"Seagate Faces Counterfeit Hard Drive Scam: Global HDD Maker Aware of Used Seagate Drives Being Sold"
Seagate Exos and IronWolf Pro hard drives are being targeted by scammers who alter QR codes, drive serial numbers, and tamper with SMART parameters to make used hard drives appear unused. Experts warn that counterfeit Seagate hard drives can log thousands of hours of operation despite being powered on for only a few minutes. To verify a drive's true condition, users can use tools like smartmontools to retrieve hidden operational data.
The fact that scammers are exploiting the FARM value system used by Seagate but not by Toshiba and Western Digital highlights the importance of understanding the specific security measures in place for each brand.
What role do regulatory bodies play in policing the counterfeit hard drive market, particularly when it comes to global brands like Seagate with a large customer base?
Seagate's ongoing issues with counterfeit hard drive sales have taken a new turn, as scammers have discovered methods to manipulate Field Accessible Reliability Metrics (FARM) values, making it difficult for consumers to detect tampered devices. This latest development presents a significant challenge for Seagate and its customers, who must now find alternative ways to verify the authenticity of their purchases. The company has advised resellers to buy drives only from certified distribution partners to ensure authenticity.
The growing sophistication of counterfeiters' tactics highlights the need for more robust anti-counterfeiting measures in the electronics industry, particularly when it comes to highly regulated components like hard drive parts.
As consumers become increasingly savvy about spotting fake products, will manufacturers and regulators be able to keep pace with the evolving landscape of counterfeiting and intellectual property theft?
Well-known hardware reviewers aren't immune to tech retail fakers, and to demonstrate this, Hardware Busters has shared images of a counterfeit AMD Ryzen 7 9800X3D and its packaging. Dealing with fakes seems to be part and parcel of being a tech enthusiast nowadays, but luckily Aris from Hardware Busters will very likely get his money back, via the returns process he has now begun on Amazon.de. The use of fake CPUs highlights the need for increased scrutiny when purchasing components online. Counterfeit parts can have serious consequences, including damage to motherboards and harm to consumers.
The proliferation of counterfeit chips underscores the importance of verifying component authenticity before making a purchase.
How will ongoing efforts to combat counterfeiting impact the overall health and trustworthiness of online tech retailers?
A broad overview of the four stages shows that nearly 1 million Windows devices were targeted by a sophisticated "malvertising" campaign, where malware was embedded in ads on popular streaming platforms. The malicious payload was hosted on platforms like GitHub and used Discord and Dropbox to spread, with infected devices losing login credentials, cryptocurrency, and other sensitive data. The attackers exploited browser files and cloud services like OneDrive to steal valuable information.
This massive "malvertising" spree highlights the vulnerability of online systems to targeted attacks, where even seemingly innocuous ads can be turned into malicious vectors.
What measures will tech companies and governments take to prevent such widespread exploitation in the future, and how can users better protect themselves against these types of attacks?
Microsoft has confirmed that its Windows drivers and software are being exploited by hackers through zero-day attacks, allowing them to escalate privileges and potentially drop ransomware on affected machines. The company patched five flaws in a kernel-level driver for Paragon Partition Manager, which were apparently found in BioNTdrv.sys, a piece of software used by the partition manager. Users are urged to apply updates as soon as possible to secure their systems.
This vulnerability highlights the importance of keeping software and drivers up-to-date, as outdated components can provide entry points for attackers.
What measures can individuals take to protect themselves from such attacks, and how can organizations ensure that their defenses against ransomware are robust?
The Department of Justice has criminally charged 12 Chinese nationals for their involvement in hacking over 100 US organizations, including the Treasury, with the goal of selling stolen data to China's government and other entities. The hackers used various tactics, including exploiting email inboxes and managing software, to gain access to sensitive information. China's government allegedly paid "handsomely" for the stolen data.
The sheer scale of these hacks highlights the vulnerability of global networks to state-sponsored cyber threats, underscoring the need for robust security measures and cooperation between nations.
What additional steps can be taken by governments and private companies to prevent similar hacks in the future, particularly in industries critical to national security?
YouTube creators have been targeted by scammers using AI-generated deepfake videos to trick them into giving up their login details. The fake videos, including one impersonating CEO Neal Mohan, claim there's a change in the site's monetization policy and urge recipients to click on links that lead to phishing pages designed to steal user credentials. YouTube has warned users about these scams, advising them not to click on unsolicited links or provide sensitive information.
