According to Rob Joyce, the National Security Agency's (NSA) outgoing cybersecurity director, the US is still identifying victims of the China-backed hacking group "Volt Typhoon." The group was the subject of a recent takedown by the Federal Bureau of Investigation (FBI) and other official advisories over the past year. The Volt Typhoon hacking group had been latching onto critical infrastructure using compromised equipment, including Internet routers and cameras. This article discusses the continued effort to identify victims targeted by the extensive China-backed hacking campaign.

The United Arab Emirates' (UAE) rapid adoption of Information Technology (IT) and Operational Technology (OT) has significantly increased its attack surface, with nearly 155,000 remotely accessible assets left vulnerable because of misconfigurations and insecure applications. According to the "State of the UAE Cybersecurity Report 2024, remote access points, network administration interfaces, insecure network devices, and other assets were found to be vulnerable.

The US Department of Defense (DoD) recently announced that it has processed 50,000 reports received as part of its continuous vulnerability disclosure program (VDP) launched in November 2016.  The program was initiated following a successful "Hack the Pentagon" bug bounty program running on HackerOne, which was followed by similar programs covering Air Force, Marine Corps, Army, and Defense Travel System assets.

In mid-January 2024, researchers at the Zero Day Initiative (ZDI) discovered a DarkGate campaign that exploited the Windows zero-day flaw, tracked as CVE-2024-21412, using fake software installers. An unauthenticated attacker can exploit the flaw by sending the victim a specially crafted file that bypasses the displayed security checks. The attacker must trick the victims into clicking the file link.

A leaked database containing over 70 million records, allegedly stolen from AT&T, is now on the illicit marketplace BreachForums nearly for free. Some researchers have confirmed the legitimacy of the data, but it is unclear how the hackers got it. The seller claims that ShinyHunters, a criminal group, obtained the data in 2021. The data has previously been made public. In 2022, Cybernews reported that ShinyHunters demanded at least $200,000 for 70 million records allegedly belonging to AT&T.

The International Monetary Fund (IMF) recently announced that it is investigating a cybersecurity breach that led to the compromise of several internal email accounts.  The Washington-headquartered UN financial agency revealed in a brief statement on Friday that the incident was first detected on February 16.  The investigation determined that 11 IMF email accounts were compromised.  The IMF noted that the impacted email accounts were re-secured and that they have no indication of further compromise beyond these email accounts at this point in time.

Researchers Alireza Taheritajar and Reza Rahaeimehr at Augusta University have published a technical paper detailing their acoustic side-channel attack method. They demonstrated a new acoustic side-channel attack on keyboards that can deduce user input from typing patterns, even in noisy environments. Although the method has an average success rate of 43 percent, which is significantly lower than previously presented techniques, it does not require controlled recording conditions or a specific typing platform.

Researchers at Ben-Gurion University's Offensive AI Research Lab have presented an attack that can decipher AI assistant responses. The technique involves a side-channel found in all major Artificial Intelligence (AI) assistants except Google Gemini. It refines the fairly raw results through Large Language Models (LLMs) trained specifically for the task.

Continued advancements in quantum computer development and performance will make it possible to crack current encryption processes. In an effort to address this challenge, researchers at the Technical University of Munich (TUM) are working to develop encryption methods that use physical laws to prevent message interception. Satellites will be launched as part of the QUICK³ space mission to protect communications over long distances. This article continues to discuss the effort to address the challenge regarding the transmission of data over long distances in quantum cryptography.

A threat actor called "Blind Eagle," also known as APT-C-36, has been observed using a loader malware named "Ande Loader" to deliver Remote Access Trojans (RATs) such as Remcos RAT and NjRAT. According to eSentire, the attacks, launched through phishing emails, targeted Spanish-speaking users in the North American manufacturing industry. Blind Eagle is a financially motivated threat actor who has previously executed cyberattacks against entities in Colombia and Ecuador to deliver AsyncRAT, BitRAT, Lime RAT, NjRAT, Remcos RAT, and more.