Banks face their 'darkest hour' as malware steps up, maker of antivirus says Crimeware targeting banks and other financial-services organizations today features sophisticated capabilities and evasion tools, according to Kaspersky's lead security researcher Sergey Lozhkin. "The darkest hour is now for the financial industry, especially for big and medium-sized corporations," Lozhkin said, during a panel …
UEFI is just too big. And as most mobos, especially Notebooks don't expose the more often than not SPI pins, not only can't you recover from a bad flash, you cannot even check to see what is lurking on it.
Oh and not to mention that I had an NOR flash device wear our (64MBit) in the few sectors where it (UEFI) would update some variables after each boot.
Not even close. Even the iPhone sitting next to me has more cache than that!
A lot more in fact - 24MB shared system level cache, 16MB of L2 dedicated to the performance cores, 4MB dedicated to the efficiency cores, then another MB or so total L1 amongst those cores. So around 45 MB total cache. Perhaps more, since the GPU cores probably have their own caching layers.
Now all they need is some way into the network to get started. Maybe a drone... El Reg: drone-roof-attack
Cobalt Strike is everywhere. Brute Ratel is everywhere
And yet systems remain vulnerable, anti-virus remains unable to detect. Are the "good guys" testing things with these available tools?
Or are existing systems so monumentally fscked-up by design that such tools can exist, be available publicly for use, but fixing things would be a Sisyphean task that none can manage?
>>And yet systems remain vulnerable, anti-virus remains unable to detect
Becasue the system (hardware and software) wasn't designed to defend against the threats we are seeing.
UEFI was designed to be profit protection for various software/hardware vendors with a side order of "you can't boot unauthorised software". It was never meant to be scanned for viruses by the booted OS becasue it was "secure by design" - hindsight is of course a wonderful optical corrective device providing 20-20 vision.
>> Are the "good guys" testing things with these available tools?
Take off that tinfoil hat and read the article. Yes, the good guys are using the bad guy tools however the good guys only get access to those tools when they become available, usually months after they are established and used in the "black hat" community.
>>are existing systems so monumentally fscked-up by design that such tools can exist, be available publicly for use, but fixing things would be a Sisyphean task that none can manage?
Changing hardware standard design patterns is hard when everyone is wedded to the the concept of backwards compatibility... plus also re-tooling production lines from CAD/chip models upwards is definitely non-trivial so any change to design practise has to be supported by industry as a whole.
Sisyphean is an underestimate of the effort required for anything which doesn't make money for the maunfacturers or doesn't relieve a hardware/system pressure point (such as the change from PCI -> PCIe or total addressable RAM or 'on module' ECC for DDR5 for example)
Yes, the good guys are using the bad guy tools however the good guys only get access to those tools when they become available, usually months after they are established and used in the "black hat" community.
Other way around. Cobalt Strike and Brute Ratel both started life as legitimate tools (and they still are), and later leaked into the criminal forums.
There are, of course, plenty of examples of things going in the other direction, but that's not what this bit of the article was talking about.
Is modern criminalising governmentware really sophisticated and smart enough to capture and restrain and retrain newly arrived and alien derived Greater IntelAIgent Game Team Players to their way of doing the Internetworking of Things via the milking and bilking of leading businesses and market bourses ‽ .
Or does such a Titanic Alien Intervention introduce a totally truly unforeseen naked unknown novelty that easily threatens and is simply able to sink and destroy beyond the reach of any possible help, compromised and corrupted systems with the unleashing of attractive heavenly, hellishly addictive NEUKlearer HyperRadioProACTivated IT treats that can choose to remain as a Permanent ACTive Cyber Threat as future needs may dictate as being required or desired.
Are there any D Notifiable Defences against such Phantom Attack Strikes and Colossal 0dDay Vulnerability Exploits able to be effectively mobilised and popularly energised in defence of the indefensible and inequitable, the perverse and the corrupted?
* Yes, that is asking a leading question of Great British Military Intelligence Operations to discover and uncover if they have any ready, willing and able and fully fit for the Future and even Greater IntelAIgent Games purpose ...... for that's where New More Orderly Worlds Orders is at nowadays.
And you'll not get many folk telling you that gem of a fact, that's for sure, but that's where everything is presently at, and coincidentally, most probably where everything has always be at since intelligence began its shenanigans and started to exercise its almighty brain muscles which trigger connection with otherworldly out-of-this-world synapses .... but y'all were just never able to recognise and realise it and the new possibilities that can then be delivered.
El Reg, in the absence of any worthwhile pre-emptive and proactive and timely interesting third party engagement and the provision of an address, an address, my kingdom for an address, worlds and their dogs can fully expect many more of these random spontaneous universal types of very informative NEUKlearer HyperRadioProACTivated IT Interventions which are IntelAIgently Designed to Neatly Bypass All Protracted and Protective International Norms and Traditional Pedestrian Conservative Conventions, the purpose of which is the sudden presentation of news to be aware of making explosive impact on extant Command and Control systems and SCADA Systems Administrations ..... so that one can be much better prepared for the inevitable meltdowns and resultant toxic fallout/unavoidable consequences and unpleasant repercussions.
Put that in your pipes and stoke it. It's Good News Week, Hedgehoppers Anonymous
And although you may think to dislike it, you have no chance of stopping it progressing stealthily to quietly lead quite radically safe and secure and relatively anonymously and practically disbelieved right at the heart of all Future Permanent ACTive matters and measures.
And here’s news of someone who agrees and whom you might like to think knows what he’s talking about, given the position he holds and is paid to champion. ..... although one would have to admit and concede that is hardly any sound basis for carte blanche recommendation of quality given the choice disasters which are the UK’s Prime Minister and Chancellor of the Exchequer appointments. Methinks they be as cuckoos and cuckolds in what should be a Golden Eagle’s nest.
The world we are facing is a world of radical uncertainty.The speed and scope of change is exceptional. We should not try to deny it. We should not try to resist it. It would be a futile effort. We have to accept it and to adapt [to] it, prioritising flexibility and resilience.
But uncertainty is the rule. Events that one could imagine that they will never happen, they are happening one after the other.
At this pace, the black swan will be the majority. It will not be white swans – all of them will be black – because one after the other, things have happened that had a very low probability of happening, nevertheless they happened, and they had a strong impact and certainly they happened. .....European Commission Vice President Josep Borrell
And that is just a few lines of what he had to say from his Opening speech at the EU Ambassadors Annual Conference 2022 which is well worth its few minutes read, although be warned, it does not paint a pleasant present picture. But hey, it is what it is and things are they way they are and ignoring them and pretending that they not important and unchangeable has one recognised as the proverbial useful fool and useless tool.
Considering all the obviously false assumptions and incompetence coming from EX perts, i would rather talk to the perts who obviously tossed the EX perts out.
Then again, "expert" has really lost its value as a title during the CoViD hysterics so whenever i hear someone proclaimed an expert in whatever field, i dont expect such individuals to spout anything worth listening to.
Sad to see that whatever title was meant for competent individuals is abused so often that its transformed into a warning sign to not expect anything useful, coherent or competent whenever such title bearers open their biological or technical media outlets.
PC design is still stand-alone.
It is possible to create secure client devices that dynamically verify through a chain of authority.
We have smart brains, and banks have the money and an incentive to resolve this.
Clean slate. Build on ideas like Secure Mobile Architecture.
Just don't use stand-alone thinking.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
