News
-
"Gootloader SEO Watering Hole Malware Targets Law Firms"Gootloader, a Search Engine Optimization (SEO) watering hole technique, has been observed targeting legal-related search terms. It has been identified as a threat to law firms and individuals conducting research online for legal information. According to…
-
"Federated Learning: How Private Is It Really?"Federated Learning (FL) is a popular structure that enables one to learn a Machine Learning (ML) model collaboratively. The classical FL structure involves multiple clients, each with their own local data that they may want to keep private, and a server…
-
"Multiple Flaws Found in the Avada WordPress Theme and Plugin"Multiple vulnerabilities have recently been identified in the widely used Avada theme and its accompanying Avada Builder plugin. Security researchers at Patchstack discovered the flaws. The researchers noted the Avada Builder plugin exhibits…
-
"CISA Discovered a New Backdoor, Named Whirlpool, Used in Barracuda ESG Attacks"Whirlpool, a new backdoor discovered by the US Cybersecurity and Infrastructure Security Agency (CISA), was used in attacks against Barracuda Email Security Gateway (ESG) devices. Barracuda, a provider of network security solutions, warned customers at…
-
"Most VPNs Can Be Tricked Into Leaking Traffic"According to university researchers, nearly 70 Virtual Private Network (VPN) clients and servers are vulnerable to an attack that can cause them to leak user traffic. The multi-campus collaboration named their attack TunnelCrack and has released proof-of…
-
"How Sure Is Sure? Incorporating Human Error Into Machine Learning"Many Artificial Intelligence (AI) systems fail to grasp human error and uncertainty, especially in systems where a human provides the Machine Learning (ML) model with feedback. These systems are often programmed with the assumption that humans are always…
-
"Cybersecurity Project Plans to Connect Researchers Across the Country"As technology advances, the manufacturing industry increasingly adapts to digital instruction, from the production of fighter jets to cars. Mechanical parts can be designed on a computer and sent via the network to a manufacturing machine that follows…
-
"Northern Ireland’s Top Police Officer Apologizes for ‘Industrial Scale’ Data Breach"Northern Ireland’s top police officer recently apologized for what he described as an “industrial scale” data breach in which the personal information of more than 10,000 officers and staff was released to the public. The incident is particularly…
-
"More Than 300K People Affected by Johns Hopkins Data Breach"In June, Johns Hopkins University and Johns Hopkins Health System learned that their systems were among those affected by a broad-based cybersecurity attack that targeted a widely used software platform for transferring data files called MOVEit. …
-
"Computer Security Experts Offer Advice to Freeze Out Risk of Thermal Attacks"A team of computer security experts has devised a set of recommendations to defend against 'thermal attacks' that can steal personal information. Thermal attacks use heat-sensitive cameras to detect fingerprint traces left on surfaces such as smartphone…
-
"New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks"Malicious actors are using a legitimate Rust-based injector called Freeze[.]rs to launch the commodity malware XWorm. The attack chain, discovered by Fortinet FortiGuard Labs on July 13, 2023, begins with a phishing email containing a malicious PDF file…
-
"Lapsus$ Hackers Took SIM Swapping Attacks to the Next Level"The US Department of Homeland Security (DHS) Cyber Safety Review Board (CSRB) released a report after analyzing the techniques, such as SIM swapping, used by the Lapsus$ extortion group to breach dozens of organizations with a strong security posture. In…