"DSI’s 5th Annual Digital Forensics for National Security Symposium will provide a forum for the DoD, federal government, intelligence agencies, industry, and academia to discuss how digital forensics tools and technologies are supporting their efforts to identify, detect, investigate, prevent, and bring justice to increasingly sophisticated criminal activities."
"Transform Finance is bringing together the top thinkers in the Carolinas and surrounding areas to get a deep look into the latest trends, challenges and the technology emerging to help stay vigilant against bad actors. Come together in the second largest financial hub in the US as we come together and explore how to stay vigilant in 2024. With expert led panels, interactive workshops and many opportunities for networking the 2024 Charlotte event is the place to learn about the latest in fighting economic crime."
Over the past decade, the NCCC has become one of the premier training events for law enforcement investigators, prosecutors, and forensic examiners in the world. The 2024 National Cyber Crime Conference will be held from April 23 through April 25. The event will feature hundreds of sessions on diverse digital evidence and cybercrime topics delivered by the top experts in the field.
The threat actor known as "TA558" has been using steganography as an obfuscation method in the delivery of a variety of malware, including Agent Tesla, FormBook, Remcos RAT, LokiBot, GuLoader, Snake Keylogger, XWorm, and more. Positive Technologies reported that the group used steganography extensively, sending VBSs, PowerShell code, and RTF documents containing an embedded exploit, inside images and text files. The campaign has been dubbed "SteganoAmor" due to its use of steganography and choice of file names.
Fabian Baumer and Marcus Brinkmann from Ruhr University Bochum discovered a vulnerability in PuTTY 0.68 through 0.80 that enables attackers with access to 60 cryptographic signatures to recover the private key used to generate them. PuTTY is a popular open source terminal emulator, serial console, and network file transfer tool that supports SSH, Telnet, SCP, and SFTP. According to the researchers, the vulnerability stems from how PuTTY generates ECDSA nonces, which are temporary unique cryptographic numbers, for the NIST P-521 curve used for SSH authentication.
The "RansomHub" ransomware group is now publishing data allegedly stolen from the healthcare transaction processor Change Healthcare in February. The incident disrupted Change Healthcare's operations and caused healthcare system outages. It was launched by an affiliate of the Alphv/BlackCat Ransomware-as-a-Service (RaaS), known as "Notchy." In early March, BlackCat pulled an exit scam, and Notchy claimed they had not received their share of the $22 million ransom paid by Change Healthcare and were still in possession of 4TB of stolen company data.
According to security researchers at Pentera, a substantial 93% of enterprises admitting to a breach have suffered significant consequences, ranging from unplanned downtime to data exposure or financial loss. During the research, the researchers found that enterprises are allocating an average of $164,400, nearly 13% of their total IT security budgets to pentesting programs. These initiatives serve multiple purposes, including validating the efficacy of security controls, gauging potential attack impact, and prioritizing security investments.
A new security flaw, dubbed "LeakyCLI" by the Orca Security team, impacts command-line tools used in cloud environments. The vulnerability exposes sensitive credentials in logs, posing a risk to organizations that use Amazon Web Services (AWS) and Google Cloud. The problem reflects a previously identified vulnerability in Azure Command-Line Interface (CLI), which Microsoft addressed in November 2023. Although Microsoft fixed it, AWS and Google Cloud CLIs are still vulnerable to the same flaw.
Recently, Shakeeb Ahmed, a former senior security engineer, was sentenced to three years in prison for hacking and defrauding two cryptocurrency exchanges. Ahmed, 34, of New York, New York, was arrested in July 2023, one year after the attacks occurred. He pleaded guilty in December. According to the Department of Justice (DoJ), in early July 2022, Ahmed defrauded a decentralized cryptocurrency exchange of roughly $9 million.
Researchers from the Institute of Applied Information Processing and Communications at Graz University of Technology (TU Graz) successfully demonstrated three side-channel attacks on graphics cards via the WebGPU browser interface. According to the researchers, the attacks were fast enough to succeed during normal Internet surfing. Modern websites place ever-increasing demands on computing power. Therefore, web browsers have had access to the computing capacities of the Graphics Processing Unit (GPU) as well as the Central Processing Unit (CPU).