Multi-factor authentication (MFA) has been the recommended way to strengthen password access for users. But hackers are finding ways around MFA as well using social engineering. Here are a couple of popular methods used. One method is an Adversary-in-the-Middle (AITM) attack. In this hack, the users are tricked into thinking that they are logging into a real network, website, or app. The hackers then can capture passwords and use them to manipulate the requests for the MFA, which the victim unwittingly approves, granting the attacker access.

Microsoft has patched a Windows Defender SmartScreen zero-day vulnerability exploited in the wild by the financially motivated threat group, tracked as Water Hydra and DarkCasino, to deploy the DarkMe Remote Access Trojan (RAT). Trend Micro security researchers discovered the hacker group using the zero-day vulnerability in attacks on New Year's Eve day. According to a recent security advisory from Microsoft, an unauthenticated attacker could send a specially crafted file to a targeted user in order to evade displayed security checks.

Dr. Santosh Ganji, a computer engineering doctoral graduate, and Dr. P.R. Kumar, a Department of Electrical and Computer Engineering professor at Texas A&M University, are working on improving wireless network security. When two entities communicate wirelessly, it is difficult to determine whether a Man-in-the-Middle (MitM) is present. Kumar and Ganji have discovered how to flush out the MitM using a timing-based protocol called REVEAL, which overloads the MitM with messages and causes it to fail.

According to security researchers at JumpCloud, cybersecurity spending is predicted to be cut by 41% of SMEs over the coming year amid the challenging economic environment.  Nearly three-quarters (72%) of IT admins surveyed in the US, UK, and India agreed that any cuts to their security budgets would increase organizational risk.  The researchers noted that SMEs in India were most likely to experience cybersecurity cuts (58%).  This was followed by the US (40%) and UK (25%).

Microsoft and OpenAI have pointed out the different ways in which state-sponsored threat actors have attempted to use Large Language Models (LLMs) to improve their cyber operations. Threat actors, like defenders, are using Artificial Intelligence (AI), specifically LLMs, to increase efficiency. For example, the Iranian threat actor called Crimson Sandstorm, also known as CURIUM, has used LLMs to get help with social engineering, error troubleshooting, code development, and more.

Nominations are now open for the 12th Annual Best Scientific Cybersecurity Paper Competition. The National Security Agency (NSA) welcomes nominations of papers published in 2023 in peer-reviewed journals and technical conferences that show an outstanding contribution to cybersecurity science. Winners will be announced at the end of 2024.

Battery maker VARTA AG was recently targeted by a cyberattack that forced it to shut down IT systems, causing production to stop at its plants.  VARTA is a German manufacturer of batteries for the automotive, consumer, and industrial sectors, partially owned by Energizer Holdings.  VARTA's annual revenue exceeds $875 million.  The company announced that hackers targeted parts of its IT infrastructure on the night of February 12th, causing a severe disruption in five production units.

Through the exploitation of a 20-year-old design flaw dubbed KeyTrap in the DNSSEC specification, one packet can exhaust a vulnerable DNS server's processing capacity, effectively disabling the machine. According to the researchers who uncovered this flaw, associated with the German National Research Center for Applied Cybersecurity (ATHENE) in Darmstadt, DNS server software makers briefed on the vulnerability described it as the worst DNS attack ever discovered. The KeyTrap security flaw, tracked as CVE-2023-50387, has received a CVSS severity rating of 7.5 out of 10.

The National Security Agency (NSA) Research Directorate selected "Uninvited Guests: Analyzing the Identity and Behavior of Certificate Transparency Bots" as the 11th Annual Best Scientific Cybersecurity Paper Competition winner. The winning paper by Stony Brook University researchers looked into automated attacks on new webservers and how a web browser can trust an organization's publicly available cryptographic credentials.

Video messaging giant Zoom recently announced patches for seven vulnerabilities in its desktop and mobile applications, including a critical severity bug in Windows software.  The critical issue tracked as CVE-2024-24691 (CVSS score of 9.6) is described as an improper input validation that could allow an attacker with network access to escalate privileges.