Los Alamos National Laboratory (LANL) researchers are using Artificial Intelligence (AI) to address significant shortcomings in large-scale malware analysis, improving the classification of Microsoft Windows malware and taking more steps towards improved cybersecurity measures. Through their method, the team set a new world record for classifying malware families. The team's approach achieves realistic malware family classification using semi-supervised tensor decomposition methods and selective classification, specifically the reject option.

Faculty and students from CyLab, Carnegie Mellon University's security and privacy research institute, will present on various topics at the 31st Annual Network and Distributed System Security (NDSS) Symposium. CyLab has compiled a list of papers co-authored by its members that will be presented at the event. One of the papers is titled "Group-based Robustness: A General Framework for Customized Robustness in the Real World." Machine Learning (ML) models have been found to be vulnerable to evasion attacks that perturb model inputs and cause misclassifications.

According to the Cybersecurity and Information Systems Information Analysis Center (CSIAC), the average code sample has 6,000 defects per million lines of code, with the Software Engineering Institute (SEI) at Carnegie Mellon University (CMU) discovering that 5 percent of these defects become vulnerabilities. This turns into about three vulnerabilities per 10,000 lines of code. The question is whether ChatGPT can help improve this ratio.

Cyberattacks are increasing, posing a risk of stolen personal data for 400 million users and prompting US governments to introduce Breach Notification Laws (BNLs). These laws require companies to notify consumers if their data has been breached. However, in a paper recently published in The Review of Law & Economics, Brad Greenwood, an information systems professor at George Mason University's Donald G Costello College of Business, and his co-author Paul M. Vaaler of the University of Minnesota discovered that BNLs had little to no effect on security and protection in general.

Google launched the AI Cyber Defense Initiative to use Artificial Intelligence (AI) to improve cybersecurity and reverse the "Defender's Dilemma". Magika, an AI-powered tool for file type identification to detect malware, is being open-sourced as part of this initiative. Google also announced a new AI for Cybersecurity group consisting of 17 startups from the US, UK, and the EU. The group will help bolster the transatlantic cybersecurity ecosystem by introducing internationalization strategies, AI tools, and the skills to use them.

Threat actors are using Amazon Web Services Simple Notification Service (AWS SNS) and a custom bulk-messaging spam script called SNS Sender in an ongoing "smishing" campaign that impersonates the US Postal Service. Like businesses, threat actors are moving their workloads to the cloud instead of handling them through traditional web servers. This shift poses a significant business risk to organizations whose legitimate cloud instances have been compromised by attackers trying to piggyback on their AWS capabilities.

Multiple cryptocurrency sector companies are being targeted in an ongoing malware campaign involving a newly discovered Apple macOS backdoor called RustDoor. Bitdefender first documented RustDoor, describing it as a Rust-based malware that can upload files, gather information about the infected machines, and more. It is distributed under the guise of a Visual Studio update. Prior evidence revealed at least three different variants of the backdoor. This article continues to discuss new findings regarding the RustDoor Apple macOS backdoor.

Security researchers have discovered that the Alpha ransomware payload and modus operandi overlap with the now-defunct NetWalker ransomware operation. NetWalker was a Ransomware-as-a-Service (RaaS) active between October 2019 and January 2021. Law enforcement took down its dark web sites, forcing its operators to go silent. The Alpha ransomware, not to be confused with ALPHV/BlackCat, first appeared in February 2023, but its operators kept a low profile, did not promote on hacker forums, and did not launch many attacks.

A Los Angeles man accused of running a "booter" service that facilitated Distributed Denial-of-Service (DDoS) attacks has been charged in federal court. According to court documents filed recently, Scott Esparza, also known as "Hazard," "co-administrated" the website Astrostress.com. The FBI seized the Astrostress domain in December 2022, along with many other booter services. For a fee, Esparza's service would enable his subscribers to direct floods of Internet traffic to victim computers in order to degrade or disrupt their Internet access.

Twenty-seven percent of countries holding national elections in 2024 face the highest cyber threat levels, with multiple priority adversary groups and many state-backed groups linked to priority adversary countries. The four priority adversary countries, which are Russia, China, Iran, and North Korea, are using cyber interference for disinformation and espionage, as well as to try disrupting actual electoral processes. This article continues to discuss the cyber threats facing 2024 elections.