Scammers are using a whole load of tricks to launch cryptomining scams

Cybercriminals and fraudsters are tapping into the DeFi craze to scam people out of their hard-earned cryptocurrency tokens, experts have warned.

Cybersecurity researchers from Sophos have uncovered an ongoing campaign that preys on those with little knowledge of the nascent crypto space that is Decentralized Finance (DeFi), and slowly drains their funds until there’s nothing left.

Sophos calls the new campaigns “Liquidity Mining Scams”, and has urged anyone involved in crypto trading to beware offer that sound too good to be true.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

Earning millions, or losing thousands?

The rise of blockchain has given birth to something known as “smart contracts” – essentially pieces of code that act like the middleman and allow two parties to engage in a transaction of value, when certain conditions are met, without the need for an intermediary. 

With the help of smart contracts, rose Decentralized Finance – an umbrella term that covers a number of services usually offered by centralized entities (trading, lending, etc.). When it comes to trading cryptocurrencies in a decentralized environment, there needs to be a pool of liquidity for both currencies being exchanged. 

Users are being incentivized to provide this liquidity (lend out their coins, essentially) by receiving a percentage of the trading fee associated with a specific DeFi protocol, among other things. To do that, they often need to connect their crypto wallets (for example, MetaMask), with the DeFi protocol. 

And here’s where the scammers jump in. Sophos says they’ll create fake apps, fake protocols, or fake tokens, and reach out to potential targets via social media using fake identities. After a little bit of innocent chat, they’ll try and persuade the victim into providing liquidity for a certain pair of cryptocurrencies that seem to promise great returns.

They’ll even generate fake reports to further convince the victim of great earnings, and in some cases, they’ll even allow for withdrawals early on. However, they’ll urge the victim to keep investing big, in order to earn even more. In reality, though, the target’s victims were being drained until there was nothing left.

Once the targets were taken for everything they had, the attackers would simply vanish into thin air. 

Go to Source

This $800 network certification training bundle is just $35

There’s money to be made in IT, but only for those with the right qualifications. Want an easier way to earn the certifications you need without attending college classes? Then the 2022 Cisco Certified Technician Training Prep Bundle, discounted to $34.99, might be an ideal alternative.

This package features four courses that help students prepare for key Cisco and CompTIA certification exams. They’ll learn the basics of network theory, get acquainted with the components, and discover how to build and implement their own networks. By the end, they’ll be equipped to earn their Network+ designation, plus CCNA and CCNP certifications from Cisco.

Though the 2022 Cisco Certified Technician Training Prep Bundle is offered at a bargain, the quality of instruction is anything but. Ozgun Arslan facilitates the courses through Networkel Inc., a respected source for online learning with a near-perfect rating of 4.5 out of 5 stars. That means that students who purchase this package face an equal chance for success, and they spend way less to get there. 

The 2022 Cisco Certified Technician Training Prep Bundle – $34.99

See Deal

Prices subject to change.

Cisco Systems

Go to Source

AMD and Qualcomm are teaming up to make your laptop Wi-Fi faster

Laptops powered by AMD Ryzen chips could soon get a serious Wi-Fi speed boost thanks to a new partnership with Qualcomm.

The chip giant has announced it is bringing its Qualcomm FastConnect to PCs with AMD Ryzen processors, meaning Wi-Fi 6 and 6E connections will soon be available on more devices, offering download speeds of up to 3.6GBps.

A bunch of business-focused laptops will be the first to see the upgrade, with notebooks using the AMD Ryzen Pro 6000 series chips and Qualcomm FastConnect 6900 among the initial rollout.

Faster Wi-Fi on the way

“Out-of-band Wi-Fi remote management is an important tool for enterprise IT managers to diagnose and fix issues, even when the operating system is not running,” Jason Banta, CVP and GM of OEM Client Computing at AMD, said in a press release. 

“AMD Ryzen PRO 6000 Series processors with Qualcomm FastConnect 6900 enable next-generation business laptops to have the processing and connectivity tools needed to perform in modern environments, offering professional-strength remote manageability for users in the new, hybrid workplace.”

