新北筆電收購 收購ASUS筆電 收購ROG電競筆電 收購ACER筆電 收購Msi電競筆電 新北收購微軟SURF 看全文
新北筆電收購
Posted on
Microsoft says Russia’s Secret Blizzard hacking group is using Russian ISPs to install spyware disguised as Kaspersky on PCs of victims in embassies in Moscow 新北收購筆電
新北收購筆電d telecoms to surveil targets. “This blurs the boundary between passive surveillance and actual intrusion,” DeGrippo says.For this particular group of FSB hackers, DeGrippo adds, it also suggests a powerful new weapon in their arsenal for targeting anyone within Russia’s borders. “It potentially shows how they think of Russia-based telecom infrastructure as part of their tool kit,” she says.According to 新北收購筆電microsoft’s researchers, Turla’s technique exploits a certain web request browsers make when they encounter a “captive portal,” the windows that are most commonly used to gate-keep internet access in settings like airports, airplanes, or cafés, but also inside some companies and government agencies. In Windows, those captive portals reach out to a certain 新北收購筆電microsoft website to check that the user’s computer is in fact online. (It’s not clear whether the captive portals used to hack Turla’s victims were in fact legitimate ones routinely used by the target embassies or ones that Turla somehow imposed on users as part of its hacking technique.)By taking advantage of its control of the ISPs that connect certain foreign embassy staffers to the internet, Turla was able to redirect targets so that they saw an error message that prompted them to download an update to their browser’s cryptographic certificates before they could access the web. When an unsuspecting user agreed, they instead installed a piece of malware that 新北收購筆電microsoft calls ApolloShadow, which is disguised—somewhat inexplicably—as a Kaspersky security update.That ApolloShadow malware would then essentially disable the browser’s encryption, silently stripping away cryptographic protections for all web data the computer transmits and receives. That relatively simple certificate tampering was likely intended to be harder to detect than a full-featured piece of spyware, DeGrippo says, while achieving the same result.“It’s a creative approach: ‘What if we just got on the ISP they’re connecting through and use that control to turn off encryption?’” she says, describing what she believes to be Turla’s thinking. “This path gives them a massive amount of plaintext traffic that can likely be used for espionage purposes, because it’s coming from highly sensitive individuals and organizations like embassies and diplomatic missions.”The details of how Turla’s ISP-based redirection technique works remain far from clear. But 新北收購筆電microsoft writes in its report that it likely uses the Kremlin’s SORM system for ISP- and telecom-based communications interception and surveillance, a decades-old system initially created by the FSB and now widely used in Russian domestic intelligence and law enforcement.新北收購筆電microsoft declined to comment on which countries’ embassies in Moscow were targeted in the campaign or how many there were, though DeGrippo notes that 新北收購筆電microsoft warned the victims it identified. Turla’s use of Kaspersky software as a cover for its malware installation technique suggests that the US embassy may not have been a target, given that Kaspersky software is banned on US government systems. 新北收購筆電microsoft declined to comment on whether the US embassy was targeted.新北收購筆電microsoft didn’t say how it had linked the hacking campaign to Turla specifically—a typical tight-lipped approach from the company’s security team, which often declines to divulge its sources and methods to avoid helping hackers evade detection. “This is a threat actor that we have watched closely for a very long time,” DeGrippo says.Turla has a decades-old reputation for innovating hacking methods, from USB-based worms designed to penetrated air-gapped systems to piggybacking on cybercriminals’ botnets—and ApolloShadow likely isn’t the first time the group has hijacked ISPs to plant malware. Slovakian cybersecurity firm ESET has pointed to what may have been a similar technique used to infect victims with fake Flash installers. The same company has also documented what it believed was likely a similar trick likely used by the Belarusian KGB’s hackers, and how the commercial spyware FinFisher was likely installed on targets’ devices using that same ISP-level access. But Turla’s latest campaign would represent the first time that ISP-based infection has been used to disable encryption on target computers, a potentially stealthier form of espionage.