"The conference focuses on both the theoretical & practical aspects of the security, privacy, trust and resilience of networks, devices, applications, and services as well as novel ways of dealing with their vulnerabilities and mitigating sophisticated cyber-attacks."
The modular Trojan "Zloader," also known as "Terdot," "DELoader," or "Silent Night," is based on leaked Zeus source code. Zloader returned after an almost two-year hiatus with changes to its obfuscation techniques, Domain Generation Algorithm (DGA), and network communication. Its authors reintroduced an anti-analysis feature that prevents malware execution outside the infected machine. Many malware variants that use leaked Zeus source code had abandoned this feature. Its application makes malicious code harder to detect and analyze.
Researchers at the cybersecurity scanning company Bitsight found that the US Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) catalog benefits organizations inside and outside the federal government. For nearly three years, CISA has maintained its KEV catalog, which has become the go-to repository for bugs actively being exploited by hackers. Bitsight experts asked if organizations fix KEVs faster than non-KEV catalog vulnerabilities. The median time to patch KEV catalog vulnerabilities is 3.5 times faster than non-KEV bugs.
According to Valence Security's "2024 State of SaaS Security Report," 58 percent of organizations have had a Software-as-a-Service (SaaS) security incident in the last 18 months. Therefore, 96 percent of security leaders now prioritize SaaS security, and 93 percent have increased SaaS security budgets in 2024. Eighty-four percent expressed confidence in current SaaS security programs or processes. The recent Microsoft "Midnight Blizzard" breach and Cloudflare breach, following the Okta attack campaign, show that SaaS is now a top target for malicious actors.
According to security researchers at Dynatrace, three-quarters (72%) of global CISOs have experienced an application security incident in the past two years, causing lost revenue and market share. The researchers polled 1300 CISOs and a handful of CEOs and CFOs to compile their latest report, "The State of Application Security in 2024." The researchers found that app security incidents, in many cases, led to lost revenue (47%), regulatory fines (36%), and lost market share (28%).
Selections by dgoff
Pub Crawl summarizes sets of publications that have been peer-reviewed and presented at Science of Security (SoS) conferences or referenced in current work. The topics are chosen for their usefulness for current researchers. Select the topic name to view the corresponding list of publications. Submissions and suggestions are welcome.
The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) call on software companies to review for and fix path traversal security vulnerabilities before shipping. Path traversal vulnerabilities allow attackers to create or overwrite critical files used to execute code or evade authentication. Threat actors can use such security flaws to access sensitive data like credentials to brute-force accounts and breach targeted systems.
Law enforcement recently shut down 12 phone fraud call centers in Albania, Bosnia and Herzegovina, Kosovo, and Lebanon, behind thousands of scam calls daily. Dozens of German law enforcement officers, aided by hundreds of counterparts from other countries (i.e., Albania, Bosnia and Herzegovina, Kosovo, and Lebanon), carried out numerous raids on April 18, identifying 39 suspects and arresting 21 individuals. Law enforcement said it also confiscated evidence, including data carriers, documents, cash, and other assets, valued at roughly €1 million.
The National Security Agency (NSA), together with the Federal Bureau of Investigation (FBI) and the US Department of State, released a Cybersecurity Advisory (CSA) titled "North Korean Actors Exploit Weak DMARC Security Policies to Mask Spearphishing Efforts" to help protect against Democratic People's Republic of Korea (DPRK, also known as North Korea) techniques that enable emails to appear to be from legitimate journalists, academics, or other East Asian affairs experts.
Microsoft researchers found a vulnerability pattern dubbed "Dirty Stream" in popular Android apps, putting billions of users at risk. The vulnerability pattern, linked to path traversal, allows a malicious app to manipulate files in the vulnerable app's home directory. This vulnerability affects several Google Play Store apps with over four billion installations. Microsoft has emphasized the importance of industry collaboration in addressing evolving threats and urged developers to check their apps for similar vulnerabilities.