Unable to test every tourist and unable to turn them away, Greece used ML to pick visitors for COVID-19 checks

From theregister.com

Faced with limited resources in a pandemic, Greece turned to machine-learning software to decide which sorts of travelers to test for COVID-19 as they arrived in the country.

The system in question used reinforcement learning, specifically multi-armed bandit algorithms, to identify which potentially infected, asymptomatic passengers were worth testing and putting into quarantine if necessary. It also was able to produce up-to-date statistics on infections for officials to analyze, such as early signs of the emergence of COVID-19 hot spots abroad, we’re told.

Read more…

Vidar Stealer Evasion Arsenal

From blog.minerva-labs.com

Vidar Stealer is not new to our world. It is known for stealing sensitive information such as banking details, IP addresses, saved passwords, browser history, login credentials, and recently, known crypto wallets. Being MAAS (Malware As A Service) gives it the ability to constantly develop. We spotted one of the new Variant’s hashes on RedBeard’s twitter page.

Following our research on the sample we have got, there is probably a code error. However, we have been able to detect several evasion techniques. There were two technique categories; anti-debugging and anti–emulation.

Read more…

Detecting Credential Stealing Attacks Through Active In-Network Defense

From malware.news

Today, enterprises tend to use multiple layers of security defenses, ranging from perimeter defense on network entry points to host based security solutions deployed at the end user’s machines to counter the ever-increasing threats. This includes inline traffic filtering and management security solutions deployed at access and distribution layers in the network, as well as out of band solutions like NAC, SIEM or User Behavior Analysis to provide identity-based network access and gain more visibility into the user’s access to critical network resources. However, layered security defenses face the major and recurring challenge of detecting newer exploitation techniques as they heavily rely on known behaviors. Additionally, yet another significant challenge facing the enterprise network is detecting post-exploitation activities, after perimeter security is compromised.

Read more…

Super-Media.xyz browser hijacker (fake) – Chrome, Firefox, IE, Edge

From 2-spyware.com

Super-Media.xyz browser hijacker

Super-Media.xyz browser hijacker is considered an unwanted and possibly malicious program for a reason. The main reason why this is the intruder – redirects and issues created on the web browser when the app is used. This domain appears added as the default search engine, homepage, new tab because the hijacker changes these settings to control all search attempts and inject pop-ups, banners, hyperlinks to the search results list whenever you use the computer. You cannot control where the search redirects you and what additional content appears once those pop-ups or banners get clicked on.

Read more…

Introducing a new schema to track ransomware vulnerabilities

From blog.avast.com

The schema includes dozens of vulnerability listings for products including Microsoft Office, SharePoint, and SonicWall

A group of security researchers have put together a comprehensive schema to track common vulnerabilities of popular products. It’s an especially interesting resource because it visually documents how ransomware gangs are using weak points to leverage their way into popular networks and endpoints. The effort was first begun by Allan Liska, author of several tech guides, including one on ransomware defense.

Read more…