A long-running group has allegedly been helping cybercriminals penetrate Information Technology (IT) systems with CAPTCHA-solving services. Arkose Cyber Threat Intelligence Research (ACTIR) identified "Greasy Opal," a cyberattack-enabling business. Greasy Opal, based in the Czech Republic, has stealthily been in operation since 2009. The group sells different products and solutions ranging from legitimate productivity solutions to more controversial tools, such as Search Engine Optimization (SEO)-boosting software, CAPTCHA-solving services, browser automation services, and more.

To combat Living Off the Land (LOTL) techniques used by Advanced Persistent Threat (APT) actors, the National Security Agency (NSA), along with international partners, has released a best practice guide for event logging. The publication outlines best practices for event logging and threat detection in cloud services, enterprise networks, mobile devices, and Operational Technology (OT) networks to ensure critical system availability. The guide is for senior Information Technology (IT) and OT decision-makers, as well as network administrators and critical infrastructure providers.

Since 2022, a stealthy Linux malware called "sedexp" has evaded detection using a persistence technique not yet included in the MITRE ATT&CK framework. The malware, which was discovered by researchers at the risk management company Stroz Friedberg, allows its operators to create reverse shells for remote access and further the attack. At this time, the researchers point out MITRE ATT&CK has not documented the persistence technique used, emphasizing that sedexp is an advanced threat hiding in plain sight.

Meta Platforms has announced that the same Iranian hacking group believed to have recently targeted both the Democratic and Republican presidential campaigns tried to compromise the WhatsApp accounts of staffers in the administrations of President Joe Biden and former President Donald Trump. Meta discovered the network of hackers who posed as tech support agents for AOL, Microsoft, Yahoo, and Google after suspicious WhatsApp messages were reported. Meta investigators connected the activity to the network blamed for Trump's recent campaign hacking.

The national association for amateur radio American Radio Relay League (ARRL) recently revealed that it paid out a $1 million ransom after a disruptive May 2024 ransomware attack.  The attack occurred on May 15 and resulted in multiple systems within ARRL’s internal network being encrypted, including desktops, laptops, and Windows and Linux servers.

Texas Dow Employees Credit Union (TDECU) started notifying over 500,000 individuals that their personal information was compromised in the MOVEit campaign last year.  Conducted by the Russian-speaking Cl0p ransomware group, the hack came to light on May 31, 2023, when Progress Software warned that hackers had exploited a zero-day in the MOVEit Transfer managed file transfer (MFT) software, tracked as CVE-2023-34362, to access customer data.

MIT researchers have proposed a way to make a smaller, more noise-tolerant quantum factoring circuit for cryptography. Quantum computers are expected to quickly break complex cryptographic systems that classical computers cannot, a promise based on a quantum factoring algorithm proposed by MIT professor Peter Shor in 1994. Although researchers have made progress in the last 30 years, they have yet to build a quantum computer that is powerful enough to run Shor's algorithm.

The 33rd USENIX Security Symposium awarded CyLab researchers Matt Fredrikson and Bryan Parno prestigious "Test of Time" awards for papers that have significantly impacted their fields. Fredrikson received the USENIX Security Test of Time Award for his co-authored paper titled "Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing," which initiated the study of privacy in pharmacogenetics.

After breaching a target's network, "Qilin," the ransomware group suspected to have been behind the recent Synnovis attack, stole credentials stored in Google Chrome. According to researchers at Sophos X-Ops who detected the activity, this is an unusual tactic for ransomware groups as Qilin not only conducted an extortion attack but also carried out a credentials-harvesting scheme. This article continues to discuss Qilin's theft of credentials stored in Google Chrome.