The launch will also bring in Windows 11 devices for the first time, as the two companies look to work with Microsoft to make the most of some useful connectivity tools found in the software.

This includes Windows 11 Wi-Fi Dual Station, which allows laptops to use multiple Wi-Fi bands simultaneously for reduced latency and stronger connections. AMD and Qualcomm say that this should provide a particular boost for enterprise users by allowing for better video conferencing performance.

AMD was also keen to push its Manageability Processor remote management tool for Ryzen Pro 6000 PCs, hopefully meaning such devices will become more appealing to businesses looking to upgrade their IT stack. 

Users of such devices, with the recently-announced Lenovo ThinkPad Z Series and HP EliteBook 805 Series named in the press materials, should also be able to see the benefits of using the 6GHz band for improved bandwidth and speed improvements without needing to battle with older, non-6E devices.

Go to Source

This site claims to offer Pixelmon NFTs, but just gives you malware

Scammers are taking advantage of the hype surrounding Pixelmon to distribute password-stealing malware, researchers are saying.

Cybersecurity researchers from MalwareHunterTeam found a fake Pixelmon site that claims to offer a playable demo of the game, but instead just distributes the Vidar virus.

Pixelmon is a non-fungible token (NFT) project. A blockchain-based metaverse game, in which players can collect, and train, their pixelated pets, and then send them into combat against other players. 

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

Targeting NFT enthusiasts

These types of projects are extremely popular these days, as the price of collectible items in the metaverse can rise into millions. Some are joining to try and earn a quick buck, others because they want to be a part of an emerging, and potentially hugely disruptive, technology.

Whatever the reason, all of them are potential targets. This particular project has some 200,000 Twitter followers, and more than 25,000 Discord members, making it among the most highly anticipated projects in the metaverse. 

The legitimate website is pixelmon.club, but MalwareHunterTeam found pixelmon[.]pw, a seemingly identical site. However, instead of offering the demo version of the game, the site is offering a file named Installer.zip, which carries an executable file.

While examining the site, the researchers found the file was corrupt and wasn’t distributing any malware. Other files on the site, though, helped the researchers conclude that it was distributing Vidar.

Vidar is a password-stealing malware that fell into obscurity, as of lately, the publication claims. When executed, the malware will connect to a Telegram channel to retrieve the IP address of its C2 server. 

From the C2 server, it will retrieve a configuration command, and download further modules, used to steal sensitive data from the target endpoint. Given that it’s targeting NFT enthusiasts, Vidar mostly looks for data related to cryptocurrency wallets, backup codes, password files, and such.

The site is currently not distributing a working payload, but researchers suspect it is just temporary, and that it’s only a matter of time before a new, working payload, is provided. NFT enthusiasts and investors are advised to be extra careful when visiting new pages and downloading content. 

Via: BleepingComputer

Go to Source

Hackers can steal your Tesla via Bluetooth

The lines between virtual and physical damage from cyberattacks are blurring even further after a new method of stealing a Tesla car using Bluetooth technology was uncovered.

A team of researchers from NCC Group built a tool that is capable of mounting a Bluetooth Low Energy (BLE) relay attack, successfully bypassing all existing protections and authenticating on target endpoints.

While this type of attack works pretty much the same on all kinds of devices, from smartphones to smart locks, researchers opted for a Tesla car. 

Successful experiment

In layman’s terms, the attack works by squeezing the attacker in between the legitimate Bluetooth sender and receiver devices. That way, the attacker gets to manipulate the data going into the receiving device (in this particular case, the Tesla car). 

The only challenge with this method is that the attacker needs to be in relative proximity to both the victim, and the target device.

As an experiment, the researchers used a 2020 Tesla Model 3, and an iPhone 13 mini, running version 4.6.1-891 of the Tesla app. They used two relay devices, one located seven meters away from the phone, and the other one located three meters from the car. The overall distance between the phone and the car was 25 meters. The experiment was a success.

“NCC Group was able to use this newly developed relay attack tool to unlock and operate the vehicle while the iPhone was outside the BLE range of the vehicle,” the researchers concluded.

Later, the team successfully conducted the same experiment on a 2021 Tesla Model Y.

After sharing the findings with Tesla, the company said relay attacks were “a known limitation of the passive entry system”. 