The rise of deepfake technology is exposing a critical vulnerability in online security, where AI-generated content can be used to deceive even the most tech-savvy individuals.
As more platforms become vulnerable to deepfakes, how will governments and tech companies work together to develop robust countermeasures before these scams escalate further?
Servers used in a fraud case that Singapore announced last week were supplied by U.S. firms and may have contained Nvidia's advanced chips, a government minister said on Monday. Three men, including a Chinese national, were charged with fraud last week in Singapore, with domestic media linking the case to the transfer of Nvidia's AI chips from Singapore to Chinese artificial intelligence firm DeepSeek. The servers involved in the case were supplied by Dell Technologies and Super Micro Computer to Singapore-based companies before they were sent to Malaysia.
The involvement of U.S. firms in the supply chain highlights the complexities of global trade and the ease with which sensitive technologies can be diverted for illicit purposes.
What role will international cooperation play in uncovering the full extent of Nvidia's AI chips being smuggled into China, and how might this impact global efforts to combat organized smuggling?
The Singaporean government has revealed that servers involved in a recent fraud case may have contained Nvidia's advanced chips, supplied by U.S. firms Dell Technologies and Super Micro Computer before being sent to Malaysia. The move raises concerns about the potential misuse of these chips by the Chinese company DeepSeek, which was at the center of the alleged chip movement scandal. Authorities are now investigating the case independently, with Singapore asking the US authorities if the servers contained U.S. export control items.
This revelation underscores the global nature of technological supply chains and the need for closer monitoring to prevent sensitive information from falling into the wrong hands.
Will the investigation into Nvidia's role in this scandal lead to greater scrutiny of U.S. tech companies' exports to countries with strict export controls?
A 37-year-old Tennessee man has been arrested for allegedly stealing Blu-rays and DVDs from a manufacturing and distribution company used by major movie studios and sharing them online before the movies' scheduled release dates, resulting in significant financial losses to copyright owners. The alleged DVD thief, Steven Hale, is accused of bypassing encryption that prevents unauthorized copying and selling stolen discs on e-commerce sites, causing an estimated loss of tens of millions of dollars. This arrest marks a growing trend in law enforcement efforts to curb online piracy.
As the online sharing of copyrighted materials continues to pose a significant threat to creators and copyright owners, it's essential to consider whether stricter regulations or more effective penalties would be more effective in deterring such behavior.
How will the widespread availability of pirated content, often fueled by convenience and accessibility, impact the long-term viability of the movie industry?
The hackers who stole around $1.4 billion in cryptocurrency from crypto exchange Bybit have moved nearly all of the robbed proceeds and converted them into Bitcoin, in what experts call the first phase of the money-laundering operation. This digital heist is considered one of the largest in history, with blockchain monitoring firms and researchers accusing the North Korean government of being behind it. The hackers' ability to launder the funds quickly highlights the challenges for investigators trying to track down the stolen cryptocurrency.
The sophisticated methods used by these hackers expose the vulnerabilities of traditional anti-money laundering (AML) mechanisms and highlight the need for more effective tools to combat cybercrime.
What role will international cooperation play in bringing those responsible for this heist to justice, particularly if it involves governments and underground networks?
Hackers are exploiting Microsoft Teams and other legitimate Windows tools to launch sophisticated attacks on corporate networks, employing social engineering tactics to gain access to remote desktop solutions. Once inside, they sideload flawed .DLL files that enable the installation of BackConnect, a remote access tool that allows persistent control over compromised devices. This emerging threat highlights the urgent need for businesses to enhance their cybersecurity measures, particularly through employee education and the implementation of multi-factor authentication.
The use of familiar tools for malicious purposes points to a concerning trend in cybersecurity, where attackers leverage trust in legitimate software to bypass traditional defenses, ultimately challenging the efficacy of current security protocols.
What innovative strategies can organizations adopt to combat the evolving tactics of cybercriminals in an increasingly digital workplace?
Researchers have uncovered a network of fake identities created by North Korean cybercriminals, all looking for software development work in Asia and the West. The goal is to earn money to fund Pyongyang's ballistic missile and nuclear weapons development programs. By creating these fake personas, hackers are able to gain access to companies' back ends, steal sensitive data, or even get paid.
This latest tactic highlights the evolving nature of cybercrime, where attackers are becoming increasingly sophisticated in their methods of deception and social engineering.
