Researchers from the Systems and Network Security Group (VUSec Group) at Vrije Universiteit Amsterdam have developed "Spectre based on LAM" (SLAM), a new side-channel attack that uses hardware features designed to improve security in upcoming Intel, AMD, and Arm CPUs to obtain the root password hash from kernel memory. According to the researchers, SLAM is a transient execution attack that exploits a memory feature, which enables software to use untranslated address bits in 64-bit linear addresses for storing metadata.

As part of a new research project, Dr. Rosetta Romano, an assistant professor in Information Technology (IT) and Systems at the University of Canberra, will help small businesses by educating them about the criticality of cybersecurity. Dr. Romano and fellow researchers, together with the Canberra-based data management company Surround Australia, are developing a Cybersecurity Standards and Frameworks Knowledge Graph for Australian small businesses. Large companies tend to have greater resilience and ability to continue operations in the event of a cyberattack.

Synthetic data can be used to improve cybersecurity algorithms, such as facial recognition and fingerprint matching. These applications have the potential to improve suspect identification in law enforcement and streamline border control processes. Synthetic data generation involves manipulating variables and parameters in order to replicate data patterns. Since synthetic data does not contain real individuals' sensitive information, it can help to alleviate data privacy concerns. This is important in criminal investigations, where privacy is critical.

The National Security Agency (NSA) has joined the Cybersecurity and Infrastructure Security Agency (CISA) and other US and international partners in releasing a Cybersecurity Information Sheet (CSI) titled "The Case for Memory Safe Roadmaps." The report, which expands on NSA's "Software Memory Safety" CSI published in April 2023, offers guidance for software manufacturers and technology providers in developing roadmaps tailored to eliminate memory safety vulnerabilities from their products.

The recently released Cisco Talos Year in Review report highlights new trends in the cybersecurity threat landscape. According to the report, more ransomware actors have shifted to extortion rather than encryption, while commodity loaders have become stealthier and more effective. For the second year in a row, LockBit was the most active ransomware group, followed by ALPHV and Clop. However, some ransomware groups continued to evolve in 2023, with structures often merging or rebranding to confuse law enforcement and the researchers tracking them.

Aplite researchers warn that thousands of exposed servers are leaking millions of patients' medical records and personal health information due to security flaws in a decades-old industry standard, Digital Imaging and Communications in Medicine (DICOM). This standard is designed for storing and sharing medical images. DICOM, the internationally recognized medical imaging format, is the file format for CT scans and X-ray images.

Twenty-two computer scientists, election security experts, and voter advocacy organizations call for a federal investigation and a risk assessment of voting machines used in the US, emphasizing that software breaches have "urgent implications for the 2024 election and beyond." According to the letter, breaches have affected voting equipment made by two companies that count more than 70 percent of all votes in the country. Douglas W.

Threat actors can use Amazon Web Services Security Token Service (AWS STS) to infiltrate cloud accounts and launch follow-on attacks. According to Red Canary researchers, the service allows threat actors to impersonate user identities and roles in cloud environments. AWS STS is a web service that lets users request temporary, limited-privilege credentials to access AWS resources without creating an AWS identity. These STS tokens have a validity period of 15 minutes to 36 hours.

Preventing exploitable vulnerabilities requires catching coding errors in Application Programming Interface (API) preproduction before they go live. Therefore, "shift left" has become a significant focus in API development, in which DevOps takes responsibility for incorporating security testing into the Software Development Life Cycle (SDLC), lowering the cost and expense of resolving coding errors and vulnerabilities. However, fixing code or knowing business logic abuse possibilities can be time-consuming for developers who are not security experts.

Google recently announced the release of Chrome 120 to the stable channel with patches for 10 vulnerabilities.  According to Google, of the resolved issues, five were reported by external researchers, who received a total of $15,000 in bug bounty rewards.  Based on the reward handed out, the most serious of the flaws is CVE-2023-6508, a high-severity use-after-free issue in Media Stream.  Google says it paid out $10,000 for the bug.  Next in line is CVE-2023-6509, a high-severity use-after-free defect that impacts Chrome’s Side Panel Search component.