"Enabling Secure Modern Web Browsers Against Cache-Based Timing Attacks"

"Enabling Secure Modern Web Browsers Against Cache-Based Timing Attacks"

Sangeetha Ganesan of the Department of Artificial Intelligence and Data Science at the R.M.K College of Engineering and Technology in Tamil Nadu, India, explains how JavaScript, a popular web development programming language, allows access to a variety of Application Programming Interfaces (APIs) and sensors. He points out that the prevalence of this language raises privacy concerns as malicious third parties discover and exploit vulnerabilities.

Submitted by Gregory Rigby on

"Researchers Highlight Potential Cybersecurity Threats to Trucking Industry, Supply Chain"

"Researchers Highlight Potential Cybersecurity Threats to Trucking Industry, Supply Chain"

Researchers at Colorado State University have released a new paper detailing vulnerabilities found in commercial trucking systems. The exploitation of these vulnerabilities could enable hackers to take control of, steal data from, or disrupt entire fleets by spreading malware between vehicles. The study delves into the trucking industry's cybersecurity gaps through Electronic Logging Devices (ELDs). This federally mandated supplemental system tracks hours of service compliance and other metrics for later inspection and is closely linked to vehicle control systems.

Submitted by Gregory Rigby on

"Ransomware Can Hide in the Websites You Upload Files To"

"Ransomware Can Hide in the Websites You Upload Files To"

Cybersecurity researchers at Florida International University (FIU) warn that websites requesting access to a user's files may be able to bypass antivirus software and launch ransomware attacks. According to a study conducted by the FIU College of Engineering and Computing, free photo editors, tax document assistants, and other online apps that request permission to access a user's media can encrypt and control files. Attackers could then demand a ransom for the files' safe return. The hack is said to work on all three major PC operating systems: Windows, Linux, and macOS.

Submitted by Gregory Rigby on

"ZHAW Researchers Develop a Secure Architecture for Future 6G Mobile Communications Standard"

"ZHAW Researchers Develop a Secure Architecture for Future 6G Mobile Communications Standard"

The ZHAW School of Engineering is part of the EU Horizon "NATWORK" project aimed at developing a cost-effective, energy-efficient, Artificial Intelligence (AI)-based 6G cybersecurity and resilience framework with a holistic approach on which intelligent networks and services can be built across sectors. The project's ZHAW team is tasked with developing intelligent and resource-optimized cybersecurity schemes in the edge-to-cloud continuum for future networks.

Submitted by Gregory Rigby on

"New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S."

"New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S."

Researchers have discovered new phishing attacks aimed at delivering the information stealer known as "StrelaStealer." According to a new report published by Palo Alto Networks' Unit 42, the campaigns impact over 100 EU and US organizations. These campaigns involve spam emails with attachments that eventually launch the StrelaStealer DLL payload. To avoid detection, attackers change the initial email attachment file format from one campaign to the next, preventing detection by previously generated signatures or patterns.

Submitted by Gregory Rigby on

"New Project to Protect the Internet From Fake Content and Reduce Cyberattacks"

"New Project to Protect the Internet From Fake Content and Reduce Cyberattacks"

A team of researchers, with members from the Universitat Oberta de Catalunya (UOC), led by the Universitat Autònoma de Barcelona (UAB), has launched a new research project aimed at improving network security using tools that analyze information and identify malicious content for subsequent filtering. The two-year DANGER cybersecurity project focuses on cybersecurity for the detection, analysis, and filtering of fake or malicious content in hyperconnectivity environments. This article continues to discuss the DANGER project's objectives. 

Submitted by Gregory Rigby on

"Attackers Are Targeting Financial Departments With SmokeLoader Malware"

"Attackers Are Targeting Financial Departments With SmokeLoader Malware"

The "SmokeLoader" malware has been used in a series of phishing campaigns by financially motivated hackers, primarily against the Ukrainian government and administration organizations. The Ukrainian SSSCIP State Cyber Protection Center (SCPC), in collaboration with Palo Alto Networks' Unit 42, has been tracking phishing campaigns linked to the distribution of the SmokeLoader malware.

Submitted by Gregory Rigby on

15th ACM/SPEC International Conference on Performance Engineering

"ICPE brings together researchers and practitioners to report on open problems, state-of-the-art solutions, and in-progress research in performance engineering of software and systems - targeting performance and associated quality attributes such as efficiency and reliability in all phases of the computing system lifecycle, from specification and development to run time and maintenance."

Topics of interest include, but are not limited to security.

"Darknet Marketplace Nemesis Market Seized by German Police"

"Darknet Marketplace Nemesis Market Seized by German Police"

German police have seized infrastructure for the darknet cybercrime marketplace "Nemesis Market" in Germany and Lithuania. The Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) took action, which involved taking down the website and seizing about $100,000 in cash. The Nemesis Market opened in 2021 as a new marketplace for cybercrime services that help launch ransomware, phishing, and Distributed Denial-of-Service (DDoS) attacks. The marketplace also served as a place to buy stolen data, credit cards, and more.

Submitted by Gregory Rigby on

"Zero-Click Malware: The Emergence of AI Worms"

"Zero-Click Malware: The Emergence of AI Worms"

Researchers recently revealed how they developed generative Artificial Intelligence (AI) worms capable of spreading autonomously between AI systems. The AI worm, dubbed "Morris II" after the first computer worm to ever be recorded, can silently target AI-powered email assistants. The researchers also demonstrated how the worm could cause the AI to release personal data, send spam emails, and replicate itself across the digital ecosystem using crafted prompts hidden in legitimate communications. This article continues to discuss the introduction of AI worms. 

Submitted by Gregory Rigby on
Subscribe to