To defend from relay attacks, users can disable the passive entry system and switch to an alternative method of authenticating, preferably one that requires user interaction. They should also use the “PIN to Drive” feature, to make sure no one can drive away with the vehicle, even if they successfully manage to open it. 

Via: BleepingComputer

Go to Source

Arm is making headway in its quest to conquer the server market

Arm has announced a set of milestones that set the stage for a further push into the server CPU market.

The company this week revealed that Microsoft Azure servers and virtual machines powered by Arm-based Ampere processors now adhere to SystemReady standards.

Effectively, this means software also designed to the same specification is guaranteed to function as intended in Arm-based Azure cloud environments, an important consideration for development teams.

Arm takes on the server market

Traditionally, Arm-based processors have been found predominantly in smartphones and IoT endpoints, because of the strong power consumption to performance ratio they deliver. Meanwhile, the server and workstation market has been dominated by Intel’s x86 architecture.

However, Arm has recently begun to muscle its way into the datacenter with its Neoverse platform, which now underpins a host of performance-centric chips. 

Cloud vendors like AWS and Alibaba have also discovered the performance advantages of developing their own custom ARM-based silicon, instead of leaning solely on Intel Xeon and AMD EPYC CPUs, based on x86. There is evidence to suggest companies like Microsoft and Meta will soon follow suit.

The latest data from Omdia shows Arm-based CPUs are currently found in roughly 5% of servers, but the company expects to make significant headway in the coming years as heavy investment begins to bear fruit.

Speaking to TechRadar Pro at MWC 2022 earlier this year, the company’s SVP Infrastructure Chris Bergey explained why the company is so well-positioned to accelerate into the server space.

“With Arm, cloud providers are finding they can get more compute, because they can put more cores in a power envelope. And we’re just at the tip of the iceberg,” he told us.

“This is a ‘show me’ kind of market. If you’ve got the performance and value proposition, companies are highly incentivized to consider alternatives – and the market share will take care of itself.”

One of the few remaining stumbling blocks for Arm is software support, a problem that SystemReady standards are designed to resolve.

With Microsoft becoming the first major cloud vendor to embrace the new set of certifications, first introduced back in 2020, Arm will hope the rest will now fall in line.

Via The Register

Go to Source

Google Cloud is looking to make open source code safer than ever

Google Cloud has announced a new open source software security tool as it aims to improve safety among software supply chains.

The new Assured Open Source Software (OSS) looks to enable enterprise and public sector users of open source software to incorporate the same security packages that Google uses into its own developer workflows. 

Software supply chains, which often rely on open source code to stay flexible and customizable, have become popular targets for cyberattacks as hackers look to target industries of all kinds.

What’s behind the move?

The move comes after numerous high profile open source security incidents, including vulnerabilities related to Log4j and Spring4shell.

Google joined the OpenSSF and the Linux Foundation for a meeting to advance the open source software security initiatives discussed during the recent White House Summit on Open Source Security.

Google says that the packages curated by the Assured OSS service will be regularly scanned, analyzed, and fuzz-tested for vulnerabilities and will have corresponding enriched metadata that incorporates Google’s Container/Artifact Analysis data.

All packages included in the new tool will be built with Google’s Cloud Build and will include evidence of verifiable SLSA-compliance.

The packages will be distributed from an Artifact Registry secured and protected by Google, with Assured OSS is expected to enter preview in Q3 2022.

Google highlighted that it continuously scans 550 of the most commonly-used open source projects, and says that it has found more than 36,000 vulnerabilities as of January 2022.

In addition, Google also announced a partnership with Israeli developer security platform SNYK that means Assured OSS will be natively integrated into Snyk solutions for joint customers to use wherever they are developing code.

In addition, the partnership also means that Snyk vulnerabilities, triggering actions, and remediation recommendations will become available to joint customers within the Google Cloud security and software development life cycle.

Security issues haven’t stopped open source software attracting interest from developers everywhere.

A poll of application developers by Instacluster found that 45% of respondents acknowledge the potential of open source software in terms of cutting down costs, while 38% acknowledge its potential in terms of being able to port code more easily.

Go to Source