Hackers Have Found an Entirely New Way To Backdoor Into Microsoft Windows
The most notable feature of this backdoor is that it communicates with a command-and-control server via DNS traffic… The code for the DNS tunneling tool is based on the publicly available dnscat2 tool. It receives commands by performing name resolution… Msupedge not only receives commands via DNS traffic but also uses the resolved IP address of the C&C server (ctl.msedeapi[.]net) as a command. The third octet of the resolved IP address is a switch case. The behavior of the backdoor will change based on the value of the third octet of the resolved IP address minus seven…
The initial intrusion was likely through the exploit of a recently patched PHP vulnerability (CVE-2024-4577). The vulnerability is a CGI argument injection flaw affecting all versions of PHP installed on the Windows operating system. Successful exploitation of the vulnerability can lead to remote code execution.
Symantec has seen multiple threat actors scanning for vulnerable systems in recent weeks. To date, we have found no evidence allowing us to attribute this threat and the motive behind the attack remains unknown.
More from The Record:
Compared to more obvious methods like HTTP or HTTPS tunneling, this technique can be harder to detect because DNS traffic is generally considered benign and is often overlooked by security tools.
Earlier in June, researchers discovered a campaign by suspected Chinese state-sponsored hackers, known as RedJuliett, targeting dozens of organizations in Taiwan, including universities, state agencies, electronics manufacturers, and religious organizations. Like many other Chinese threat actors, the group likely targeted vulnerabilities in internet-facing devices such as firewalls and enterprise VPNs for initial access because these devices often have limited visibility and security solutions, researchers said.
Additional coverage at The Hacker News.
Thanks to Slashdot reader joshuark for sharing the article.
Read more of this story at Slashdot.
Major Backdoor In Millions of RFID Cards Allows Instant Cloning
A significant backdoor in millions of contactless cards made by China-based Shanghai Fudan Microelectronics Group allows instantaneous cloning of RFID smart cards used to open office doors and hotel rooms around the world.
French security services firm Quarkslab has made an eye-popping discovery… Although the backdoor requires just a few minutes of physical proximity to an affected card to conduct an attack, an attacker in a position to carry out a supply chain attack could execute such attacks instantaneously at scale, researcher Philippe Teuwen explained in a paper.
Thanks to Slashdot reader wiredmikey for sharing the article.
Read more of this story at Slashdot.
A Revolutionary Quantum Compass Could Soon Make GPS-Free Navigation a Reality
Until recently, such a sensor — a thousand times more sensitive than today’s navigation-grade devices — would have filled a moving truck. But advancements are dramatically shrinking the size and cost of this technology. For the first time, researchers from Sandia National Laboratories have used silicon photonic microchip components to perform a quantum sensing technique called atom interferometry, an ultra-precise way of measuring acceleration. It is the latest milestone toward developing a kind of quantum compass for navigation when GPS signals are unavailable. The team published its findings and introduced a new high-performance silicon photonic modulator — a device that controls light on a microchip — as the cover story in the journal Science Advances… The new modulator is the centerpiece of a laser system on a microchip. Rugged enough to handle heavy vibrations, it would replace a conventional laser system typically the size of a refrigerator…
Besides size, cost has been a major obstacle to deploying quantum navigation devices. Every atom interferometer needs a laser system, and laser systems need modulators. “Just one full-size single-sideband modulator, a commercially available one, is more than $10,000,” said Sandia scientist Jongmin Lee. Miniaturizing bulky, expensive components into silicon photonic chips helps drive down these costs. “We can make hundreds of modulators on a single 8-inch wafer and even more on a 12-inch wafer,” Kodigala said. And since they can be manufactured using the same process as virtually all computer chips, “This sophisticated four-channel component, including additional custom features, can be mass-produced at a much lower cost compared to today’s commercial alternatives, enabling the production of quantum inertial measurement units at a reduced cost,” Lee said.
As the technology gets closer to field deployment, the team is exploring other uses beyond navigation. Researchers are investigating whether it could help locate underground cavities and resources by detecting the tiny changes these make to Earth’s gravitational force. They also see potential for the optical components they invented, including the modulator, in LIDAR, quantum computing, and optical communications.
Thanks to Slashdot reader schwit1 for sharing the news.
Read more of this story at Slashdot.
Netflix Shares First Six Minutes of New Anime Series ‘Terminator Zero’
And the Netflix blog has now shared the first six minutes online:
In the world of Terminator, the future is never set, yet some things are guaranteed: The Terminator is still a cyborg that feels no remorse, pity, or fear. The anime series TERMINATOR ZERO, landing on Netflix on Aug. 29 — known to fans as Judgment Day — looks different from any incarnation of the Terminator franchise we’ve seen before, but you can tell from these opening six minutes that the brutal, sophisticated action will remain.
“I realized the first minutes of the show have to declare what it is,” creator and executive producer Mattson Tomlin tells Tudum. A joint production between Skydance and the Japanese animation studio Production I.G, TERMINATOR ZERO has the challenge of drawing in both anime fans and fans of the Terminator series. “The way to do that was to have a sequence that had no dialogue, that was really planting a flag in letting everybody know this is going to be violent, it’s going to be dark, it’s going to be action-driven, it’s going to be horrific, and it’s going to be arresting,” says Tomlin, who previously wrote Project Power for Netflix and is currently writing The Batman Part II. “That’s just what it has to be.”
The series follows “a new batch of characters who live in Japan in 1997,” writes CBR — and in an interview the show’s director said “There’s a balance” when representing Japan’s actual culture while keeping the show futuristic:
One of the things that I really took for granted was guns. [Points to self] Dumb American over here had to write a scene where Eiko gets into a parking lot and smashes the window of a car, goes to the glove box, takes out a revolver, and it instantly gets flagged. [Other people working on the series] were like, “No, we don’t have guns. What you are describing, that’s over there. We’re over here in civilization where that can’t happen.” That triggered a really fruitful and creatively challenging discussion about weapons. The military has guns and the police have guns. That’s kind of it. So these characters have to arm themselves. How are they going to do it? What could we do? And that’s why the Terminator has a crossbow. Eiko has all of these different weapons that she concocted from a hardware store. It was all born out of that.
Read more of this story at Slashdot.
How Should Cybersecurity Evolve After Crowdstrike’s Outage?
[An anonymous Microsoft executive] said participants at the Windows Endpoint Security Ecosystem Summit will explore the possibility of having applications rely more on a part of Windows called user mode instead of the more privileged kernel mode… Attendees at Microsoft’s September 10 event will also discuss the adoption of eBPF technology, which checks if programs will run without triggering system crashes, and memory-safe programming languages such as Rust, the executive said.
Wednesday Crowdstrike argued no cybersecurity vendor could “technically” guarantee their software wouldn’t cause a similar incident.
On a possibly related note, long-time Slashdot reader 278MorkandMindy shares their own thoughts:
The “year of the Linux desktop” is always just around the corner, somewhat like nuclear fusion. Will Windows 11, with its general advert and telemetry BS, along with the recall feature, FINALLY push “somewhat computer literate” types like myself onto Linux?
Read more of this story at Slashdot.
Telegram CEO Arested In France
Durov was travelling aboard his private jet, TF1 said on its website, adding he had been targeted by an arrest warrant in France as part of a preliminary police investigation. TF1 and BFM both said the investigation was focused on a lack of moderators on Telegram, and that police considered that this situation allowed criminal activity to go on undeterred on the messaging app.
Thanks to long-time Slashdot reader sinij for sharing the news.
Read more of this story at Slashdot.