The LockBit ransomware operation has recently been severely disrupted by an international law enforcement operation that involved the seizure of servers and several individuals getting arrested or charged.  LockBit domains currently display a seizure notice informing visitors that the site is controlled by law enforcement, specifically the UK’s National Crime Agency (NCA).

According to security researchers at ThreatFabric, the Android banking trojan named Anatsa has evolved, and its attacks are more targeted.  Anatsa has been active for about four years and can target more than 600 mobile banking applications worldwide, infecting devices via malicious droppers uploaded to Google Play.  In June last year, three identified droppers had amassed roughly 30,000 installs via the application store.

Wyze recently shared more details on a security incident that impacted thousands of users recently and said that at least 13,000 customers could get a peek into other users' homes.  The company blames a third-party caching client library recently added to its systems, which had problems dealing with a large number of cameras that came online all at once after a widespread outage that occurred on 2/16.  The company noted that multiple customers reported seeing other users' video feeds under the Events tab in the app since Friday.

Two flights bound for Israel over the past week have suffered attempts to hijack their communications and divert the aircraft.  The El Al flights were both travelling from Thailand to Israel’s Ben Gurion international airport and apparently encountered “hostile elements.” No group has claimed responsibility. Although the aircraft were flying over an area in which Iranian-backed Houthis are active, sources have claimed it could be the work of a group operating from Somaliland an unrecognized state in the Horn of Africa.

A Ukrainian national charged with operating the Raccoon Infostealer malware-as-a-service (MaaS) has recently made an appearance in a US court after being extradited from the Netherlands.  Mark Sokolovsky, 28, was arrested in March 2022 after the FBI and law enforcement agencies in Italy and the Netherlands dismantled the Raccoon Infostealer infrastructure.  In October 2022, Sokolovsky was indicted in the US for his involvement in the distribution of the Raccoon Infostealer malware to millions of computers worldwide.

A KAUST research team has developed a Machine Learning (ML) approach that addresses a major medical research challenge by integrating an ensemble of privacy-preserving algorithms. The challenge is using the power of Artificial Intelligence (AI) to accelerate genomic data discovery while protecting individuals' privacy. According to KAUST's Xin Gao, omics data typically contains a large amount of private information, such as gene expression and cell composition. This information can often be linked to a person's disease or health status.

Los Alamos National Laboratory (LANL) researchers are using Artificial Intelligence (AI) to address significant shortcomings in large-scale malware analysis, improving the classification of Microsoft Windows malware and taking more steps towards improved cybersecurity measures. Through their method, the team set a new world record for classifying malware families. The team's approach achieves realistic malware family classification using semi-supervised tensor decomposition methods and selective classification, specifically the reject option.

Faculty and students from CyLab, Carnegie Mellon University's security and privacy research institute, will present on various topics at the 31st Annual Network and Distributed System Security (NDSS) Symposium. CyLab has compiled a list of papers co-authored by its members that will be presented at the event. One of the papers is titled "Group-based Robustness: A General Framework for Customized Robustness in the Real World." Machine Learning (ML) models have been found to be vulnerable to evasion attacks that perturb model inputs and cause misclassifications.

According to the Cybersecurity and Information Systems Information Analysis Center (CSIAC), the average code sample has 6,000 defects per million lines of code, with the Software Engineering Institute (SEI) at Carnegie Mellon University (CMU) discovering that 5 percent of these defects become vulnerabilities. This turns into about three vulnerabilities per 10,000 lines of code. The question is whether ChatGPT can help improve this ratio.

Cyberattacks are increasing, posing a risk of stolen personal data for 400 million users and prompting US governments to introduce Breach Notification Laws (BNLs). These laws require companies to notify consumers if their data has been breached. However, in a paper recently published in The Review of Law & Economics, Brad Greenwood, an information systems professor at George Mason University's Donald G Costello College of Business, and his co-author Paul M. Vaaler of the University of Minnesota discovered that BNLs had little to no effect on security and protection in general.