Kansas officials are calling a massive computer outage that’s kept most of the state’s courts offline for two weeks a “security incident” and have not provided an explanation.  Experts say it has all the hallmarks of a ransomware attack.  The disruption has left attorneys unable to search online records and forced them to file motions the old-fashioned way on paper.  Security researcher Allan Liska stated that, since 2019, ransomware groups have targeted 18 state, city, or municipal court systems.  In Kansas, the first sign of trouble came on Oct.

There has been an increase in fake Chrome update websites that could grant unauthorized access to user devices via Remote Access Trojans (RATs). Researchers at the cybersecurity company Sucuri observed an increase in websites infected with "FakeUpdateRU" malware. The fraudulent websites deceive users into believing they are downloading a legitimate Chrome browser update when they are installing a RAT.

The cyber espionage group Winter Vivern exploited a now-patched zero-day vulnerability in the open-source webmail service Roundcube to steal emails from European government entities and think tanks. It is believed that the Russia- and Belarus-aligned Winter Vivern, also known as TA473, has been active since 2020. The group has a history of spying on European and Central Asian governments. Winter Vivern has exploited vulnerabilities in the Zimbra and Roundcube email servers. Researchers from ESET observed the group using a cross-site scripting (XSS) vulnerability in its most recent attacks.

Reflectiz, an advanced website security solution provider, has released a case study highlighting a scenario involving forgotten pixels on websites that could have impacted any industry. The case study focuses on an overlooked and misconfigured pixel associated with a top global healthcare provider. This forgotten piece of code collected private user information without user consent, potentially exposing the company to significant fines and reputational damage. This article continues to discuss the case study on the risks of forgotten pixels on websites.

Selections by dgoff

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer-reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers. Select the topic name to view the corresponding list of publications. Submissions and suggestions are welcome.

Google recently announced several initiatives meant to improve the safety and security of AI, including a bug bounty program and a $10 million fund.  Google noted that the new vulnerability reporting program (VRP) will reward researchers for finding vulnerabilities in generative AI to address concerns such as the potential for unfair bias, hallucinations, and model manipulation.

Cloudflare reports that the number of hyper-volumetric HTTP Distributed Denial-of-Service (DDoS) attacks recorded in the third quarter of 2023 exceeds all previous years. A report from Cloudflare reveals that during the third quarter of 2023, the Internet company mitigated thousands of hyper-volumetric HTTP DDoS attacks. More than 89 of these attacks surpassed 100 million requests per second (rps). The largest attack peaked at 201 million rps, three times larger than the previous record in February 2023.

The US Cybersecurity and Infrastructure Security Agency (CISA) wants feedback on its analysis or approaches in "Software Identification Ecosystem Option Analysis," a white paper outlining a community goal for a more harmonized software identification ecosystem that can be used across the global software space for all important cybersecurity use cases.

According to researchers from American and German universities, the A- and M-Series processors used in Apple's mobile devices and PCs contain a flaw that makes it easy for hackers to access sensitive data. The researchers refer to the flaw as iLeakage, which is a side-channel vulnerability. In side-channel attacks, information becomes visible using clues left in electromagnetic radiation, data caches, and other manifestations within a system. This article continues to discuss the iLeakage vulnerability.

The Cybersecurity and Infrastructure Security Agency (CISA) has recently published a new set of online resources designed to help IT security leaders in the healthcare sector improve their organization’s security posture.  The new tools include CISA’s Cyber Hygiene Services, which use vulnerability scanning to help organizations reduce their attack surface.