Katina Michael, a professor in the School for the Future of Innovation in Society and School of Computing and Augmented Intelligence at Arizona State University, calls for better measures to secure sensitive biometric data. Biometric data refers to the unique physical characteristics of a person, including voice, fingerprint, palm, face, and DNA. Such data can help hackers carry out cybercriminal activities. This article continues to discuss Michael's insights and recommendations regarding cybersecurity and privacy for biometrics.

"Q-Day," when quantum computers can break existing cryptographic algorithms, is predicted to happen within the next decade, leaving digital information vulnerable under current encryption protocols. Post-Quantum Cryptography (PQC) is one of the top priorities for the security community as it works to build and implement encryption capable of withstanding post-quantum threats and attacks. This article continues to discuss the latest efforts aimed at helping with the creation, development, and migration to PQC.

Users looking for game cheats are being tricked into downloading Lua-based malware that can establish persistence on infected systems and deliver additional payloads. Morphisec researcher Shmuel Uzan explained that these attacks take advantage of the popularity of Lua gaming engine supplements. This malware strain is widely distributed throughout North America, South America, Europe, Asia, and Australia. This article continues to discuss the delivery of Lua-based malware through fake cheating script engines.

DataDome's "2024 Global Bot Security Report" found that 95 percent of advanced bot attacks go undetected, emphasizing the need for better detection and mitigation strategies. Some organizations may have basic defenses but need to prepare for more sophisticated attacks involving Artificial Intelligence (AI) and Machine Learning (ML). Recent statistics show that organizations must prioritize and strengthen security against bot attacks. According to DataDome, 65 percent of websites are vulnerable to bot attacks. This article continues to discuss recent findings regarding bot attacks.

"GoldenJackal," an Advanced Persistent Threat (APT) hacking group, successfully breached air-gapped government systems in Europe. The APT group used two custom toolsets to steal sensitive data such as emails, encryption keys, images, archives, and documents. According to ESET, this occurred at least twice against the embassy of a South Asian country in Belarus and a European government organization. This article continues to discuss new findings regarding GoldenJackal's attacks on air-gapped government systems. 

According to the security vendor Egress, phishing attempts increased 28 percent in the second quarter of the year as threat actors gained new tools. An analysis of phishing kits offered for sale on the dark web found that 75 percent advertised Artificial Intelligence (AI) capability. This article continues to discuss findings regarding the rise in phishing attacks.

SC Media reports "Phishing Attacks Armed With AI Capabilities Are on the Rise"

Submitted by grigby1

The 2024 "Tenable Cloud Risk Report" found that 38 percent of organizations worldwide face critical exposures due to a mix of security gaps in modern cloud environments. The report identified a "toxic cloud triad" of publicly exposed, critically vulnerable, and highly privileged cloud workloads that put these companies at risk. This triad makes them vulnerable to cyberattacks that could disrupt applications, take over systems, and steal data. This article continues to discuss key findings regarding cloud security risks.

According to the US Department of Justice (DoJ), a Ukrainian national named Mark Sokolovsky pleaded guilty to operating the "Raccoon Infostealer" malware in US federal court. Sokolovsky was previously accused of being one of the "key administrators" of the malware that steals email addresses, ID numbers, bank account details, and cryptocurrency information. Raccoon Infostealer was sold as Malware-as-a-Service (MaaS) for $200 per month in cryptocurrency. This article continues to discuss the Raccoon Infostealer malware and the Ukrainian national who has pleaded guilty to running it.

The US Department of Health and Human Services (HHS) warns of "Trinity" ransomware attacks on healthcare and public health organizations. HHS notes that Trinity, a relatively new ransomware family first seen in May 2024, adds the '.trinitylock' extension to encrypted files. It has similarities to "2023Lock" and "Venus" ransomware. This article continues to discuss the Trinity ransomware attacks faced by the healthcare sector.