Tech News

A New Ransomware Targeting Linux-based NAS Devices

Linux-based NAS devices made by QNAP Systems are under a new ransomware attack, allowing bad actors to hold user's data hostage for ransom.

According to The Hacker News, the new ransomware family was independently discovered by researchers at two separate security firms, Intezer and Anomali, and targets poorly protected or vulnerable QNAP NAS servers either by brute forcing weak SSH credentials or exploiting known vulnerabilities.

The ransomware implementations are named "QNAPCrypt" by Intezer and "eCh0raix" by Anomali. Written in the Go programming language, the ransomware encrypts files with targeted extensions using AES encryption and appends an .encrypt extension to each.

For some unknown reason, the ransomware is being merciful to NAS devices located in Belarus, Ukraine, or Russia. "The ransomware terminates the file encryption process and exits without doing any harm to the files," reported The Hacker News.

WebCam Security Issues for Zoom Users

Zoom, which is considered a market leader in Gartner's Magic Quadrant for Meeting Solutions, is a popular solution for businesses to conduct online meetings. But the service is caught in an endless loop of privacy invasion and security vulnerabilities.

Security expert Jonathan Leitschuh recently reported that "a vulnerability in the Mac Zoom Client allows any malicious website to enable your camera without your permission. The flaw potentially exposes up to 750,000 companies around the world that use Zoom to conduct day-to-day business."

Removing Zoom wouldn't fix the problem, because the 'localhost' web server running on the machine will re-install the Zoom client without user permission.

Additionally, if you've ever installed the Zoom client and then uninstalled it, you still have a localhost web server on your machine that will re-install the Zoom client, without requiring any user interaction on your behalf besides visiting a webpage. This re-install 'feature' continues to work to this day, said Leitschuh.

According to The Hacker News, any website you're visiting in your web browser can turn on your device camera without your permission.

Zoom has released some updates to fix the issues, but those who use Zoom for business meetings should be aware of looming problems.

OpenSSH Fixes Side Channel Attacks

There is a rise in memory side-channel vulnerabilities like RAMBleed, Spectre, and Meltdown. OpenSSH is often at the center of attacks where a bad actor "exploits memory read vulnerabilities to steal secret SSH private keys from the restricted memory regions of the system," according to The Hacker News.

The root cause of this issue is the fact that the OpenSSH agent stores a copy of the SSH keys in the memory (RAM of CPU), eliminating the need for entering a passphrase to log into the server via SSH. Since these keys are stored in either RAM or CPU in plaintext, they are susceptible to attacks.

The OpenSSH community is now fixing this issue through an update. OpenSSH will now encrypt private keys before storing them in the system memory.

"Attackers must recover the entire prekey with high accuracy before they can attempt to decrypt the shielded private key, but the current generation of attacks have bit error rates that, when applied cumulatively to the entire prekey, make this unlikely," said Damien Miller of the OpenBSD project on a mailing list.

Purdue Scientists Build Quantum Gate

Scientists at Purdue University say they are "among the first" to build what they are calling "a transistor-like gate for quantum information processing." The gate, which could play a role within a quantum computer that is similar to the gates used in today's computers, processes information in qudits.

A qudit differs from a qubit in that it supports more than just the 0 and 1 states. The researchers report that the new gate "… creates one of the largest entangled states of quantum particles to date." According to the press release, the research team "… achieved more entanglement with fewer photons by encoding one qudit in the time domain and the other in the frequency domain of each of the two photons. They built a gate using the two qudits encoded in each photon, for a total of four qudits in 32 dimensions, or possibilities, of both time and frequency."

The team says their next step is to use the gate in quantum communications tasks, such as high-dimensional quantum teleportation.

NSF Awards $10 Million for Supercomputer that Emphasizes Cloud Integration

The US National Science Foundation (NSF) has awarded the San Diego Supercomputer Center (SDSC) of the University of California San Diego $10 million for a new supercomputer "designed to advance research that is increasingly dependent upon heterogeneous and distributed resources."

The new Expanse supercomputer will be capable of operating as a standalone system; however, the most interesting part of the design is the emphasis on "cloud integration and composed systems as well as continued support for science gateways and distributed computing via the Open Science grid."

According to SDSC Chief Data Science officer Ilkay Altintas, "While Expanse will easily support traditional batch-scheduled HPC applications, breakthrough research is increasingly dependent upon carrying out complex workflows that may include near real-time remote sensor data ingestion and big data analysis, interactive data exploration and visualization as well as large-scale computation. … One of the key innovations in Expanse is its ability to support so-called composable systems at the continuum of computing with dynamic capabilities. Using tools such as Kubernetes, and workflow software we have developed over the years for projects including the NSF-funded WIFIRE and CHASE-CI programs, Expanse will extend the boundaries of what is possible by integration with the broader computational and data ecosystem."