"Ransomware Targets Unpatched WS_FTP Servers"

"Ransomware Targets Unpatched WS_FTP Servers"

According to security researchers at Sophos X-Ops' unpatched WS_FTP servers exposed to the internet have become prime targets for ransomware attacks, with threat actors exploiting a critical vulnerability.  The researchers noted that despite Progress Software releasing a patch for the WS_FTP Server vulnerability (tracked CVE-2023-40044) just last month, not all servers have been updated, leaving them vulnerable to exploitation.  The researchers saw an attempted ransomware attack by the self-proclaimed Reichsadler Cybercrime Group.

Submitted by Adam Ekwall on

"SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls"

"SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls"

SpyNote, an Android banking Trojan, has been examined to expose its diverse information-gathering capabilities. According to F-Secure, attack chains involving the spyware typically spread via SMS phishing campaigns and trick potential victims into installing the app by clicking on the embedded link. In addition to requesting invasive permissions to access call records, camera, SMS messages, and external storage, SpyNote hides its presence from the Android home screen and Recents screen in an effort to make detection difficult.

Submitted by Gregory Rigby on

"Brands Beware: X's New Badge System Is a Ripe Cyber-Target"

"Brands Beware: X's New Badge System Is a Ripe Cyber-Target"

Using X's (formerly known as Twitter) newly implemented verification system, fraudsters are impersonating brands and stealing personal information. The blue checkmark was designated for verified companies and influencers. However, following the acquisition of the microblogging giant and a period of declining users and revenue, Elon Musk changed the rules, allowing anyone to obtain one for a monthly fee. The site's new, lenient approach to authentication has made it easier for scammers to operate.

Submitted by Gregory Rigby on

"Spyware Caught Masquerading as Israeli Rocket Alert Applications"

"Spyware Caught Masquerading as Israeli Rocket Alert Applications"

In the wake of the Israel-Gaza conflict, researchers at Cloudflare have observed threat actors targeting Israeli rocket alerting applications to spread fear and mobile spyware.  The researchers noted that with thousands of rockets launched since Hamas attacked Israel on October 7, individuals in Israel rely on several mobile applications to receive timely alerts about incoming airstrikes and seek safety.  Pro-Palestinian hacktivist group AnonGhost claimed to have targeted various such applications, succeeding in compromising at least one.

Submitted by Adam Ekwall on

"Researchers Foil MitM Attack on Military Robots With Algorithm"

"Researchers Foil MitM Attack on Military Robots With Algorithm"

Researchers from the University of South Australia have been successful in preventing Man-in-the-Middle (MitM) attacks on autonomous military robots by teaching the robot to detect MitM attacks using an algorithm. They prevented the MitM attack on an autonomous US Army robot. The intrusion detection algorithm trained the robot to identify and thwart such an attack. The algorithm was effective in 99 percent of cases and the false positive rate was less than 2 percent.

Submitted by Gregory Rigby on

"EPA Withdraws Water Sector Cybersecurity Rules Due to Lawsuits"

"EPA Withdraws Water Sector Cybersecurity Rules Due to Lawsuits"

The US Environmental Protection Agency (EPA) recently withdrew cybersecurity rules for public water systems due to lawsuits filed by states and non-profit water associations.  The EPA announced in March that it would require states to report on cybersecurity threats in their public water system audits.  Soon after the new cybersecurity requirements were announced, the attorney generals of Missouri, Arkansas, and Iowa took legal action to challenge the EPA’s memo, arguing that meeting the new requirements would put a significant financial burden on small towns.

Submitted by Adam Ekwall on

"Europe Mulls Open-Sourcing TETRA Emergency Services' Encryption Algorithms"

"Europe Mulls Open-Sourcing TETRA Emergency Services' Encryption Algorithms"

The European Telecommunications Standards Institute (ETSI) is considering open-sourcing the proprietary encryption algorithms used to secure emergency radio communications in response to the public backlash caused by the discovery of security vulnerabilities this summer. Claire Boyer, a spokesperson for the European standards body, announced that the ETSI Technical Committee responsible for the Terrestrial Trunked Radio (TETRA) algorithms is discussing whether or not to make them public.

Submitted by Gregory Rigby on

"Researchers Test Large Language Model that Preserves Patient Privacy"

"Researchers Test Large Language Model that Preserves Patient Privacy"

According to a new study conducted by the National Institutes of Health Clinical Center (NIH CC), locally run Large Language Models (LLMs) may be a feasible option for extracting data from text-based radiology reports while protecting patient privacy. ChatGPT and GPT-4, two recently released LLM models, have garnered much attention but are incompatible with healthcare data due to privacy constraints. This article continues to discuss the research on locally run LLMs being a workable option for extracting data from text-based radiology reports while preserving patient privacy.

Submitted by Gregory Rigby on

"QR Code Phishing on the Rise"

"QR Code Phishing on the Rise"

AT&T warns of a new trend of malicious QR codes being embedded in phishing attempts. Some users recently received an email from Microsoft with an attached PDF file containing a QR code and an urgent message instructing users to enable multi-factor authentication (MFA). After scanning the QR code, users were redirected to a fake Microsoft sign-in page where they entered their username and password. Once entered, their legitimate login credentials were then stored and made available to the threat actor.

Submitted by Gregory Rigby on

"Fine-Tuning LLMs Compromises Their Safety, Study Finds"

"Fine-Tuning LLMs Compromises Their Safety, Study Finds"

A recent study by Princeton University, Virginia Tech, and IBM Research reveals that fine-tuning Large Language Models (LLMs) can weaken the safety measures designed to prevent the models from generating harmful content such as malware, illegal activity, and child abuse content. As LLMs continue to evolve, businesses are becoming increasingly interested in fine-tuning these models for custom applications. LLM providers offering features and easy-to-use tools for customizing models for specific applications fuel this trend.

Submitted by Gregory Rigby on
Subscribe to