long-term key focus for every organization.