Can companies and recruiters effectively identify and prevent such scams, especially in the face of rapidly growing online job boards and freelance platforms?
A "hidden feature" was found in a Chinese-made Bluetooth chip that allows malicious actors to run arbitrary commands, unlock additional functionalities, and extract sensitive information from millions of Internet of Things (IoT) devices worldwide. The ESP32 chip's affordability and widespread use have made it a prime target for cyber threats, putting the personal data of billions of users at risk. Cybersecurity researchers Tarlogic discovered the vulnerability, which they claim could be used to obtain confidential information, spy on citizens and companies, and execute more sophisticated attacks.
This widespread vulnerability highlights the need for IoT manufacturers to prioritize security measures, such as implementing robust testing protocols and conducting regular firmware updates.
How will governments around the world respond to this new wave of IoT-based cybersecurity threats, and what regulations or standards may be put in place to mitigate their impact?
The average scam cost the victim Β£595, report claims. Deepfakes are claiming thousands of victims, with a new report from Hiya detailing the rising risk and deepfake voice scams in the UK and abroad, noting how the rise of generative AI means deepfakes are more convincing than ever, and attackers can leverage them more frequently too. AI lowers the barriers for criminals to commit fraud, and makes scamming victims easier, faster, and more effective.
The alarming rate at which these scams are spreading highlights the urgent need for robust security measures and education campaigns to protect vulnerable individuals from falling prey to sophisticated social engineering tactics.
What role should regulatory bodies play in establishing guidelines and standards for the use of AI-powered technologies, particularly those that can be exploited for malicious purposes?
Microsoft's Threat Intelligence has identified a new tactic from Chinese threat actor Silk Typhoon towards targeting "common IT solutions" such as cloud applications and remote management tools in order to gain access to victim systems. The group has been observed attacking a wide range of sectors, including IT services and infrastructure, healthcare, legal services, defense, government agencies, and many more. By exploiting zero-day vulnerabilities in edge devices, Silk Typhoon has established itself as one of the Chinese threat actors with the "largest targeting footprints".
The use of cloud applications by businesses may inadvertently provide a backdoor for hackers like Silk Typhoon to gain access to sensitive data, highlighting the need for robust security measures.
What measures can be taken by governments and private organizations to protect their critical infrastructure from such sophisticated cyber threats?
Cybersecurity experts have successfully disrupted the BadBox 2.0 botnet, which had compromised over 500,000 low-cost Android devices by removing numerous malicious apps from the Play Store and sinkholing multiple communication domains. This malware, primarily affecting off-brand devices manufactured in mainland China, has been linked to various forms of cybercrime, including ad fraud and credential stuffing. Despite the disruption, the infected devices remain compromised, raising concerns about the broader implications for consumers using uncertified technology.
The incident highlights the vulnerabilities associated with low-cost tech products, suggesting a need for better regulatory measures and consumer awareness regarding device security.
What steps can consumers take to protect themselves from malware on low-cost devices, and should there be stricter regulations on the manufacturing of such products?
Singaporean authorities have cracked down on alleged smugglers of advanced Nvidia chips, arresting three individuals accused of diverting restricted technology to Malaysia. The investigation revolves around servers containing Nvidia components, allegedly supplied by Dell and Supermicro, raising concerns about China's attempts to circumvent US export controls. As the global semiconductor industry faces increasing scrutiny, Singapore's actions may signal a growing willingness to take action against illicit activities.
This incident highlights the ongoing cat-and-mouse game between nations seeking to acquire advanced technologies and those enforcing strict export controls, underscoring the need for robust cybersecurity measures.
What role will international cooperation play in preventing the diversion of restricted technology, particularly as China continues to push the boundaries of US export control regulations?
Apple's appeal to the Investigatory Powers Tribunal may set a significant precedent regarding the limits of government overreach into technology companies' operations. The company argues that the UK government's power to issue Technical Capability Notices would compromise user data security and undermine global cooperation against cyber threats. Apple's move is likely to be closely watched by other tech firms facing similar demands for backdoors.
This case could mark a significant turning point in the debate over encryption, privacy, and national security, with far-reaching implications for how governments and tech companies interact.
Will the UK government be willing to adapt its surveillance laws to align with global standards on data protection and user security?
