A team of researchers at the University of Copenhagen is developing a language for discussing weaknesses in Machine Learning (ML) algorithms, which could lead to the creation of guidelines describing how algorithms should be tested. In the long run, this may lead to the development of better, more stable algorithms. One of the potential applications of this work could be testing algorithms for digital privacy protection. Some companies may claim to have made a secure solution for privacy protection.

SentinelLabs warns of FBot, a sophisticated Python-based malware that targets cloud and payment services. The FBot malware poses a significant threat, targeting web servers, cloud services, and Software-as-a-Service (SaaS) platforms, including Amazon Web Services (AWS), PayPal, and more. According to researchers, FBot has a smaller footprint than similar tools, suggesting private development and a more focused distribution strategy. The malware features an IP address generator, port scanner, email validator, and many other tools.

A new malware attack campaign exploits misconfigurations in Apache Hadoop and Flink, two technologies used for processing large data sets and data streams. The attackers exploit the misconfigurations without authentication to launch rootkits on the underlying systems and install a Monero cryptocurrency mining program. According to Aqua Security researchers, the threat actors use packers and rootkits to hide their malware. This article continues to discuss the use of misconfigured Apache Hadoop and Flink servers by attackers. 

The use and power of generative Artificial Intelligence (AI) technology to commit payment fraud has grown. Biometric-dependent voice-based payment method usage has increased, making generative AI a greater threat. Voice generation tools now require only a few seconds of a recorded voice sample from a target to produce a voice deepfake that will say whatever the fraudster wants. Since it is easy to impersonate a person of authority, as in the case of a bank conned out of $35 million, voice deepfakes pose major risks to manual reviews of high-value payments.

Popular athleisure clothing brand Halara recently announced that it is investigating a data breach after the alleged data of almost 950,000 customers was leaked on a hacking forum.  The Hong Kong company was founded in 2020 and quickly became very popular through the many videos promoting its clothing on TikTok.  A person named "Sanggiero" claimed to have breached Halara earlier this month and shared a text file containing stolen customer data on a hacking forum and a Telegram channel.

According to investigators from Resecurity's HUNTER (HUMINT), Indonesia is increasingly being targeted by cyber threat actors with attacks that pose significant long-term risks to the country's election integrity. These findings overlap with the approaching Indonesian presidential election in February 2024. This article continues to discuss the rise in the targeting of Indonesia by cyber threat actors.

Medusa ransomware threat actors have increased their activities following the February 2023 launch of a data leak site on the dark web to publish sensitive data of victims who refuse to give in to their demands. According to Palo Alto Networks' Unit 42, as part of their multi-extortion strategy, this group gives victims multiple options when their data is posted on their leak site, such as time extension, data deletion, and more. Medusa is a ransomware family that emerged in late 2022 before becoming well-known in 2023.

Anne Neuberger, the deputy national security advisor for cyber and emerging technologies, announced that the US has signed an agreement with the European Union on a joint roadmap for a consumer labeling program aimed at alerting consumers about the cybersecurity of Internet of Things (IoT) devices. A cyber trust mark should appear on the packaging of smart devices that meet specific security standards, similar to how the Energy Star label provides a seal of approval for energy-efficient electronics and appliances.

Laptop computer maker Framework has recently started notifying users that personal information was stolen in a data breach at its primary external accounting partner.  The California-based company said the incident occurred on Thursday, January 11, and was the result of a phishing attack targeting an employee at Keating Consulting.

Selections by dgoff

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer-reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers. Select the topic name to view the corresponding list of publications. Submissions and suggestions are welcome.