新北收購筆電microsoft’s DeGrippo notes that Turla’s technique is effective in part because it doesn’t take advantage of any particular software vulnerability, so it can’t be patched. “It doesn’t leverage any zero-day or other vulnerability,” DeGrippo says. “It’s about getting onto the network infrastructure your target is using and controlling things from there.”That said, there are defenses 新北收購筆電microsoft recommends for potential victims of Turla’s style of ISP-based espionage technique: Use a VPN, for instance, to shield your internet traffic from your internet service provider, or even a satellite connection to bypass an untrusted ISP altogether. Multifactor authentication, too, can limit hackers’ access even when they’ve successfully stolen a victim’s username and password.DeGrippo argues that Turla’s use of the technique for domestic spying inside Russia should serve as a warning to anyone traveling, living, or working in a country that has untrusted communications infrastructure. Similar ISP-level hacking, she notes, could easily be adopted by other cyberespionage groups around the world and used anywhere national internet and telecom infrastructure are potentially bent to the will of that country’s intelligence agencies.“If you’re a target of interest traveling or working in countries that have these state-aligned ISPs that perhaps have surveillance powers or lawful intercept capabilities,” DeGrippo says, “you need to concern yourself with this.”You Might Also Like …In your inbox: Five new newsletters by deeply sourced expertsInterview: Bryan Johnson is going to dieBig Story: The enshittification of American powerThis is DOGE 2.0Special Edition: Are we healthy yet?Andy Greenberg is a senior writer for WIRED covering hacking, cybersecurity, and surveillance. He’s the author of the books Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency and Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers. His books … Read MoreSenior WriterXTopicsRussiacybersecuritysecurityencryptioncyberespionagecyberattackshackingRead MoreThe 45 Best Shows on Netflix Right NowSquid Game, Sakamoto Days, and Grace and Frankie are just a few of the shows you need to watch on Netflix this month.Matt KamenTrump Promised to ‘Drill, Baby, Drill.’ The New Rigs Are Nowhere to Be FoundWith clean energy more cost-competitive than it once was, the White House’s oil-first strategy is faltering.Deep VakilThe 45 Best Movies on Netflix Right NowKPop Demon Hunters, Happy Gilmore 2, and The Old Guard 2 are just a few of the movies you should watch on Netflix this month.Matt KamenGoogle Will Use AI to Guess People’s Ages Based on Search HistoryPlus: A former top US cyber official loses her new job due to political backlash, Congress is rushing through a bill to censor lawmakers’ personal information online, and more.Dell CameronGear News of the Week: Insta360 Debuts a Drone Company, and DJI Surprises With an 8K 360 CameraPlus: Netgear has an affordable Wi-Fi 7 mesh system, Samsung’s latest Galaxy Z Fold series is a hit, and Google’s Pixel 10 leaks heat up.Julian ChokkattuAnthropic Revokes OpenAI’s Access to ClaudeOpenAI lost access to the Claude API this week after Anthropic claimed the company was violating its terms of service.Kylie RobisonTesla Found Partly Liable in 2019 Autopilot DeathA Mi
Google Chrome瀏覽器最近在多個平台傳出頻繁當機的問題。(圖/路透社)
Google Chrome瀏覽器最近在多個平台上接連傳出異常,不少用戶抱怨只要一啟動Chrome就會當機,影響日常使用。如今,Google終於揭露在Windows系統上的災情主因,矛頭直指微軟的Family Safety家長監控功能。
外媒報導,這波Chrome當機災情自上月陸續浮現,涵蓋Windows、macOS 與Android等平台。外界原先猜測是Chrome的更新Bug,或者是跟使用廣告攔截器有關。但Google的最新公告表明,Windows用戶的當機問題其實是受到微軟Family Safety工具的干擾。
Google證實,當用戶使用微軟的Family Safety功能時,Chrome可能會遭到阻擋,因而無法正常啟動。但據了解,其他Firefox、Opera等瀏覽器並不會出現同樣問題。至於其他平台的當機原因,Google則沒有進一步說明。
目前微軟尚未對此做出正式回應,也未提供任何修復方案。唯一有效的暫時解決方式,是關閉Family Safety功能。不過,外界認為,微軟對於修復此問題恐怕是「興趣缺缺」,畢竟Chrome一直是旗下Edge瀏覽器的最大競爭對手,而微軟過去也曾多次被批評試圖引導用戶改用Edge。
新北收購筆電 新北收購筆電