Singapore's recent fraud case has unveiled a potential smuggling network involving AI chips, raising concerns for Nvidia, Dell, and regulatory bodies worldwide. Three individuals have been charged in connection with the case, which is not tied to U.S. actions but coincides with heightened scrutiny over AI chip exports to China. The investigation's implications extend beyond Singapore, potentially affecting the entire semiconductor supply chain and increasing pressure on major companies like Nvidia and Dell.
This incident reflects the growing complexities and geopolitical tensions surrounding the semiconductor industry, highlighting the interconnectedness of global supply chains in the face of regulatory challenges.
What might be the long-term consequences for Nvidia and its competitors if regulatory scrutiny intensifies in the AI chip market?
Microsoft has identified and named four individuals allegedly responsible for creating and distributing explicit deepfakes using leaked API keys from multiple Microsoft customers. The group, dubbed the βAzure Abuse Enterpriseβ, is said to have developed malicious tools that allowed threat actors to bypass generative AI guardrails to generate harmful content. This discovery highlights the growing concern of cybercriminals exploiting AI-powered services for nefarious purposes.
The exploitation of AI-powered services by malicious actors underscores the need for robust cybersecurity measures and more effective safeguards against abuse.
How will Microsoft's efforts to combat deepfake-related crimes impact the broader fight against online misinformation and disinformation?
Cloud storage is better, faster, and more affordable per gigabyte than ever before. However, relying solely on cloud storage can leave users vulnerable to data breaches, loss of access due to internet outages, and slower recovery times. Storing data locally on a physical drive provides greater speed, availability, and control over sensitive information. Local storage also offers security and compliance benefits, such as avoiding foreign laws and regulations that may apply to overseas data.
Cloud storage can be less secure than local storage, making it more vulnerable to cyber attacks and data breaches.
What measures will cloud providers take to ensure the long-term availability and security of user data in the event of a catastrophic failure or global shutdown?
Buyers in approved countries like Taiwan and Malaysia are buying Nvidia Blackwell chips and selling a portion of them to Chinese companies, highlighting the challenges of upholding export controls on semiconductor chips made in the US. The loopholes in the system allow for anonymous traders to acquire and resell these resources to companies in China, bypassing the restrictions imposed by the US government. Despite efforts to restrict exports, Nvidia claims that unauthorized diversion of its products is being investigated and addressed.
The current export control mechanisms demonstrate a significant gap between policy intentions and practical implementation, allowing malicious actors to exploit loopholes for their own gain.
How can policymakers and industry leaders work together to strengthen export controls and prevent the misuse of advanced technologies like AI and semiconductor chips?
The modern-day cyber threat landscape has become increasingly crowded, with Advanced Persistent Threats (APTs) becoming a major concern for cybersecurity teams worldwide. Group-IB's recent research points to 2024 as a 'year of cybercriminal escalation', with a 10% rise in ransomware compared to the previous year, and a 22% rise in phishing attacks. The "Game-changing" role of AI is being used by both security teams and cybercriminals, but its maturity level is still not there yet.
This move signifies a growing trend in the beauty industry where founder-led companies are reclaiming control from outside investors, potentially setting a precedent for similar brands.
How will the dynamics of founder ownership impact the strategic direction and innovation within the beauty sector in the coming years?
Security researchers spotted a new ClickFix campaign that has been abusing Microsoft SharePoint to distribute the Havoc post-exploitation framework. The attack chain starts with a phishing email, carrying a "restricted notice" as an .HTML attachment, which prompts the victim to update their DNS cache manually and then runs a script that downloads the Havoc framework as a DLL file. Cybercriminals are exploiting Microsoft tools to bypass email security and target victims with advanced red teaming and adversary simulation capabilities.
This devious two-step phishing campaign highlights the evolving threat landscape in cybersecurity, where attackers are leveraging legitimate tools and platforms to execute complex attacks.
What measures can organizations take to prevent similar ClickFix-like attacks from compromising their SharePoint servers and disrupting business operations?
USB flash drives, while convenient for data transfer, often vary significantly in quality, which can lead to issues regarding data integrity and security. Many inexpensive USB sticks utilize outdated technology and inferior flash memory, raising concerns about their reliability for sensitive information storage. Understanding the specifications, capacities, and potential pitfalls of these devices is crucial for making informed purchasing decisions.
The increasing prevalence of low-quality USB drives highlights the importance of consumer awareness and skepticism, especially when purchasing from unfamiliar sources or at suspiciously low prices.
What measures can manufacturers implement to enhance the reliability of USB flash drives and protect consumers from potential data loss?