News
-
"Chrome 114 Update Patches Critical Vulnerability"Google recently announced a new Chrome 114 update that resolves five vulnerabilities, including four critical and high-severity bugs reported by external researchers. Google noted that the most important of these issues is CVE-2023-3214, a critical…
-
"E-Commerce Firms Are Top Targets for API, Web Apps Attacks"According to a new report by Akamai, hackers launched 14 billion attacks against the e-commerce industry in 15 months, placing it at the top of the list of targets for Application Programming Interface (API) and web application exploits. Researchers…
-
"Hackers Can Steal Cryptographic Keys by Video-Recording Power LEDs 60 Feet Away"Researchers have developed a novel attack that recovers the secret encryption keys in smart cards and smartphones by using iPhone cameras or commercial surveillance systems to video record the power LEDs that glow when the card reader or smartphone is on…
-
"LLM meets Malware: Starting the Era of Autonomous Threat"Researchers at B42 Labs have shared some findings from their exploratory research on the application of Large Language Models (LLMs) to malware automation, examining how a potential new type of autonomous threat may manifest in the near future. The…
-
"New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs"Skuld is a new Golang-based information stealer that has compromised Windows systems in Europe, Southeast Asia, and the US. According to Trellix researcher Ernesto Fernández Provecho, this new strain of malware attempts to steal sensitive information…
-
"Fake Zero-Day PoC Exploits on GitHub Push Windows, Linux Malware"Hackers are posing as cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept (PoC) exploits for zero-day vulnerabilities that infect Windows and Linux with malware. The alleged researchers advertise these malicious exploits…
-
"Switzerland Under Cyberattack"Swiss government websites are being hit with Distributed Denial-of-Service (DDoS) attacks, but several ransomware gangs have also been targeting Swiss government organizations, cantonal governments, cities, and companies in the last few months. The Swiss…
-
"Chinese Threat Actor Abused ESXi Zero-Day to Pilfer Files From Guest VMs"A Chinese cyber espionage group that researchers previously spotted targeting VMware ESXi hosts has been exploiting a zero-day authentication bypass flaw in the virtualization technology to execute privileged commands on guest Virtual Machines (VMs).…
-
"Robot Can Rip the Data Out of RAM Chips With Chilling Technology"Cold boot attacks, in which memory chips are cooled and data, including encryption keys, are stolen, were first demonstrated in 2008. The original attack has been improved and automated in the form of a memory-stealing machine that costs about $2,000. At…
-
"USTC Achieves Thousand-Kilometer Quantum Key Distribution"Scientists from the University of Science and Technology of China (USTC) of the Chinese Academy of Sciences (CAS) and their collaborators from Tsinghua University, Jinan Institute of Quantum Technology, and Shanghai Institute of Microsystem and…
-
"Xplain Data Breach Also Impacted the National Swiss Railway FSS"The Play ransomware attack faced by the Information Technology (IT) services provider Xplain is worse than initially anticipated, as the national railway company of Switzerland (FSS) and the canton of Aargau were also affected. The Bernese IT company…
-
"France Says it Thwarted Attack on Websites From Russian State-Linked Actors"France's foreign minister recently announced that France had prevented a hybrid digital attack on the ministry's website, likely carried out by Russian state-linked actors, along with attacks on other government websites and French media sites. …