Socks5Systemz, a proxy botnet, has infected about 10,000 systems through the PrivateLoader and Amadey malware loaders. Infected computers become traffic-forwarding proxies for malicious, illegal, or anonymous traffic. It charges subscribers between $1 and $140 per day in cryptocurrency to access this service. Socks5Systemz is described in detail in a BitSight report, which states that the proxy botnet has been active since at least 2016, but has remained relatively unknown until recently. This article continues to discuss the Socks5Systemz proxy botnet.

SecuriDropper is a new Dropper-as-a-Service (DaaS) for Android capable of bypassing Google's new security restrictions and delivering malware. Dropper malware on Android is designed to act as a conduit for a payload to be installed on a compromised device, making it a profitable business model for threat actors who can advertise the capabilities to other cybercriminals. Furthermore, doing so allows adversaries to separate the development and execution of an attack from the malware installation.

According to a new report from researchers at Duke University's Sanford School of Public Policy, data brokers are selling large amounts of highly sensitive data on American military service members. The study delves into the data broker industry, which collects personal information on individual consumers before selling it to marketers. The industry has grown rapidly in recent years, prompting California to enact a law that lets consumers prevent data brokers from gathering and selling their information with the click of a button.

The recent Okta Support system breach occurred because of the compromise of a service account with access to view and update customer support cases. Okta Security discovered that an employee had signed in to their personal Google profile on their Okta-managed laptop's Chrome browser. According to David Bradbury, Chief Security Officer at Okta, the service account's username and password were saved into the employee's personal Google account. The compromise of the employee's personal Google account or device is what most likely exposed this credential.

Ashish Venkat, an assistant professor of computer science and cybersecurity expert at the University of Virginia (UVA), has received a CAREER Award from the National Science Foundation (NSF) to develop a hardware and software system that enables rapid and secure mitigation of cyberattacks, including zero-day events.

A scientist claims to have created a low-cost system for using quantum computing to crack RSA, the world's most commonly used public key algorithm. However, multiple cryptographers and security experts have expressed skepticism regarding the claim. The scientist making the claim is Ed Gerck, who, according to his LinkedIn profile, is a quantum computing developer at Planalto Research, a company he founded.

The UK National Cyber Security Centre (NCSC) has updated its guidance to help in the migration to Post-Quantum Cryptography (PQC). The updated guidance builds on the NCSC 2020 white paper titled "Preparing for Quantum-Safe Cryptography." It includes advice on algorithm choices and protocol considerations following the availability of draft standards from the US National Institute of Standards and Technology (NIST). The "Q-Day" point, when quantum computers can break existing cryptographic algorithms such as Public-Key Cryptography (PKC), is coming.

Microsoft has launched the Secure Future Initiative to improve the overall security of its products and users. According to Brad Smith, Vice Chair and President of Microsoft, the growing speed, scale, and sophistication of cyberattacks requires a new response. He emphasized that ransomware attempts have increased by 200 percent since September 2022. Nation-state actors' cyber operations have become more advanced, and the most resourced attackers are quickly innovating.

In recent weeks, Apple has alerted people in Armenia about their phones being targeted by state-sponsored hackers, with several cybersecurity experts pointing at the Pegasus spyware. The number of spyware infections in Armenia has been steadily increasing over the last two years, according to CyberHUB, an Armenian digital rights organization investigating the incidents. Many infections are linked to Azerbaijan's government, which has a history of conflict with Armenia, particularly over the disputed Nagorno-Karabakh region.

Umar Iqbal, an assistant professor of computer science and engineering at Washington University in St. Louis, and his collaborators want to provide visibility into what information smart speakers capture, how it is shared with other parties, and how such parties use it. Consumers need to understand these devices' privacy risks and the impact of data sharing on people's online experiences.