Cybercriminals exploit a vulnerability in Microsoft Exchange servers to distribute the Qakbot malware.
Global furniture giant IKEA has launched an investigation into an ongoing malware campaign targeting its computer systems. According to company representatives, evidence has been found that points to the compromise of Microsoft Exchange servers.
As reported by Bleeping Computer, which had a letter to IKEA employees, a “full-scale investigation” of the incident is ongoing and there are currently no signs of compromise of customer data. Other organizations, suppliers and business partners of IKEA were affected by the attack.
In a malicious campaign, criminals distributed emails disguised as a real response to an existing chain of letters. E-mail interception is one of the unique identifiers of the current SquirrelWaffle malicious spam campaign. Cybercriminals exploit ProxyShell and ProxyLogin vulnerabilities in Microsoft Exchange servers to distribute Qakbot malware.
The emails may come from allegedly trusted colleagues or third-party companies that the employee has previously interacted with, thereby increasing the likelihood of a socially engineered cyberattack being successful. “Our email filters can identify some of the malicious emails and quarantine them. Because an email can be a response to an ongoing conversation, it’s easy to think that the email filter has made a mistake and quarantine the email. Therefore, until further notice, we have disabled all employees’ ability to move emails out of quarantine, ”IKEA told its employees.
IKEA recommends that employees be extra vigilant when scanning their inbox for phishing emails, especially if they contain seven-digit links at the end.
When visiting URLs in malicious emails, the user will be redirected to download a file named charts.zip containing the malicious Microsoft Excel document. Recipients are prompted to click the “Include Content” or “Allow Editing” buttons, ostensibly to view it correctly. After clicking these buttons, malicious macros will be launched that download the files besta.ocx, bestb.ocx and bestc.ocx from a remote site and save them in the C: Datop folder. OCX files are renamed DL-L Libraries and run with regsvr32.exe to install the payload.
4 TB of security from Samsung. External SSD T7 Shield is now available in a new version for 420 euros
Samsung has decided to release a new version of its secure external SSD T7 Shield.
The device was introduced almost a year ago in 1 and 2 TB versions. Now, a 4 TB modification is entering the market.
In Europe, they ask for 420 euros for such an SSD. For comparison, the prices for the younger versions are 135 and 220 euros.
Recall, T7 Shield offers a good level of protection. There is also protection against water and moisture (IP65), and protection against falls from a height of up to 3 meters. Actually, since this is a solid state drive, it is likely that it will survive a much more serious fall.
The device is equipped with a USB-C 3.2 Gen 2 interface and offers read and write speeds of 1050 and 1000 MB/s, respectively. The device weighs only about 100 g.
ChatGPT can be used to write viruses and ransomware – this was confirmed by information security specialists
Network resources reported that examples appeared on the network of how the popular chat bot ChatGPT writes code for viruses. Network security company Check Point Research discovered this and said that the use of AI increases the danger from hackers. On the thematic forums, the first information about the successful writing of viruses using ChatGPT has already appeared.
One example was a program that, after refinement, can be turned into “extortionist”. It can encrypt data on the user’s PC and will require payment for decryption. In a more advanced version of the program, penetration into the target server is provided, from where hackers already gain access to all the data of the victim
In addition, the neural network can write phishing emails – this has already been checked by Check Point Research specialists themselves. The letter also contained an Excel file with an embedded macro that was launched when the file was opened.
However, this is not all. Experts were able to get AI to create scripts for scanning network ports and other tools.
At the same time, Check Point Research believes that it is too early to say that ChatGPT has become a new tool for hackers, but the attacker community has already become interested in it. Note that earlier the system was already able to pretend to be a Linux machine, as well as write a number of programs and websites.
“Germany has not taken seriously the security threat posed by China.” The country has increased dependence on Huawei
Despite the huge number of sanctions imposed by the US and other countries against Huawei, Germany has only increased its dependence on this Chinese company.
According to a recent Strand Consult report cited by Reuters, Germany has become even more dependent on Huawei to build 5G infrastructure than it was when building 4G networks. More specifically, Huawei accounts for 59% of all 5G network equipment in Germany. We are talking about base stations and related equipment. For comparison, in the case of 4G networks, Huawei’s share in Germany is 57%. What’s interesting is the fact that Huawei’s share in this area is higher in Berlin than in Beijing, where the company faces serious competition from ZTE.
According to the report, there are signs that Germany has not taken seriously the security threat posed by China. At the same time, Huawei equipment is simply cheaper than analogues of European players in this market, which is why a number of countries, including Germany, continue to purchase Huawei products.
The latest Galaxy S23 flagships smash the Galaxy S22 in the first 3DMark test
Very quickly after the announcement of the Samsung Galaxy S23 phones, the first comparative test appeared, in which the flagships...
Poco X5 5G live images days before official announcement
The Poco brand will officially unveil the Poco X5 5G and Poco X5 Pro 5G phones on February 6, but...
“Why are they called Galaxy? Because of the astronomical prices.” OnePlus trolls Samsung over Galaxy S23 flagships
Almost immediately after Samsung unveiled its latest flagships, the Galaxy S23, in the US, OnePlus’ US office posted a thread...
The latest Samsung Galaxy S23 flagships in Europe turned out to be noticeably more expensive than in the US
Samsung presented its Galaxy S23 flagships in San Francisco, so during the premiere, their cost for the US market was...
Electric Cars7 days ago
Dacia is trolling BMW, which offers heated seats and steering wheel on a subscription basis. The company is giving away free bottles.
Laptops3 days ago
The Fujitsu UH-X/H1, an ultra-light 14-inch laptop, is introduced. Its weight is only 689 grams
Components5 days ago
Very expensive. The top version of the flagship laptop Samsung Galaxy Book3 Ultra with a Core i9 processor and GeForce RTX 4070 will cost 3800 euros
Electric Cars6 days ago
Audi Activesphere unveiled with adjustable suspension, 600 km range, AR glasses and pickup capability