ASUS ROG Zephyrus Duo 16 review: When two screens are better than one

Whenever I’m away from my desk and dual monitors, it feels like an out-of-body experience. I’m constantly yearning for just a little more screen space. But when you’re traveling, what are you supposed to do? Sure, you can get a portable monitor, but th…

North Korean hackers are using ransomware to attack healthcare providers, feds warn

State-sponsored North Korean hackers have been targeting healthcare providers since at least May 2021, according to the US government. The FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of the Treasury have issued a joint advisory warning healthcare organizations about the attackers’ MO. Apparently, they’ve been using a ransomware called Maui to encrypt healthcare organizations’ computers and then demanding payment from the victims to get their networks unlocked. The agencies’ warning contains information about Maui, including its indicators of compromise and the techniques the bad actors use, which they got from a sample obtained by the FBI. 

The agencies said the attackers locked up healthcare providers’ electronic health records services, diagnostics services, imaging services and intranet services, among others. In some cases, the attacks kept the providers out of their systems and disrupted the services they provide for prolonged periods. 

According to the agencies’ advisory, the malware is manually executed by a remote actor once it’s in the victim’s network. They “highly discourage” paying ransom, since that doesn’t ensure that the bad actors will give victims the keys to unlock their files. However, the agencies admit that the attackers will most likely continue targeting organizations in the healthcare sector. “The North Korean state-sponsored cyber actors likely assume healthcare organizations are willing to pay ransoms because these organizations provide services that are critical to human life and health,” they said.

The agencies are now urging healthcare providers to employ mitigation techniques and to prepare for possible ransomware attacks by installing software updates, maintaining offline backups of data and concocting a basic cyber incident response plan. For those wondering what happens to the funds North Korea gets from operations like this: Earlier this year, a United Nations report revealed that the country has been using cryptocurrency stolen by state-sponsored hackers to fund its nuclear and ballistic missile programs. 

Healthcare providers have been a prime target for ransomware-using bad actors for quite a while now, especially since the pandemic started. In 2020, FBI and CISA issued a joint advisory warning hospitals and healthcare providers that they’re in danger of being targeted by a ransomware attack. Russian-speaking criminal gang UNC1878 and other attackers targeted healthcare organizations in the height of the pandemic, giving some victims no choice but to comply with their demands as they struggled to save people’s lives.

Rivian says it’s still on track to produce 25,000 vehicles despite production woes

Moreso than most automakers, Rivian has had a tough 2022. At the start of the year, the company, blaming inflation and component shortages, raised the base price of its quad-motor R1T pickup truck by a whopping $12,000. And while it went on to quickly …

Extreme sports Apple Watch could feature an expansive 2-inch display

Apple’s long-rumored extreme sports Series 8 Watch could ship with the company’s largest smartwatch display to date. According to Bloomberg’s Mark Gurman, the forthcoming wearable features a screen that measures almost 2 inches diagonally and has a 410…

Elaborate hack of ‘Axie Infinity’ tied to fake LinkedIn job offer

Axie Infinity was the prime example of crypto gaming last year, when its play-to-earn formula helped it reach up to 2.7 million daily active users last November. But that all came crashing down in March, when hackers stole $625 million from the Ethereum-linked Ronin sidechain powering the game. Now, it turns out, the source of that hack came from an unlikely source: A fake job offer from LinkedIn. 

As The Block reports (via The Verge) based on two sources, the hackers infiltrated Axie Infinity owner Sky Mavin’s network by sending a spyware-filled PDF to one employee. That person thought they were accepting a high-paying job from another firm, but it turns out that company never existed. According to the US government, North Korean hacker group Lazarus was behind the attack. 

“Employees are under constant advanced spear-phishing attacks on various social channels and one employee was compromised,” Sky Mavis noted in a post-mortem blog post following the hack. “This employee no longer works at Sky Mavis. The attacker managed to leverage that access to penetrate Sky Mavis IT infrastructure and gain access to the validator nodes.”

Axie Infinityspun back up last week, and it’s still relying on the Ronin sidechain, albeit with stricter security measures. The company raised its validator nodes to 11 in April, up from 9 previously, which makes it more difficult for attackers to gain control of the network. (Lazarus gained access to 5 nodes to achieve its hack, including one from the Axie DAO [Decentralized Autonomous Organization].) And it’s also implementing a “circuit-breaker” system to flag large withdrawals. 

While this hack was clearly meticulously planned and required a significant amount of technical skill, it ultimately hung on a classic vulnerability: social engineering. 

Grab ‘The Matrix Awakens’ Unreal demo before it’s delisted on July 9th

Time is running out to download Epic Games’ The Matrix Awakens. The free open-world interactive demo made with Unreal Engine 5 will be removed from the PlayStation and Xbox stores on July 9th. Luckily, players can still access the game an unlimited amo…