Khalifa University researchers developed a novel approach to improve Unmanned Aerial Vehicle (UAV) communication security and robustness. The team's proposed design includes a device authentication protocol to ensure that only authorized devices can connect to and communicate with the UAV system, protecting against unauthorized access and security breaches. This article continues to discuss the team's efforts to enhance UAV communication security. 

Environmental services websites are becoming major targets for Distributed Denial-of-Service (DDoS) attacks, with Cloudflare researchers reporting a 61,839 percent year-over-year increase in the fourth quarter of 2023. The significant increase in HTTP DDoS attacks against the environmental services industry coincided with the United Nations' COP28 climate conference, held in the United Arab Emirates from November 30 to December 12, according to Cloudflare's Q4 2023 DDoS report.

According to cyber threat analysts at China's Qianxin X Laboratory, over 100,000 Android TVs and set-top boxes have been infected with unknown malware. The researchers discovered a large-scale cybercrime gang based in Brazil dubbed Bigpanzi that targets Android TVs, set-top boxes, and eCos devices. The malware used by the group is preloaded with weaponization tools for Distributed Denial-of-Service (DDoS) attacks, transforming TVs into zombies in a massive botnet. Compromised devices also serve as operational nodes for illicit streaming.

Foxsemicon, one of Taiwan's largest semiconductor manufacturers has suffered a cyberattack, allegedly carried out by the LockBit ransomware gang. The hackers hijacked the company's website and left a threatening message, claiming that they had stolen its customers' personal information and would publish it on their darknet site if the company refused to pay. They claimed to have accessed five terabytes of the company's data.

Due to a high-severity vulnerability that exposed credentials, GitHub has rotated a number of its keys. The vulnerability, disclosed through its bug bounty program, would give attackers access to credentials within a production container. The National Vulnerability Database (NVD) classified the flaw as an unsafe reflection exploit that could allow hackers to conduct Remote Code Execution (RCE) on compromised systems. This article continues to discuss the potential exploitation and impact of the security vulnerability as well as GitHub's response to it.

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory (CSA) about the AndroxGh0st malware. The US agencies are sharing known indicators of compromise (IOCs) as well as tactics, techniques, and procedures (TTPs) used by the threat actors to launch the AndroxGh0st malware. According to the agencies, AndroxGh0st malware targets files containing sensitive information, such as credentials for various high-profile applications.