"Chinese 'Tropic Trooper' APT Targets Mideast Governments"

"Tropic Trooper," a China-linked Advanced Persistent Threat (APT) group, is conducting an espionage campaign targeting government entities in the Middle East. The group itself has targeted government, healthcare, transportation, and high-tech sectors in Taiwan, the Philippines, and Hong Kong since 2011. Their current effort began in June 2023, targeting government entities that publish human rights studies in the Middle East related to the Israel-Hamas war.

Submitted by Gregory Rigby on Fri, 09/06/2024 - 14:05

"New Backdoor Linked to Earth Lusca Threat Group"

Researchers have discovered a new Go language-based backdoor called "KTLVdoor" that targets Windows and Linux systems and is linked to the Chinese-speaking threat actor named "Earth Lusca." Earth Lusca has been active since at least April 2019, targeting organizations in different industries worldwide. The group has used KTLVdoor to run commands, manipulate files, scan remote ports, and more. This article continues to discuss findings regarding KTLVdoor and its link to the Earth Lusca group.

Submitted by Gregory Rigby on Fri, 09/06/2024 - 14:05

"SpyAgent Android Malware Steals Your Crypto Recovery Phrases From Images"

"SpyAgent," a new Android malware, steals cryptocurrency wallet recovery phrases from screenshots on a mobile device using Optical Character Recognition (OCR) technology. Cryptocurrency recovery phrases, or seed phrases, serve as a cryptocurrency wallet backup key. These phrases restore access to a user's cryptocurrency wallet and its funds if they lose a device, corrupt data, or want to transfer it to a new device. Threat actors can use it to restore a victim's wallet on their own devices and steal all the funds stored within it.

Submitted by Gregory Rigby on Fri, 09/06/2024 - 14:04

"GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware"

Multiple campaigns have exploited a recently disclosed OSGeo GeoServer GeoTools security flaw to deliver cryptocurrency miners, botnet malware, and a backdoor. The critical Remote Code Execution (RCE) bug enables malicious actors to take over vulnerable instances. Due to its active exploitation, the US Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities (KEV) catalog in mid-July. This article continues to discuss the exploitation of a security vulnerability in OSGeo GeoServer GeoTools.

Submitted by Gregory Rigby on Fri, 09/06/2024 - 14:03

2024 Aviation Cybersecurity Summit

Read more about 2024 Aviation Cybersecurity Summit

"Join us for three days of insightful sessions and invaluable networking opportunities designed to enhance your knowledge and skills. Our comprehensive agenda covers a wide range of topics, including emerging threats, regulatory updates, and cutting-edge technologies."

IEEE/ACM International Symposium on Microarchitecture (MICRO)

Read more about IEEE/ACM International Symposium on Microarchitecture (MICRO)

"The IEEE/ACM International Symposium on Microarchitecture (MICRO) is the premier forum for for presenting, discussing, and debating innovative microarchitecture ideas and techniques for advanced computing and communication systems. This symposium brings together researchers in fields related to microarchitecture, compilers, chips, and systems for technical exchange on traditional microarchitecture topics and emerging research areas."

Topics of interest include, but are not limited to privacy and security.

30th ACM Symposium on Operating Systems Principles (SOSP)

Read more about 30th ACM Symposium on Operating Systems Principles (SOSP)

"The 30th ACM Symposium on Operating Systems Principles (SOSP) seeks to present innovative and exciting research related to the design, implementation, analysis, evaluation, and deployment of computer systems software."

Topics of interest include, but are not limited to security.

2024 International Conference on Research in Adaptive and Convergent Systems (RACS)

Read more about 2024 International Conference on Research in Adaptive and Convergent Systems (RACS)

"The RACS conference aims primarily at researchers who have experience in reliable and convergent computing systems and are engaged in the design and implementation of new computing applications. Each year RACS brings together engineers and scientists from diverse communities with interests in practical computing technologies and creates an environment for them to discuss and report experimental results, novel designs, work-in-progress, experiences, case studies, and trend-setting ideas."

Topics of interest include, but are not limited to security.

2024 ACM/IEEE International Conference on Computer-Aided Design

Read more about 2024 ACM/IEEE International Conference on Computer-Aided Design

"The International Conference on Computer-Aided Design focuses on advancements and research in the field of electronic design automation (EDA) and computer-aided design (CAD) for integrated circuits and systems. Topics include innovations in design methodologies, tools, algorithms, and technologies related to the development of electronic systems."

Topics of interest include, but are not limited to privacy and security.

39th IEEE/ACM International Conference on Automated Software Engineering (ASE 2024)

Read more about 39th IEEE/ACM International Conference on Automated Software Engineering (ASE 2024)

"The ASE conference is the premier research forum for Automated Software Engineering. Each year, it brings together researchers and practitioners from academia and industry to discuss foundations, techniques, and tools for automating the analysis, design, implementation, testing, and maintenance of large software systems."

Topics of interest include, but are not limited to privacy and security.

Subscribe to