"Attackers Exploit URL Protections to Disguise Phishing Links"

"Attackers Exploit URL Protections to Disguise Phishing Links"

Barracuda researchers found cybercriminals using URL protection services to hide phishing links. The company observed phishing campaigns using three URL protection services to mask phishing URLs and send victims to credential-stealing websites. Researchers estimate these campaigns have targeted hundreds of companies. URL protection services prevent users from visiting malicious websites via phishing links. This article continues to discuss cybercriminals' abuse of legitimate URL protection services.

Submitted by Gregory Rigby on

"Hackers Beware: Research Shows AI Can Assist With Cybersecurity"

"Hackers Beware: Research Shows AI Can Assist With Cybersecurity"

According to a recent paper by University of Missouri researcher Prasad Calyam and collaborators from Amrita University in India, Artificial Intelligence (AI)-powered chatbots can pass a cybersecurity exam but should not be relied on for complete protection. Using a standard certified ethical hacking exam, the team tested OpenAI's ChatGPT and Google's Bard. Certified ethical hackers use the same methods as malicious hackers to find and fix security vulnerabilities. Ethical hacking exams measure a person's understanding of attacks, system protection, and security breach response.

Submitted by Gregory Rigby on

"New Blast-RADIUS Attack Breaks 30-Year-Old Protocol Used in Networks Everywhere"

"New Blast-RADIUS Attack Breaks 30-Year-Old Protocol Used in Networks Everywhere"

One of the most widely used network protocols, Remote Authentication Dial-In User Service (RADIUS), is vulnerable to a newly discovered attack called "Blast-RADIUS." This complex attack enables adversaries to gain control over various environments, including industrial controllers, telecommunications services, Internet Service Providers (ISPs), and more. RADIUS is supported by almost all switches, routers, access points, and Virtual Private Network (VPN) concentrators shipped in the past 20 years.

Submitted by Gregory Rigby on

"A Simple Firmware Update Completely Hides a Device's Bluetooth Fingerprint"

"A Simple Firmware Update Completely Hides a Device's Bluetooth Fingerprint"

A smartphone's unique Bluetooth fingerprint could be used to track the device's user. To eliminate this vulnerability, a team of researchers at UC San Diego has developed a simple firmware update that completely hides the Bluetooth fingerprint. The researchers developed a method that involves multiple layers of randomization. This article continues to discuss the researchers' development of a firmware update that hides a device's Bluetooth fingerprint.

Submitted by Gregory Rigby on

"NIST Will Fire the 'Starting Gun' in the Race to Quantum Encryption"

"NIST Will Fire the 'Starting Gun' in the Race to Quantum Encryption"

ML-KEM, CRYSTALS-Dilithium, and Sphinx Plus are three standardized post-quantum algorithms that will allow classical computers to encrypt data against a future fault-tolerant quantum computer. Matthew Scholl, the chief of the computer security division in the National Institute of Standards and Technology's (NIST) Information Technology (IT) Laboratory, urges organizations to monitor algorithm configuration and test for vulnerabilities during implementation. This article continues to discuss experts' insights on the proactive transition of networks to quantum-resilient standards.

Submitted by Gregory Rigby on

"Akira Ransomware: Lightning-Fast Data Exfiltration in 2-ish Hours"

"Akira Ransomware: Lightning-Fast Data Exfiltration in 2-ish Hours"

According to the BlackBerry Threat Research and Intelligence Team, "Akira" ransomware actors can now exfiltrate data from victims in just over two hours, a significant change in the average time it takes a cybercriminal to get to the stage where they collect information. BlackBerry's analysis of a June Akira ransomware attack on a Latin American airline reveals that the threat actor used the Secure Shell (SSH) protocol to gain initial access through an unpatched Veeam backup server and stole information before launching the Akira ransomware the following day.

Submitted by Gregory Rigby on

"Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments"

"Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments"

The Exim mail transfer agent has a critical security flaw that could allow threat actors to send malicious attachments to target users' inboxes. Exim is a free mail transfer agent used in hosts running Unix or Unix-like operating systems. According to Censys, 4,830,719 of the 6,540,044 public-facing SMTP mail servers run Exim. As of July 12, 2024, 1,563,085 Internet-accessible Exim servers run a vulnerable version. This article continues to discuss findings regarding the critical Exim mail server vulnerability.

Submitted by Gregory Rigby on

"Hacker 'Tank' Gets Prison Sentence for Connections to Zeus and IcedID Malware"

"Hacker 'Tank' Gets Prison Sentence for Connections to Zeus and IcedID Malware"

A Nebraska federal judge has sentenced a Ukrainian national named Vyacheslav Igorevich Penchukov (known as "Tank" in the hacker community) to prison and ordered him to pay millions in restitution for his involvement in two malware schemes. In February, he pleaded guilty to charges associated with participating in the operation of the "Zeus" banking malware in the 2010s and later the "IcedID" malware. Penchukov was on the Federal Bureau of Investigation's (FBI) "Most Wanted" list for over a decade before his 2022 arrest in Switzerland and 2023 extradition to the US.

Submitted by Gregory Rigby on

"WP Time Capsule Plugin Update Urged After Critical Security Flaw"

"WP Time Capsule Plugin Update Urged After Critical Security Flaw"

Security researchers at Patchstack have recently found a new vulnerability in the Backup and Staging by WP Time Capsule plugin, affecting versions 1.22.20 and below.  The researchers noted that the WordPress plugin, with over 20,000 active installations, facilitates website backups and update management through cloud-native file versioning systems. The flaw allowed unauthorized users to exploit a broken authentication mechanism, potentially gaining administrative access to affected sites.

Submitted by Adam Ekwall on

"Purdue University Researchers Win ASEE Best Paper Award for Research Integrating Systems Thinking in Threat Modeling"

"Purdue University Researchers Win ASEE Best Paper Award for Research Integrating Systems Thinking in Threat Modeling"

Researchers from Purdue University won the American Society for Engineering Education's (ASEE) Best Paper award for their work titled "Introducing Systems Thinking as a Framework for Teaching and Assessing Threat Modeling Competency."
Submitted by Gregory Rigby on
Subscribe to