Automobile design is not only shared with designers but also with engineers under CE. CE is a method of integration for designing and developing products (Andersen, 2004 Sapuan & Mansor, 2014). Also, concurrent engineering (CE) is popular in manufacturing companies. For example, automobile design involves teamwork each designer contributes from his or her experienced knowledge base.
However, real product design requires collaborative work. Usually, at the CST, each student learns 2D and 3D design using CAD software individually in these classes. Similarly, electrical engineering students learn the basic concept of design of electrical installation for residential and commercial buildings (Muramatsu & Wangmo, 2017). Also, at the same institution, civil engineering students learn design and construction of facilities such as buildings and bridges in the second year of the four-year course. For example, all first-year students learn 2D and 3D modeling using AutoCAD as 3D Computer-Aided Design (CAD) software at the College of Science and Technology (CST), Royal University of Bhutan (RUB). It’s not a novel technique, but our correlation of the indicators of compromise (IoCs) suggests that a potentially sustained, cybercriminal operation took advantage of this platform.Design education is important at universities and colleges for engineering and technology (Sheppard & Jeniso, 1997 Dym, Agogino, Eris, Frey, & Leifer, 2005). We found that after they were downloaded and executed, the RATs/ backdoors would phone back to their respective command-and-control servers, which are resolvable via free DNS services. The payloads we saw during our research-remote access tools (RATs)-are also notable.
It resembled the way Google Drive was misused as a repository of stolen data, for instance. Abusing A360 as a malware delivery platform can enable attacks that are less likely to raise red flags.
We saw a similar-albeit a lot simpler and less creative-attack on Autodesk® A360, comparable to the way file-sharing sites are being used to host malware.
GitHub was misused this way when the Winnti group used it as a conduit for its C&C communications. Cloud-based storage platforms have a history of cybercriminal abuse, from hosting malicious files and directly delivering malware to even making them part of a command-and-control (C&C) infrastructure.
0 kommentar(er)
