The Canadian government plans to ban Flipper Zero and similar devices after tagging them as tools thieves can use to steal cars.  The Flipper Zero is a portable and programmable pen-testing tool that helps experiment with and debug various hardware and digital devices over multiple protocols, including RFID, radio, NFC, infrared, and Bluetooth.

At least 18 hospitals in Romania were recently knocked offline after a ransomware attack took down their healthcare management system.  The Hipocrate Information System (HIS) used by hospitals to manage medical activity and patient data was targeted over the weekend and is now offline after its database was encrypted.  The incident is under investigation by IT specialists, including cybersecurity experts from the National Cyber Security Directorate (DNSC), and the possibilities for recovery are being assessed.

ExpressVPN recently disabled split tunneling on its Windows clients to prevent an issue where DNS requests were not properly directed to its servers.  The issue, introduced in May 2022 in version 12.23.1 of ExpressVPN, resulted in DNS requests remaining unprotected in certain conditions.  Normally, when users connect to ExpressVPN, their DNS requests are sent to the company's servers.

Kevin Fu, a professor of electrical and computer engineering at Northeastern University specializing in cybersecurity, has discovered a way to eavesdrop on most modern cameras. The technique, called EM Eye, which is short for Electromagnetic Eye, can capture video from another person's camera through walls in real-time. Fu and his team tested EM Eye on 12 different types of cameras, including smartphone cameras, dash cams, and home security cameras. The results vary depending on how far away one must be to eavesdrop on these various devices.

Cybersecurity experts from the University of East Anglia and the University of Kent call for more attention to criminals creating their own Artificial Intelligence (AI) chatbots for hacking and scams. Malicious variants of Large Language Models (LLMs), the technology that drives AI chatbots such as ChatGPT, are emerging. WormGPT and FraudGPT are examples that can create malware, identify security flaws in systems, provide advice on how to scam people, support hacking, and more.

The University of Albany (UAlbany) will participate in a new national research consortium aimed at supporting and demonstrating approaches to developing safe and trustworthy Artificial Intelligence (AI). The Department of Commerce's National Institute of Standards and Technology (NIST) has established the US AI Safety Institute (AISIC), which will lead the US government's AI safety and trust efforts, specifically in evaluating and developing guardrails for advanced AI models.

According to National Cyber Director Harry Coker, the White House's main cybersecurity directorate will release a paper on memory-safe software development to encourage public and private sector programmers to adopt practices that prevent hackers from infiltrating systems by exploiting code vulnerabilities. Coker pointed out that memory safety bugs are some of the most dangerous vulnerabilities criminals seek to exploit. He adds that memory-safe coding languages prevent those errors from making it into production, but developers have been slow to adopt them.

Deepfake attacks that use "face swap" technology to evade remote identity verification increased by 704 percent in 2023, according to iProov's 2024 Threat Intelligence Report, "The Impact of Generative AI on Remote Identity Verification." Many deepfake-focused threat actors are increasing their sophistication with free and inexpensive face swap tools, virtual cameras, and mobile emulators. Generative AI has significantly improved threat actors' productivity levels.

Antonio Parata, a CrowdStrike security researcher, demonstrated how to use a signed Minifilter Driver in a Bring Your Own Vulnerable Driver (BYOVD) attack to terminate a specific process from the kernel. The BYOVD technique is often used by malware to terminate processes associated with security tools such as an Endpoint Detection and Response (EDR) solution. BYOVD is gaining popularity as attackers realize that terminating the EDR process is a better strategy than using obfuscation techniques to avoid the EDR solution.

RustDoor is a new Rust-based macOS malware distributed as a Visual Studio update. It provides backdoor access to compromised systems and uses infrastructure linked to the ALPHV/BlackCat ransomware group. The backdoor delivery campaign began in November 2023 and continues to distribute new variants of the malware. According to researchers at Bitdefender, the malware can run on Intel-based (x86_64) and ARM (Apple Silicon) architectures. This article continues to discuss findings regarding the new Rust-based macOS malware RustDoor.