A team of researchers demonstrated that under certain conditions, passive network attackers can recover secret RSA keys from naturally occurring errors resulting in failed SSH connection attempts. SSH is a cryptographic network protocol for secure communication used in remote system access, file transfers, and system administration tasks. RSA is a public-key cryptosystem used in SSH for user authentication, and it involves a private, secret key to decrypt communication encrypted with a public, shareable key.

Mingfang Jiang of the School of Computer Science at the Hunan First Normal University in Changsha, China, has introduced a new algorithm that can improve covert communication without compromising data integrity. The innovative algorithm called RDHEIAC (Reversible Data Hiding for Encrypted Images Algorithm with Adaptive Total Variation and Cross-Cyclic Shift) represents a significant advancement in information security and covert communication.

NASA is leading a project through the University of Miami's Frost Institute for Data Science and Computing (IDSC) that seeks to improve the security of satellite communication in space. The project aims to integrate nanosatellites with traditional large satellites as well as address the cybersecurity challenges associated with their communication networks. NASA approached Dr. Yelena Yesha, the Knight Foundation Endowed Chair and Director of IDSC AI and Machine Learning at the University of Miami, to address the critical issue of cybersecurity in satellite communication.

For nearly six months, an unknown threat actor has been publishing typosquat packages to the Python Package Index (PyPI) repository to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets. According to Checkmarx, the 27 packages, which posed as popular legitimate Python libraries, were downloaded thousands of times. Most downloads came from the US, China, France, Hong Kong, Germany, Russia, Ireland, Singapore, the UK, and Japan.

According to Ukrainian government cybersecurity researchers, Russian state hackers exploited a recently patched vulnerability in a popular Windows tool for archiving files to target European embassies and international organizations in espionage attacks. Ukraine's National Cyber Security Coordination Center says hackers from Russia's Foreign Intelligence Service, known as Cozy Bear or APT29, launched attacks against the embassies of several countries, including Azerbaijan, Greece, Romania, and Italy.

Fortinet is warning customers about a critical operating system command injection vulnerability, tracked as CVE-2023-36553 with a CVSS score of 9.3, in the FortiSIEM report server. A remote, unauthenticated attacker can use the flaw to execute commands by sending specially crafted Application Programming Interface (API) requests. FortiSIEM is Fortinet's Security Information and Event Management (SIEM) solution that collects, aggregates, and correlates log data from various sources within a network.

According to Google's Threat Analysis Group (TAG), four different campaigns are exploiting a vulnerability in the Zimbra Collaboration server, which the team discovered in June. Three of the campaigns emerged in the weeks following the bug's hotfix being posted to GitHub. The Cross-Site Scripting (XSS) bug first appeared in June, when the researchers observed a threat actor exploiting it in attacks targeting government organizations in Greece. This article continues to discuss the discovery of four separate campaigns exploiting a vulnerability in the Zimbra Collaboration server.

During a year-long breach, hackers gained access to the personal data of UK-based Samsung customers. In a letter to affected customers, Samsung revealed that attackers exploited a vulnerability in an unnamed third-party business application to access the personal information of customers who made purchases at a Samsung UK store between July 1, 2019, and June 30, 2020. In the letter, Samsung noted that the compromise was not discovered until November 13, 2023. According to Samsung, hackers may have accessed affected customers' names, phone numbers, postal addresses, and email addresses.

In response to the evolving cyber threat environment, the Cybersecurity and Infrastructure Security Agency (CISA) has announced a pilot program to provide cutting-edge cybersecurity shared services on a voluntary basis to critical infrastructure entities most in need of help. Cyberattacks have increased in both volume and impact in recent years, affecting the everyday operations of organizations across critical infrastructure sectors. For example, the ransomware attack on Colonial Pipeline's corporate network disrupted fuel supplies to gas stations along the East Coast.