According to the source it was mentioned that those ethical hackers who can find the vulnerabilities in the new mega source hardware then the defense advanced projects agency (DARPA) will reward with more than just a deep sense of satisfaction. As they say, every flaw can be the chance for the winner to get the cash prize,

On July the bug bounty contest is going to be held and the main reason behind is to check and find the new flaw on the new secure hardware such as computer, chips, and circuits which make it more secure. It was also designed in different ways so that the hacker can rely on being able to undermine the software to gain the unauthorization access to systems and devices will find their attempts stymied.

If this program gets successful then it gets widely adopted. The approach could see the release of the endless software updates to patch the vulnerabilities by threat actors and where they finally draw to close.

DARPA microsystem technology office program manager Keith Rebello mentioned in his comment “ The new hardware could be free from the malicious hackers and gave the legitimate organizations the edge whenever it comes to cybersecurity.

According to the team overall there are 70 percent of the hacking executed due to the hardware vulnerabilities if they know how to fix this then it will be easier to take down a mass hackers on the ground,

The new program executed in 2017 and it was officially called System security integration through the hardware and Firmware or SSITH.DARPA has funded the hardware but the construction is completed and constructed by the researcher and academic. The place called as Massachusetts Institute of technology and the University of Michigan and Lockheed Martin

SSITH will continue for the one or more years which allow vulnerabilities to detected and fixed

if any issues related to the article. Drop your suggestions in the comment box.
Contact at info page: Source

Our new page Source

The post Hacking challenge at Pentagon | Participants get Cash Prize appeared first on Vednam.

The main issue or problem is that the open port used for system debugging grants the root user access to the device. There are no access controls with the network There is the change of exploitation is higher than that. From the vulnerable system administrators, it can remotely exploitable. The attack could be carried by malicious hackers and they don’t need advanced knowledge to execute the campaigns. 

According to the report of the data security “ The most critical Vulnerability was tracked as CVE-2020-12493 and the score received 10/10 according to the Common Vulnerability Scoring System (CVSS) remark the critical Issues.

If this potential attack could lead to catastrophic scenarios then it will create a big disaster because the German-based company which provides services for the transport control which has critical area infrastructure, some part of Europe also.

SWARCO TRAFFIC SYSTEM vulnerabilities found by the security team and start developing the security patch after receiving the report. The company product user can contact the security patch 

After the Updates are ready the cybersecurity expert contact with the team and send him the following steps to mitigate the risk of exploitation :

1. Don’t minimize the network exposure for all the vulnerable control systems.
2. Find the firewalls behind the network and remote device.
3. Try to use Virtual Private Network) VPN If you remotely access the system regularly.

The Company has issued all the report on the Vulnerabilities once they consider the exploitation risk is completely resolved,

The post Hackers Control the Traffic Signals, Just like in Movies appeared first on Vednam.

The three malware CCOPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH. According to a joint advisory released by the Cybersecurity and Infrastructure Security Agency(CISA), the Federal Bureau of Investigation (FBI) and the department of defense(DoD), the malware is capable of remote reconnaissance and exfiltration of the most important information or you call it sensitive data from the targeted host systems.

That is not the end if you leave this three malware more than 20 malware are also in the list including SLICK SHOES,  BISTROMATH, HOPLIGHT, and ELECTRICFISH and among others. The Agencies have been identified and originating as part of a series of malicious cyber activity which was done by the North Korean Government which they called Hidden Cobra or moniker Lazarus Group.

Let’s Discuss on:

TAINTEDSCRIBE: It performs as a backdoor implant and pretends to be not available but itself as Microsoft narrator and uses screen reader utility to download malicious payloads from command and control server that upload and execute the files and even create and terminate the process going on.

COPPERHEDGE: When talking about the first three malware that is full-featured Remote Access Tool(RAT) which are capable of running arbitrary commands, performing system reconnaissance, and data exfiltrating. The above all is used to act and treat the target cryptocurrency exchanges and related entities. six different types of COPPERHEDGE are identified to date.

After that, PEBBLEDASH is similar to TAINTEDSCRIBE which normally a family member of trojan which has capabilities to download, upload, delete and execute files and it also enables CLI access which helps to terminate the process.

Cyber Spying Threat Significant Role

Have you guys remembered about the WannaCry ransomware infection outrage in 2017 which is also known as Wanna Decryptor, with this outrage hackers hack system and forcefully extract a Windows SMB exploit, dubbed Etrenalblue that may help to take a remote hacker to hijack unpatched windows computer and in return, they usually demand more than $600 in Ransome? The attack has been traced to Hidden Cobra.

The Lazarus Group is responsible for all that stuff and they almost $571 million worth of cryptocurrency from online exchanges.

In March 2020, The US Department of Justice(DoJ) charged two Chinese nationals working on behalf of North Korean threats to allegedly launder over 100$ million worth of stolen cryptocurrency by using Apple iTunes Gift cards.

Found this article informative? Follow Vednam on Facebook, Twitter, Mix, Tumbler, and Linkedin to know more exclusive content we post.

The post North Korean Hackers Used 3 New Malware : US appeared first on Vednam.