Image by Freepik

• Written by Kiara Fabbri Former Tech News Writer
• Fact-Checked by Sarah Frazier Former Content Manager

In a Rush? Here are the Quick Facts!

• AWS offers $110 million in credits for AI researchers using Trainium chips.
• AWS plans to provide 40,000 first-generation Trainium chips for the program.
• AWS allows customers to directly program Trainium chips.

On Tuesday, AWS revealed it will provide up to $110 million in credits for researchers to access its cloud data centers, where they can use Trainium, a chip designed for developing AI models, as reported by Reuters.

This move positions AWS against rivals like Nvidia, Advanced Micro Devices (AMD), and Alphabet’s cloud division, said Reuters.

AWS has partnered with Carnegie Mellon University and the University of California, Berkeley, to kick off the program. The company will make 40,000 first-generation Trainium chips available to participating researchers, sais Reuters.

The initiative comes as AWS faces increased competition from Microsoft in the cloud computing sector, particularly as developers seek out new types of chips for AI workloads. Gadi Hutt, who leads AWS’s AI chip business development, explained that AWS’s strategy differs from Nvidia’s, reports Reuters.

While most AI developers use Nvidia’s Cuda software to program its chips, AWS will provide documentation on its chips’ instruction set architecture, allowing customers to program the Trainium chips directly, as reported by Reuters.

This approach targets large-scale customers who may want to optimize performance across extensive cloud computing resources, said Reuters.

Reuters reports that Hutt emphasized that the ability to tweak the chips directly could lead to significant gains in efficiency and cost reductions, particularly for companies spending large amounts on computing infrastructure.

Image by DC Studio, from Freepik

Hackers Target Aerospace With Fake Job Offers and Hidden Malware

• Written by Kiara Fabbri Former Tech News Writer
• Fact-Checked by Sarah Frazier Former Content Manager

In a Rush? Here are the Quick Facts!

• The campaign uses LinkedIn profiles and fake companies to deliver SnailResin malware.
• The malware bypasses antivirus by hiding in legitimate cloud services like GitHub.
• The campaign has targeted organizations since September 2023, constantly changing tactics.

A recent cyber campaign, known as the “Iranian Dream Job” campaign, is targeting employees in the aerospace, aviation, and defense sectors by promising attractive job offers.

Cybersecurity firm ClearSky revealed that this campaign is the work of a group linked to the Iranian hacking organization known as “Charming Kitten” (also referred to as APT35).

The campaign aims to infiltrate targeted companies and steal sensitive information by tricking individuals into downloading malicious software disguised as job-related materials.

ClearSky says that the “Dream Job” scam involves fake recruiter profiles on LinkedIn, often using bogus companies to lure victims into downloading malware. The malware in question, called SnailResin, infects the victim’s computer, enabling the hackers to gather confidential data and monitor activities within the network.

ClearSky notes that these hackers have refined their techniques, such as using genuine cloud services like Cloudflare and GitHub to hide malicious links, making detection challenging.

Interestingly, the Iranian hackers have adopted tactics from North Korea ‘s Lazarus Group, who pioneered the “Dream Job” scam back in 2020. By mirroring Lazarus’ approach, Iranian hackers mislead investigators, making it harder to trace the attacks back to them.

ClearSky explains that the attack uses a method called DLL side-loading, which allows malware to infiltrate a computer by posing as a legitimate software file. This technique, along with the use of encrypted files and complex coding, helps the hackers bypass common security measures.

According to ClearSky, the malware successfully evades many antivirus programs, with only a few security tools able to identify it. Since September 2023, Iran’s “Dream Job” campaign has adapted and evolved, regularly updating its tactics and malware to stay one step ahead of cybersecurity defenses, says ClearSky.

Major cybersecurity firms, including Mandiant, have detected its activity across various countries, especially in the Middle East, notes ClearSky. They highlight its persistence and sophistication, noting that the campaign’s structure changes frequently, making it a constant threat to the targeted industries.

ClearSky warns that organizations in aerospace, defense, and similar high-stakes sectors should stay vigilant and adopt proactive measures to combat these types of attacks.

By educating employees about the risks of phishing and fake job offers and implementing robust security protocols, companies can help reduce vulnerability to these highly deceptive cyber threats.